dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
22241
share rss forum feed


Fraser

@bethere.co.uk

Connect to VPN connection

I have a server with Windows Server 2008 installed and I'm trying to setup a VPN connection. When I try to connect to the server the following error message appears. Is there any free VPN programs available? or do I need to setup a VPN server on Windows Server 2008? There's only the 1 static IP address with the broadband.

"Error 800: The remote connection was not made because the attempted VPN tunnels failed. The VPN server might be unreachable. If this connection is attempting to use an L2TP/IPsec tunnel, the security parameters required for IPsec negotiation might not be configured properly.

After troubleshooting with Windows Network Diagnostics the problems found are "The remote device or resource won't accept the connection".



SoonerAl
Premium,MVM
join:2002-07-23
Norman, OK
kudos:5

Presuming you have the VPN server setup correctly. Test over your local LAN first by calling the private static LAN IP of your server from another client on the LAN...

»theillustratednetwork.mvps.org/V···est.html

For the PPTP VPN link you need to forward TCP Port 1723 on any router or firewall the VPN server is behind and ensure the router or firewall also passes GRE Protocol 47 traffic. The latter is sometimes called PPTP Pass Through or VPN Pass Through or is automatically enabled when TCP Port 1723 is opened. Note the Windows Fireall automatically passes GRE Protocol 47 traffic.

You can test this using the PPTP Ping and VPN Traffic sections of this Cable Guy article.

»technet.microsoft.com/en-us/libr···965.aspx

Additional possible help...

»www.howtonetworking.com/vpnissue···r800.htm
--
"When all else fails, read the instructions..."
MS-MVP Windows Desktop Experience



Fraser

@bethere.co.uk
reply to Fraser

Thanks for the reply. I've port forward the port 1723 to the server and setup the IP protocol 47 on the Windows Firewall. When using the PPTP Ping, connecting to port 1723 is successful although nothing happens after the "Listening on PROTOCOL 47 for incoming GRE packets". I've also enabled the Routing and Remote Access Service and selected a new username and password. After doing this the same error message appears when trying to login to the VPN connection.



SoonerAl
Premium,MVM
join:2002-07-23
Norman, OK
kudos:5

When you ran the test did you stop the Routing and Remote Access service?

quote:
1.On the VPN server computer:

If needed, stop the Routing and Remote Access service using the Routing and Remote Access or Services snap-ins. This step ensures that Pptpsrv.exe can use TCP port 1723 and IP protocol 47.

Generally you should not need to configure GRE Protocol 47 manually in the firewall.

Do you have any other anti-virus or anti-trojan software running on the server that may be blocking the incoming PPTP VPN traffic?

Is this a one NIC server behind a router or a two NIC server connected directly to the public internet?

When you run the test or try the actual connection is this from a remote site on the public internet or over your local LAN?
--
"When all else fails, read the instructions..."
MS-MVP Windows Desktop Experience


Fraser

@bethere.co.uk
reply to Fraser

I ran the test with the Routing and Remote Access service stopped. Both tests pass when using 192.168.1.67 with PPTP Ping. When I try this with the WAN IP Address only the first test passes. The server has one NIC and is behind a router. When I connect to the server using a computer on the network the error 800 happens and when I use a computer outside the network it's the error 649.



SoonerAl
Premium,MVM
join:2002-07-23
Norman, OK
kudos:5

If the test passes over your LAN but not from the remote site...

»theillustratednetwork.mvps.org/V···est.html

...then from that description it seems your router has issues passing GRE Protocol 47 traffic. You might look at updating the firmware or purchasing a router that is known to support PPTP VPN and specifically GRE Protocol 47 traffic.

What is the make and manufacturer of your router? With that information perhaps someone else may have suggestions.
--
"When all else fails, read the instructions..."
MS-MVP Windows Desktop Experience



Fraser

@bethere.co.uk
reply to Fraser

The router is a Thomson TG585 v7. I contacted my ISP and they said the router does not support GRE Protocol 47 traffic.



Fraser

@bethere.co.uk
reply to Fraser

I have another router. Does the Sky Netgear DG834GT support the GRE Protocol 47? Is there anything else you need to setup on the client computer. All I've done is connect to the VPN connection. Do you have to configure the firewall on both the client and server computers?