Unable to connect using VPN

F

Francis Tarcelo

My problem is establishing a VPN connection to my home computer from work. I
can Remote Desktop my home computer from work but I'm getting an "Error 628:
The connection was closed." when I try to establish a VPN connection. Is
there a specific outgoing port that needs to be open to establish a VPN
connection. I'm assuming that outgoing ports of our company's network is
open because I can RD my home computer from work.

My home computer is behind a netgear router and I have forwarded port 1723
to my home computer's IP address 192.168.0.4. I have setup my computer as a
VPN server (according to the instructions ...) and I have allocated the ip
addresses 192.168.0.201 - 192.168.0.205 for the incoming connections. Am I
still missing something?

My office computer is behind the corp. firewall and my ip address is as
follows:
IP address: 10.9.12.203
subnet : 255.255.0.0

I appreciate any help anybody can provide.

TIA,
Francis
 
S

Sooner Al [MVP]

For PPTP VPN, which I presume your trying to use, you also need to enable GRE Protocol 47 traffic
through the home router. Some manufacturers call that "PPTP Pass Through" or "VPN Pass Through" or
automagically (like the XP SP2 Windows Firewall) enable the traffic if TCP Port 1723 is open. Check
the router users manual or the manufacturers support web pages for help with that. You can also run
a test from your work PC to your home PC that may help you troubleshoot this problem. See the "VPN
Traffic" section of this page and the associated tools...

http://www.microsoft.com/technet/community/columns/cableguy/cg0105.mspx
http://www.microsoft.com/downloads/...76-9bb9-4126-9761-ba8011fabf38&displaylang=en

You might also consider using a SSH tunnel versus the PPTP VPN tunnel, if you can't get VPN to work.
You can tunnel both Remote Desktop, VNC (any flavor) or use a program like WinSCP to access files on
the home PC...

http://theillustratednetwork.mvps.org/RemoteDesktop/SSH-RDP-VNC/RemoteDesktopVNCandSSH.html

Since I wrote that page I am now using the Cygwin system and its port of OpenSSH along with a
private/public key pair with a very long random pass phrase versus authentication using a strong
password...

http://cygwin.com/

Good luck...

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...
 
F

Francis Tarcelo

Thanks for your quick response. I searched thru the router settings but there is no option to enable or forward GRE Protocol 47 anywhere. The Port Forwarding settings only has the TCP and UDP option for forwarding port. Can you help me further with this...

I did try the port query utility you suggested and the result says that port 1723 of my home computer is listening when I run the utility from my office computer.

Thanks so much,
--Francis--
 
S

Sooner Al [MVP]

You need to run the test detailed in the "VPN Traffic" section of the page I pointed you to. Running
the PortQry test is not going to tell you anything about GRE Protocol 47 traffic. Its not enough to
only have TCP Port 1723 open... I would contact Netgear, look at the Netgear support pages for your
router or read the users manual for help with the GRE Protocol 47 issue. If the router can not pass
GRE Protocol 47 traffic then your out of luck...

Another solution, if you can't get a VPN tunnel setup, is to use SSH. Run the OpenSSH for Windows
server on the home PC and connect with PuTTY then you can tunnel XP Pro Remote Desktop or VNC (any
flavor) through the tunnel to access/control desktops at home. All you need is TCP Port 22 open on
the home router. See this page for help with this...

http://theillustratednetwork.mvps.org/RemoteDesktop/SSH-RDP-VNC/RemoteDesktopVNCandSSH.html

You can use a program like WinSCP if you simply want to access files on the home PC through the SSH
tunnel...

http://winscp.net/eng/index.php

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...

Thanks for your quick response. I searched thru the router settings but there is no option to enable
or forward GRE Protocol 47 anywhere. The Port Forwarding settings only has the TCP and UDP option
for forwarding port. Can you help me further with this...

I did try the port query utility you suggested and the result says that port 1723 of my home
computer is listening when I run the utility from my office computer.

Thanks so much,
--Francis--
 
F

Francis Tarcelo

Thanks again for trying to help.

Do I need to setup the VPN server differently if I'm using SSH? Right now I
have it configured for PPTP according to the instructions I got for setting
up an XP Pro machine to be a VPN server.

Thanks,
--Francis--
 
S

Sooner Al [MVP]

Yes...

What exactly do you want to accomplish with either a VPN or SSH tunnel to your home PC? Ie. file
access or remote control or what?

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...
 
F

FrancisTarcelo

I need to access database files that is concurrently being used by my wife
who uses my home computer. I currently can run remote desktop from my office
computer to my home computer but doing this locks out my wife from using our
home computer. If I can establish a VPN connection, she can be using our
home computer and using the database files at the same time that I'm
connected from work and using the same database files.

I cannot just copy the database files over to my work computer cause she
might be doing updates to it and I need to be able to see the updates while
it's being done on our home computer. So VPN is the only way I can think of
to concurrently share data from different locations.

Thanks so much for taking the time to analyze my IT problems.

--Francis--
 
S

Sooner Al [MVP]

Well, if you can't get a VPN from your office to home can you get a VPN from your home to your
office? Of course you may have the same issue. Did you ever run the VPN Traffic test?

You might investigate purchasing a VPN end-point type router for the home end. Others will need to
speak to that since I don't have a VPN end-point router or use VPN...

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...
 
F

Francis Tarcelo

That's the weird thing, I can connect to our corporate network from home
using VPN connection. The problem is, I don't know how our VPN server is
configured cause this is done by the network and enterprise group. All I
know is that my VPN client at home is configured to connect to an ip address
which is really a VPN Cisco 3000 series router. This makes me really think
that my router is the problem.

I'll sniff around for info on that VPN end-point type router you're
suggesting, maybe that'll work for me. Thanks so much for taking the time on
this thread.

--Francis--
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top