VPN help!!!

F

Fraz

This is my first attempt at creating a VPN server and it isn't going well.

It's a small network. There are 10 users. We're using a Linksys router
with VPN Passthrough. I have a PC built up with Windows 2000 Server, 2
NICs, and RAS is installed. The Intranet addressing scheme is 192.168.1.x
with a subnet mask of 255.255.255.128. There are 3 servers (PDC, RAS,
Exchange) with static IPs. I have a DHCP server with a scope of
192.168.1.35 to 192.168.1.85 running on the PDC. I've enabled TCP port
traffic for ports 47 and 1723 on the router to forward to NIC2. I've tried
configuring the NICs a million different ways, with no success.

IPs for the RAS server NICs are as follows:

NIC1 192.168.1.3
SM 255.255.255.128
GW 192.168.1.1

NIC2 192.168.1.150
SM 255.255.255.128
GW 192.168.1.1

One thing that has really bothered me is when I click on General within IP
Routing in RAS, the Internal interface shows as disconnected or disabled.
All other interfaces are fine. Could this be the problem? If so, how do I
remedy the situation.

What am I doing wrong? Please HELP!!! Thanks for your assistance.
 
B

Bill Grant

The RRAS server will not work with two NICs in the same subnet. You only
need two NICs if your LAN is private and the "other" NIC in public or in a
DMZ.

Since you already have an Internet router which has an interface in the
private network, the RRAS server only needs one NIC. Forward TCP port 1723
from the router to this IP. You do not need TCP port 47, because it has
nothing to do with VPN. Your router must allow GRE, which is IP protocol 47
(hence the confusion with port 47). That' what the VPN passthrough is about.

The internal interface will become active when a remote user connects.
Have you tried making a VPN connection from a LAN client? It will work over
Ethernet, and this lets you check your client and server setup locally.
 
F

Fraz

First off, thanks for your help. I'll remove one NIC and just forward TCP
port 1723. I already have PPTP enabled in VPN Passthrough. Is that all I
need? Also, do I need to setup the DHCP Relay Agent? I've tried connecting
over the LAN and the WAN and the best result is verifying username and
password then it stalls out with error 721. What does this mean?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

cannot list all the PCs in a subnet with RAS 3
vpn for dummies 2
Internal computers can not access internet after enable packet filter on VPN server 2
VPN ip routing problem 1
VPN clients getting the same IP address as internal machines 3
New VPN Server setup and stopped at 'Verifying username and password' 3
Server 2008 RAS Only allowing clients to see local subnet 0
VPN RAS link speed slow and/or fluctuates 0

Top