VPN connection

[SteveC]

Hi, I've set up a my XP Pro box as a VPN server - its behind Linksys
router - I understand I need to forward the relevant ports from the ISP
dynamically assigned IP (I intend to register with no-ip.com, so that IP
address constantly changing isn't an issue) address of the router to the LAN
IP address of the VPN server. I believe the port numbers that need to be
forwarded are 1723 + 47 for PPTP, and for IPSEC 500, 50-51.
Can anyone confirm this configuration for me please?

Cheers, Steve.

 

[Sooner Al]

For PPTP VPN - TCP Port 1723 and *ENABLE* the "PPTP Pass Through" function (GRE Protocol 47), which
is usually on the "Filters" page for the router. Note I base my experience using a Linksys BEFSR41
router...

I don't currently do L2TP/IPSec, so be careful with my advice that follows...

The Resource Kit calls out UDP Port 500 and UDP Port 1701 for L2TP with IPSec VPN...

http://www.microsoft.com/technet/prodtechnol/winxppro/reskit/prcg_cnd_vora.asp
http://www.microsoft.com/technet/prodtechnol/winxppro/reskit/prcg_cnd_gngz.asp

The Linksys router usually also has an "IPSec Pass Through" option that should be enabled. I presume
this would enable IP Protocol 50 and IP Protocol 51 traffic through the router...

Also, look at this KB article for some important information...

http://support.microsoft.com/default.aspx?scid=kb;en-us;818043

 

[SteveC]

Thanks mate, that's a stroke of luck - I'm using the same router! I'll give
it a go later, actually I think it was you tha t pointed me in the direction
of www.no-ip.com - so thanks for that too!

Cheers, Steve.

 

[Steve]

Al, so in the filtered private port range TCP 1723 1723 ?
I dont have to put anything in forwarding.
As you have the same router, I would appreciate your config details,
obviously without actual ip addresses.

Cheers, Steve.

 

[Steve]

Thanks mate, you're a star!

No, go to the "Forwarding" page and configure there... Use a custom application name, ie. PPTP VPN
for example, an "Ext. Port" of 1723 to 1723, TCP as the protocol, the local LAN IP address (static
obviously) and check the "Enable" box... Also, make sure the "PPTP Pass Through" option is "enabled"
on the "Filters" page. Note that you should also *DISABLE* the SPI checkbox if present. Those
settings, by the way, are current as of the 1.42.7 firmware. I understand the SPI setting is no
longer available with newer firmware versions.

I no longer use the router so I am working from memory...which in my advanced age group is always
dangerous...

--
Al

Please post *ALL* questions and replies to the news group for the mutual
benefit of all of us...Unsolicited personal emails are *NOT* answered.

 

[SteveC]

Thanks, I'll research this over the weekend - I'll let you know how I get
on - as the router is straight out of the box - I suspect it could be the
firmware issue.

Cheers, Steve.

 

[SteveC]

Just a quickie, I upgraded the firmware - but I seemed to experience a
problem. Anyway, I reset the router - does it revert back to the previously
installed firmware version, or does it hang onto the update?

Cheers, Steve.