| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 106658 | 2010-01-18 00:37:00 | SBS2003 VPN | SolMiester (139) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 849537 | 2010-01-18 00:37:00 | Hi all, server 2003 VPN's are new to me, I have been using Telecom One Office\OfficeAnywhere, however the client software is unreliable and doesnt work on anything but XP, and doesnt support WPA2....So, I have a 2003 (not R2) SBS, with 2 NIC's, one has Xtra D-Link 502T and other is connected to the internal network. I have used the to do list VPN wizard, however it didnt bring up the IP assignment wizard, maybe because the telecom routers provide the DHCP for internal WAN clients. I have check dial-in access for select users and given them a static address for the tunnel for now. I have allowed PPTP & IPSECL2TP on the router to forward to the DC in order to create the tunnel however when connection i get no further than waiting for WAN mini port connecting........ Any ideas |
SolMiester (139) | ||
| 849538 | 2010-01-18 02:09:00 | In the Routing & Remote Access snapin, go to the properties of your server, and ensure Enable as a Remote Access Server is ticked on the General tab. On the Security tab, under Authentication Methods, I suggest only allowing MSCHAP v2 - unless you're using EAP. Under IP, ensure the adapter is set to Allow RAS to Select, and that Allow IP-based Remote Access is selected. However, it sounds like the router is not forwarding PPTP to the SBS server. You mentioned you've allowed PPTP & L2TP on the router, have you forwarded port 1723 (the default PPTP port)? I'm not that familiar with the 502T, but you may need to allow it through the Firewall as well as forward the port (may also be set up as a Virtual Server). |
inphinity (7274) | ||
| 849539 | 2010-01-18 02:15:00 | Never tried it either, ( its on the "to do list one day" ) did a bit of looking, and found This MS article (support.microsoft.com) -- LOADS of trouble shooting fixes nearer teh bottom, and also This article (articles.techrepublic.com.com) Looking at some WAN mini port connecting and going nowhere faults, there are several that have yellow exclamation points in the device manager -- Hows yours ? |
wainuitech (129) | ||
| 849540 | 2010-01-18 03:06:00 | Hi guys, ok, can confirm inphinity that all is as above, although I had ms chap for authentications also... As the telecom routers have dhcp, i have selected a small range at the end of the scope which well never be reached by the routers. NAT\Firewall has VPN gateway and L2TP services and ports enabled for localloop. 127.0.0.1 Still no go, I beleve the d-link may not be up fo it? |
SolMiester (139) | ||
| 849541 | 2010-01-18 03:12:00 | double post | SolMiester (139) | ||
| 849542 | 2010-01-18 03:16:00 | The DHCP service on the router should not be involved at all. The RRAS service on the SBS box should be assigning LAN addresses to remote clients. Is the Interface type of the WAN NIC set to Public Interface with both NAT & Firewall ticked? I still suspect the 502T isn't passing the traffic through, though. Not sure how similar it is, but I just had a play with a DSL-604T here, and to get it passing PPTP traffic I had to go to Advanced > Virtual Servers , and add PPTP (port 1723 UDP) pointing to the WAN NIC address of the SBS server. E.g. Router LAN: 192.168.10.100 SBS WAN: 192.168.10.10 SBS LAN: 192.168.11.10 Virtual Server / Port Forward directing port 1723UDP to 192.168.10.10 |
inphinity (7274) | ||
| 849543 | 2010-01-18 03:28:00 | The DHCP service on the router should not be involved at all. The RRAS service on the SBS box should be assigning LAN addresses to remote clients. YES, this is now correct - 11 address leases Is the Interface type of the WAN NIC set to Public Interface with both NAT & Firewall ticked? YES I still suspect the 502T isn't passing the traffic through, though. Not sure how similar it is, but I just had a play with a DSL-604T here, and to get it passing PPTP traffic I had to go to Advanced > Virtual Servers , and add PPTP (port 1723 UDP) pointing to the WAN NIC address of the SBS server. E.g. Router LAN: 192.168.10.100 SBS WAN: 192.168.10.10 SBS LAN: 192.168.11.10 Virtual Server / Port Forward directing port 1723UDP to 192.168.10.10 I suspect you are right too...(i did the virtual server port forwarding, however cant see specfic port forwarding).I am waiting to see if they still have a cisco router which they used for an old VPN, if so, will try and see if I can configure that and swap the damn d-link out! |
SolMiester (139) | ||
| 849544 | 2010-01-18 03:42:00 | Any chance of a screenshot of the Virtual Servers page on the 502T? But yeah, if you have a proper router available, thats a good bet. | inphinity (7274) | ||
| 849545 | 2010-01-18 03:58:00 | Okay, found a Cisco 827H......wicked!, now to work out how to configure it! | SolMiester (139) | ||
| 849546 | 2010-01-20 01:01:00 | How'd you get on? | inphinity (7274) | ||
| 1 2 | |||||