Windows 2003 VPN - Help Needed

N

Nickste

Expert Member
Joined
Aug 6, 2003
Messages
1,083
Reaction score
0
Location
Cape Town, South Africa
Hi there,
I am busy trying to setup vpn on Windows 2003 SBS. I have 2 NICs in the box, one on the 10.0.0.* range that is connected to my router (5102G Telkom one), and another 192.168.16.* which is the internal network.

I have installed VPN support on the box, and I can connect to the VPN fine, from another PC on the 10.0.0.* range. However, as soon as I try and access the VPN from outside the router, I can't get in. It replies to pings, but nmap says there is no host up.

I have setup the router to use a DMZ to the Windows 2003 SBS's IP address.

Is this a problem with Windows 2003 Firewall?

Cheers, Nick
 
Update

Ok, I think i've narrowed it down to the problem being at the router. I have since put in a Netgear DG834GT. I have tried setting up firewall rules, etc. and still no love.

Any ideas?

Cheers, Nick
 
I can suggest the following for an alternative while trying to figure out the Router and so on...:

--> Download Hamachi (www.hamachi.cc)

Its a very easy to use application and can be used to create a VPN. Its also very secure, and I am using it on some of the machines at my work, as it sort of "bypass" the router's setting. In fact, you don't even have to setup your router to use Hamachi

Try it...
 
after struggling with VPN's alot over the last year or so (they always worked, but was one helluva mission) I finally have a solution that works, is easy and transparent to the users.

I have a D-Link DI-804HV VPN router that sits between my ADSL modem and the internal network. I have the same router at our (smaller) joburg office and there is a permanent VPN connection between the two and then also a PPTP VPN server on the local (cape town) router for dial-in access.
 
Last edited:
Check if the Router supports VPN passthrough, and also make sure you use the SBS wizards to configure the VPN. Don't try doing it manually, SBS doesnt like that too much as there are added security settings that SBS uses in the wizzard which dont get applied if done manually. (found that out the hard way :P )
 
On the VPN client (workstation) what are you telling it to connect to (i.e the IP or DNS of 2003 Srv)?
 
Fixed it!
Huge props to an unnamed support dude, who helped a huge amount ;-)
The solution was to update the router firmware to allow for better port forwarding support.
Then, on the SBS I had to add a few services to the firewall. This included port 500 (UDP) and port 47. I also had a problem that the firewall didn't seem to "update" to these settings, but disabling, and then enabling the firewall fixed this.

My next job is to secure the box. Windows update is a good start, but does anyone know of anything else I should do?

Cheers, Nick
 
Last edited:
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X