VPN - PPTP Ports

G

Guest

I am running a Windows 2000 PPTP VPN, which is currently firewalled with a
Linksys BEFSX41 Firewall / Router. I have mapped port 1723 on the Router to
port 1723 on the server, everything works fine.

When I put a Netscreen 5GT firewall and creat policy allowing port 1723 to
pass through to the server and deny all other ports, the VPN does not work.

Are there any ports other than TCP Port 1723 and GRE (IP Protocol 47)
required to make the VPN Work. Can I deny all other ports except TCP Port
1723 and still make the VPN work?

Thanks,

dave b
 
P

Phillip Windell

dave b said:
I am running a Windows 2000 PPTP VPN, which is currently firewalled with a
Linksys BEFSX41 Firewall / Router. I have mapped port 1723 on the Router to
port 1723 on the server, everything works fine.

When I put a Netscreen 5GT firewall and creat policy allowing port 1723 to
pass through to the server and deny all other ports, the VPN does not work.

Are there any ports other than TCP Port 1723 and GRE (IP Protocol 47)
required to make the VPN Work. Can I deny all other ports except TCP Port
1723 and still make the VPN work?
Click to expand...

Sounds like you have everything right. But the Netscreen box may not handle
the GRE properly. GRE is not a "port" and is not handled the same as Port
1723. The feature used for GRE is most commonly called "VPN Pass-Through"
and not all SOHO Devices can do it.
 
R

Robert L [MS-MVP]

TCP Port 1723 and GRE (IP Protocol 47) are all you need. can you telnet port 1723?

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
I am running a Windows 2000 PPTP VPN, which is currently firewalled with a
Linksys BEFSX41 Firewall / Router. I have mapped port 1723 on the Router to
port 1723 on the server, everything works fine.

When I put a Netscreen 5GT firewall and creat policy allowing port 1723 to
pass through to the server and deny all other ports, the VPN does not work.

Are there any ports other than TCP Port 1723 and GRE (IP Protocol 47)
required to make the VPN Work. Can I deny all other ports except TCP Port
1723 and still make the VPN work?

Thanks,

dave b
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Ports opened in router show up as closed with external port scan 1
VPN ports 3
Hardware firewall and W2000 VPN 6
VPN pass-through Linksys Router 5
firewall and vpn 3
Changing VPN ports number 3
pptp error 721 (kb not helped) 10
change default PPTP TCP port 3

Top