VPN over DSL

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Hi,
I am trying to connect to work. Work has a static IP, home is Dynamic.
From home I can connect to my partners' work using VPN. But cannot connect
to my work. My work is a peer - peer network. My partners is a SBS2003
domain. I have followed the instructions given on the following site
http://www.onecomputerguy.com/networking/xp_vpn_server.htm and
http://www.onecomputerguy.com/networking/xp_vpn.htm. and opened the ports
on the Dynalink RTA-220 DSL Router. I am not dialling a number to connect
as I use an always on DSL. It did work for a while (2 hours) in that I
could connect but I could not map any shares. So to avoid address conflicts
when trying to map a share I changed the Servers address to 192.168.1.130
from 1.2. I have set the server to issue addresses in the range
192.168.1.120 - 129. The router also acts as the DHCP server for our
internal network with addresses between 1.20 - 1.30. I also changed the
address on the router for port forwarding to 1.130 for all ports I
configured. The ports I have opened are 1723, User Defined (47), 500, 50
and 51 all using TCP, though 500 also has UDP open.

I have tried turning off the firewall altogether, changing the port
forwarding to 0.0.0.0 (I believe this a broadcast address). I have also
deleted and recreated the connections at both ends numerous times. The
router has also been reset to factory default and the ports reopened.

Both ends can successfully connect to my partners work and map drives there.
I assume this tells me that the requisite ports are open on the routers and
that my problem is at the server end.

Can anybody please help me?

TIA

--
Harry
7 answers Last reply
More about tomshardware
  1. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    On Mon, 19 Apr 2004 08:15:07 +1200, "John Harris"
    <johnh@antispam.comptroub.co.nz> wrote:

    >I have followed the instructions given on the following site
    >http://www.onecomputerguy.com/networking/xp_vpn_server.htm and
    >http://www.onecomputerguy.com/networking/xp_vpn.htm. and opened the ports
    >on the Dynalink RTA-220 DSL Router.

    There was an error on that website previously which has been fixed by
    removal. The error is a common one - the confusion of protocol 47 with
    port 47.

    You need to do the following:

    1) Forward Port 1723 to the VPN machine.

    2) Provide PPTP Passthru, which passes Protocol 47 GRE packets.

    Some routers use terminilogy like "PPTP Passthru" for Protocol 47
    passthru.

    Don't forget to configure firewalls accordingly. I have found most
    firewalls are not very friendly with PPTP VPN. I recommend Kerio
    Personal Firewall 4 - it self configured perfectly.

    Set up a range of addresses for the VPN machines, say
    192.168.1.100-200. Turn off DHCP in the 2 routers for that range,
    although it is very unlikely a LAN machine would get that high. After
    all, peer-peer networking is free only for 10 hosts.

    The base address for that range will become the VPN IP address for the
    VPN Server, even though it has a different LAN address. PPTP VPN
    treats the VPN connection as if it were associated with a separate
    adapter, so a separate IP address is assigned.

    I prefer to set up the VPN such that the VPN Client requests a static
    VPN IP, say 192.168.1.120. That way I can put an entry in the HOSTS
    table and get instant name resolution. That makes it easy to access
    shares, as follows.

    1) For access to the VPN Server shares: Go to Start|Run and put
    \\192.168.1.100 in the command textbox. Soon a window will spawn
    displaying all the shares on the VPN Server, although your VPN Client
    username may only be permissioned for one or more. Make a shortcut for
    the Desktop, so that you have a quick way to access shares again
    later. Or you can open each share for which you have permission and
    make shortcuts out of their windows.

    2) For access to the VPN Client shares (yes, you can have access both
    ways), use \\192.168.1.120 and do the same thing as above. This is the
    motive behind using a static VPN IP address.

    In principle you can browse the entire LAN of the VPN Server if you
    have permission on the various machines, but you cannot browse the VPN
    Client LAN, only the VPN Client itself.

    HTH


    --

    Map Of The Vast Right Wing Conspiracy:
    http://www.freewebs.com/vrwc/

    "You can all go to hell, and I will go to Texas."
    --David Crockett
  2. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    Thanks for the reply Bob,
    I had already found out about the Protocol 47 GRE issue from another site so
    had configured this (sorry, forgot to write that down in my rambling). I
    will follow up on the rest of your message tomorrow morning (currently
    8:30pm here) and keep you posted. One other question I have, is a thing
    called Internet Gateway supposed to appear in Network Connections? This
    keeps popping up after any delete/reset of the Server. I assume this is
    added in automatically by Windows but when I talked to a friend who is doing
    the same thing at his work he said he doesn't have Internet Gateway.

    --
    Harry


    "Bob" <spam@spam.com> wrote in message
    news:4083e40f.10727134@news-server.houston.rr.com...
    > On Mon, 19 Apr 2004 08:15:07 +1200, "John Harris"
    > <johnh@antispam.comptroub.co.nz> wrote:
    >
    > >I have followed the instructions given on the following site
    > >http://www.onecomputerguy.com/networking/xp_vpn_server.htm and
    > >http://www.onecomputerguy.com/networking/xp_vpn.htm. and opened the
    ports
    > >on the Dynalink RTA-220 DSL Router.
    >
    > There was an error on that website previously which has been fixed by
    > removal. The error is a common one - the confusion of protocol 47 with
    > port 47.
    >
    > You need to do the following:
    >
    > 1) Forward Port 1723 to the VPN machine.
    >
    > 2) Provide PPTP Passthru, which passes Protocol 47 GRE packets.
    >
    > Some routers use terminilogy like "PPTP Passthru" for Protocol 47
    > passthru.
    >
    > Don't forget to configure firewalls accordingly. I have found most
    > firewalls are not very friendly with PPTP VPN. I recommend Kerio
    > Personal Firewall 4 - it self configured perfectly.
    >
    > Set up a range of addresses for the VPN machines, say
    > 192.168.1.100-200. Turn off DHCP in the 2 routers for that range,
    > although it is very unlikely a LAN machine would get that high. After
    > all, peer-peer networking is free only for 10 hosts.
    >
    > The base address for that range will become the VPN IP address for the
    > VPN Server, even though it has a different LAN address. PPTP VPN
    > treats the VPN connection as if it were associated with a separate
    > adapter, so a separate IP address is assigned.
    >
    > I prefer to set up the VPN such that the VPN Client requests a static
    > VPN IP, say 192.168.1.120. That way I can put an entry in the HOSTS
    > table and get instant name resolution. That makes it easy to access
    > shares, as follows.
    >
    > 1) For access to the VPN Server shares: Go to Start|Run and put
    > \\192.168.1.100 in the command textbox. Soon a window will spawn
    > displaying all the shares on the VPN Server, although your VPN Client
    > username may only be permissioned for one or more. Make a shortcut for
    > the Desktop, so that you have a quick way to access shares again
    > later. Or you can open each share for which you have permission and
    > make shortcuts out of their windows.
    >
    > 2) For access to the VPN Client shares (yes, you can have access both
    > ways), use \\192.168.1.120 and do the same thing as above. This is the
    > motive behind using a static VPN IP address.
    >
    > In principle you can browse the entire LAN of the VPN Server if you
    > have permission on the various machines, but you cannot browse the VPN
    > Client LAN, only the VPN Client itself.
    >
    > HTH
    >
    >
    >
    >
    > --
    >
    > Map Of The Vast Right Wing Conspiracy:
    > http://www.freewebs.com/vrwc/
    >
    > "You can all go to hell, and I will go to Texas."
    > --David Crockett
    >
  3. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    On Tue, 20 Apr 2004 20:36:58 +1200, "John Harris"
    <johnh@antispam.comptroub.co.nz> wrote:

    >Thanks for the reply Bob,
    >I had already found out about the Protocol 47 GRE issue from another site so
    >had configured this (sorry, forgot to write that down in my rambling). I
    >will follow up on the rest of your message tomorrow morning (currently
    >8:30pm here) and keep you posted. One other question I have, is a thing
    >called Internet Gateway supposed to appear in Network Connections? This
    >keeps popping up after any delete/reset of the Server. I assume this is
    >added in automatically by Windows but when I talked to a friend who is doing
    >the same thing at his work he said he doesn't have Internet Gateway.

    That sounds like Internet Connection Sharing. Why it is on is
    anybody's guess. You have a router, so why would you be running ICS?


    --

    Map Of The Vast Right Wing Conspiracy:
    http://www.freewebs.com/vrwc/

    "You can all go to hell, and I will go to Texas."
    --David Crockett
  4. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    The Internet Gateway is automatically placed there if your router is
    UPnP compliant... It is normal...

    Jeffrey Randow (Windows Net. & Smart Display MVP)
    jeffreyr-support@remotenetworktechnology.com

    Please post all responses to the newsgroups for the benefit
    of all USENET users. Messages sent via email may or may not
    be answered depending on time availability....

    Remote Networking Technology Support Site -
    http://www.remotenetworktechnology.com
    Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone

    On Tue, 20 Apr 2004 20:36:58 +1200, "John Harris"
    <johnh@antispam.comptroub.co.nz> wrote:

    >Thanks for the reply Bob,
    >I had already found out about the Protocol 47 GRE issue from another site so
    >had configured this (sorry, forgot to write that down in my rambling). I
    >will follow up on the rest of your message tomorrow morning (currently
    >8:30pm here) and keep you posted. One other question I have, is a thing
    >called Internet Gateway supposed to appear in Network Connections? This
    >keeps popping up after any delete/reset of the Server. I assume this is
    >added in automatically by Windows but when I talked to a friend who is doing
    >the same thing at his work he said he doesn't have Internet Gateway.
  5. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    Sorry to Bob for taking so long to get back to this but had some other
    issues (work) that needed sorting yesterday. Thanks Jeffrey for your
    comments also. Does Internet Gateway, or can it, interfere with the
    operation of VPN? I have deleted the server and client and recreated both.
    I am still having no luck making this work and am seriously starting to
    consider VNC.

    --
    Harry


    "Jeffrey Randow (MVP)" <jeffreyr-support@remotenetworktechnology.com> wrote
    in message news:svnb80dvftk855b8uht6ffn8bfa06qjerh@4ax.com...
    > The Internet Gateway is automatically placed there if your router is
    > UPnP compliant... It is normal...
    >
    > Jeffrey Randow (Windows Net. & Smart Display MVP)
    > jeffreyr-support@remotenetworktechnology.com
    >
    > Please post all responses to the newsgroups for the benefit
    > of all USENET users. Messages sent via email may or may not
    > be answered depending on time availability....
    >
    > Remote Networking Technology Support Site -
    > http://www.remotenetworktechnology.com
    > Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone
    >
    > On Tue, 20 Apr 2004 20:36:58 +1200, "John Harris"
    > <johnh@antispam.comptroub.co.nz> wrote:
    >
    > >Thanks for the reply Bob,
    > >I had already found out about the Protocol 47 GRE issue from another site
    so
    > >had configured this (sorry, forgot to write that down in my rambling). I
    > >will follow up on the rest of your message tomorrow morning (currently
    > >8:30pm here) and keep you posted. One other question I have, is a thing
    > >called Internet Gateway supposed to appear in Network Connections? This
    > >keeps popping up after any delete/reset of the Server. I assume this is
    > >added in automatically by Windows but when I talked to a friend who is
    doing
    > >the same thing at his work he said he doesn't have Internet Gateway.
    >
  6. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    On Thu, 22 Apr 2004 10:29:06 +1200, "John Harris"
    <johnh@antispam.comptroub.co.nz> wrote:

    >Sorry to Bob for taking so long to get back to this but had some other
    >issues (work) that needed sorting yesterday. Thanks Jeffrey for your
    >comments also. Does Internet Gateway, or can it, interfere with the
    >operation of VPN? I have deleted the server and client and recreated both.
    >I am still having no luck making this work and am seriously starting to
    >consider VNC.
    It might be worth your while to hire someone to teach you how to do
    this. Once you catch on, you will be ahead of things.


    --

    Map Of The Vast Right Wing Conspiracy:
    http://www.freewebs.com/vrwc/

    "You can all go to hell, and I will go to Texas."
    --David Crockett
  7. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    Mine doesn't... Try disconnecting it to see if it makes a difference
    (right click on it, select status, then hit the disconnect button).

    However, lets diagnose your original problem a bit better.

    A few questions:

    1) What is the IP address space of the network you are trying to
    connect to? Are you using the same address space (i.e., 192.168.1.x)
    for your local network? If so, this is a big part of the problem
    since routing will be problematic... Very problematic...

    2) Are you changing any of the default options on the client side
    when setting up your VPN adapter?

    3) Explain how you setup your "server" side environment.


    Jeffrey Randow (Windows Net. & Smart Display MVP)
    jeffreyr-support@remotenetworktechnology.com

    Please post all responses to the newsgroups for the benefit
    of all USENET users. Messages sent via email may or may not
    be answered depending on time availability....

    Remote Networking Technology Support Site -
    http://www.remotenetworktechnology.com
    Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone
    On Thu, 22 Apr 2004 10:29:06 +1200, "John Harris"
    <johnh@antispam.comptroub.co.nz> wrote:

    >Sorry to Bob for taking so long to get back to this but had some other
    >issues (work) that needed sorting yesterday. Thanks Jeffrey for your
    >comments also. Does Internet Gateway, or can it, interfere with the
    >operation of VPN? I have deleted the server and client and recreated both.
    >I am still having no luck making this work and am seriously starting to
    >consider VNC.
Ask a new question

Read More

Connection DSL Windows XP