XP Pro cannot accept VPN, Remote Desktop connections

[Camera1]

I am trying to configure VPN and Remote Desktop connections on my
network. These were working fine, until recently I had to swap out our
Win2K Server box for an XP Pro box. Our setup is this:

- We have a Linksys router, forwarding to an XP Pro server. Windows
firewall is turned off, but we are running Norton Internet Security.
Norton has been configured to accept connections from the router IP
address.
- Our network does not have a static IP address. Instead we use dynamic
IP forwarding. This is working - I can ping the URL and the correct WAN
IP address is returned.
- I configured Remote Desktop by going to My Computer > Properties >
Remote > Allow users to connect remotely to this computer
- I configured VPN by setting up an incoming VPN network connection
under Control Panel > Network Connections

From inside the network I am able to

- connect to the server via Remote Desktop
- telnet to ports 1433, 1723 and 3389

From outside the network I:

- cannot connect via Remote Desktop
- cannot connect via VPN
- CAN telnet to port 1433
- but cannot telnet to port 1723, 3389

When I do a "netstat -an" on the server I get:
Proto Local Address Foreign Address State
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1433 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1723 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5800 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5900 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1025 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1030 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1394 0.0.0.0:0 LISTENING
TCP 192.168.3.105:139 0.0.0.0:0 LISTENING
UDP 0.0.0.0:445 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:1026 *:*
UDP 0.0.0.0:1197 *:*
UDP 0.0.0.0:1198 *:*
UDP 0.0.0.0:1434 *:*
UDP 0.0.0.0:1701 *:*
UDP 0.0.0.0:4500 *:*
UDP 127.0.0.1:123 *:*
UDP 127.0.0.1:1031 *:*
UDP 127.0.0.1:1032 *:*
UDP 127.0.0.1:1900 *:*
UDP 192.168.3.105:123 *:*
UDP 192.168.3.105:137 *:*
UDP 192.168.3.105:138 *:*
UDP 192.168.3.105:1900 *:*

My Linksys router is forwarding the following ports to the new server:
1723, 500, 47, 50, 80, 3389, 21, 1433

Thinking that perhaps something pertaining to the old machine was
"cached" in the Linksys router, I restarted it, but that didn't help.

I don't understand why from outside the network I can telnet only to
port 1433, when the server says it's listening on 1723 & 3389. Any
suggestions are much appreciated.

 

[Sooner Al [MVP]]

For PPTP VPN you need both TCP Port 1723 forwarded through any
firewall/NAT/router *AND* enable GRE Protocol 47 traffic through the
firewall/NAT/router. Some manufacturers call the latter "PPTP Pass Through"
or "VPN Pass Through". Consult the documentation for help with that.

You can run the test detailed in the "VPN Traffic" section near the end of
this page to help pinpoint the problem area...

http://www.microsoft.com/technet/community/columns/cableguy/cg0105.mspx
http://www.microsoft.com/downloads/...76-9bb9-4126-9761-ba8011fabf38&displaylang=en

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual
benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...

 

[Jeffrey Randow (MVP)]

NIS must accept connections from the IP address of the computer you
are connecting from, not just the NAT device...