dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
2846
share rss forum feed


FlameN

@inholland.nl

How to forward gre - VPN server behind windows server 2003

Hi everyone,

I'm new here and I need some help setting up a vpn server.

Basically I need a way to forward gre packets from an external network to the internal network using Windows Server 2003.

In more detail I have this scenario:
(vpn client).16.2-external-.16.1(win server 2003).1.1-internal-.1.2(vpn server)

The idea is for the vpn client to connect to the server through the windows server using the external ip(192.168.16.1) of the server.
I have forwarded tcp port 1723 and that part works okay. But I need a way to forward the gre packets to the vpn server.

Does any know some way or software that can do this in windows server 2003?
Any help is appreciated.



eibgrad

join:2010-03-15

GRE is not a port. It’s not something you can forward. It's a TCP protocol (specifically, #47) and it either is or isn't implemented by your router. And if the router supports VPN pass-through, it probably does.



FlameN

@inholland.nl

I understand it's not a port. But currently windows server 2003 is acting as a router and it forwards the TCP port 1723 packets to the VPN server but the GRE packets do not reach the VPN server.


bdnhsv

join:2012-01-20
Huntsville, AL

Let's back up and make sure we all know which type of tunnel you're wanting to create. PPTP, L2TP, IPsec, OpenVPN, etc.



FlameN

@chello.nl

Ya, I forgot to mention. I'm using PPTP.


bdnhsv

join:2012-01-20
Huntsville, AL

OK - what's between 16.1 and 1.1 ? What are the ISP's on each side and what types of services are they, modems involved, routers, etc. ?



FlameN

@chello.nl

16.1 and 1.1 are both on a Windows server 2003 machine and there are no ISPs. I'm testing in LAN environment. the Windows server 2003 is running a proxy to regulate the internal traffic and also has a mapped link for the TCP port 1723 to the VPN server.


bdnhsv

join:2012-01-20
Huntsville, AL

Doesn't win2k3 have a built in firewall? Try turning it off and see if your GRE traffic makes it to the other side.



FlameN

@chello.nl

Firewall is off with no filters. I'm 99% sure. Gonna check tomorrow morning.


bdnhsv

join:2012-01-20
Huntsville, AL

If that doesn't work - have you tried connecting your vpn client directly to the vpn server for a sanity check?



FlameN

@inholland.nl

Just tested it. VPN functions normaly when connecting from External client to Windows Server and Windows server to Internal VPN server. all firewalls are off.



FlameN

@inholland.nl
reply to bdnhsv

A bit of an update. The packets not getting to the Internal VPN server are displayed in wireshark as protocol: "ppp lcp" with info: configuration request


HELLFIRE
Premium
join:2009-11-25
kudos:18
reply to FlameN

said by eibgrad:

It's a TCP protocol

Me being nitpicky, but it's actually IP protocol #47....

FlameN can you do a better diagram of what your setup is, I'm having a very hard time visualizing it.

Regards

FlameN

join:2012-06-28
reply to FlameN

I have 3 windows PCs with 2 different networks: internal and external. the Middle PC that connects to both networks and runs on windows server 2003 while the other 2 PCs each have 1 NIC and run win XP. It also use Proxy Plus to forward tcp traffic from the external interface to the VPN server on the internal network.


HELLFIRE
Premium
join:2009-11-25
kudos:18
reply to FlameN

Can you actually DRAW this out FlameN, including all physical and logical connectivity? Even in MSPaint if you have to.

Regards