|
FlameN
Anon
2012-Jun-26 8:12 am
How to forward gre - VPN server behind windows server 2003Hi everyone,
I'm new here and I need some help setting up a vpn server.
Basically I need a way to forward gre packets from an external network to the internal network using Windows Server 2003.
In more detail I have this scenario: (vpn client).16.2-external-.16.1(win server 2003).1.1-internal-.1.2(vpn server)
The idea is for the vpn client to connect to the server through the windows server using the external ip(192.168.16.1) of the server. I have forwarded tcp port 1723 and that part works okay. But I need a way to forward the gre packets to the vpn server.
Does any know some way or software that can do this in windows server 2003? Any help is appreciated. |
|
|
eibgrad
Member
2012-Jun-26 10:25 am
GRE is not a port. Its not something you can forward. It's a TCP protocol (specifically, #47) and it either is or isn't implemented by your router. And if the router supports VPN pass-through, it probably does. |
|
|
FlameN
Anon
2012-Jun-26 10:28 am
I understand it's not a port. But currently windows server 2003 is acting as a router and it forwards the TCP port 1723 packets to the VPN server but the GRE packets do not reach the VPN server. |
|
bdnhsv join:2012-01-20 Huntsville, AL |
bdnhsv
Member
2012-Jun-26 2:24 pm
Let's back up and make sure we all know which type of tunnel you're wanting to create. PPTP, L2TP, IPsec, OpenVPN, etc. |
|
|
FlameN
Anon
2012-Jun-26 4:01 pm
Ya, I forgot to mention. I'm using PPTP. |
|
bdnhsv join:2012-01-20 Huntsville, AL |
bdnhsv
Member
2012-Jun-26 5:24 pm
OK - what's between 16.1 and 1.1 ? What are the ISP's on each side and what types of services are they, modems involved, routers, etc. ? |
|
|
|
FlameN
Anon
2012-Jun-27 8:52 am
16.1 and 1.1 are both on a Windows server 2003 machine and there are no ISPs. I'm testing in LAN environment. the Windows server 2003 is running a proxy to regulate the internal traffic and also has a mapped link for the TCP port 1723 to the VPN server. |
|
bdnhsv join:2012-01-20 Huntsville, AL |
bdnhsv
Member
2012-Jun-27 9:32 am
Doesn't win2k3 have a built in firewall? Try turning it off and see if your GRE traffic makes it to the other side. |
|
|
FlameN
Anon
2012-Jun-27 1:15 pm
Firewall is off with no filters. I'm 99% sure. Gonna check tomorrow morning. |
|
bdnhsv join:2012-01-20 Huntsville, AL |
bdnhsv
Member
2012-Jun-27 2:38 pm
If that doesn't work - have you tried connecting your vpn client directly to the vpn server for a sanity check? |
|
|
FlameN
Anon
2012-Jun-28 7:30 am
Just tested it. VPN functions normaly when connecting from External client to Windows Server and Windows server to Internal VPN server. all firewalls are off. |
|
FlameN |
FlameN to bdnhsv
Anon
2012-Jun-28 7:30 am
to bdnhsv
A bit of an update. The packets not getting to the Internal VPN server are displayed in wireshark as protocol: "ppp lcp" with info: configuration request |
|
|
to FlameN
said by eibgrad:It's a TCP protocol Me being nitpicky, but it's actually IP protocol #47.... FlameN can you do a better diagram of what your setup is, I'm having a very hard time visualizing it. Regards |
|
|
to FlameN
I have 3 windows PCs with 2 different networks: internal and external. the Middle PC that connects to both networks and runs on windows server 2003 while the other 2 PCs each have 1 NIC and run win XP. It also use Proxy Plus to forward tcp traffic from the external interface to the VPN server on the internal network. |
|
|
to FlameN
Can you actually DRAW this out FlameN, including all physical and logical connectivity? Even in MSPaint if you have to.
Regards |
|