VPN over DSL

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Hi,
I am trying to connect to work. Work has a static IP, home is Dynamic.
From home I can connect to my partners' work using VPN. But cannot connect
to my work. My work is a peer - peer network. My partners is a SBS2003
domain. I have followed the instructions given on the following site
http://www.onecomputerguy.com/networking/xp_vpn_server.htm and
http://www.onecomputerguy.com/networking/xp_vpn.htm. and opened the ports
on the Dynalink RTA-220 DSL Router. I am not dialling a number to connect
as I use an always on DSL. It did work for a while (2 hours) in that I
could connect but I could not map any shares. So to avoid address conflicts
when trying to map a share I changed the Servers address to 192.168.1.130
from 1.2. I have set the server to issue addresses in the range
192.168.1.120 - 129. The router also acts as the DHCP server for our
internal network with addresses between 1.20 - 1.30. I also changed the
address on the router for port forwarding to 1.130 for all ports I
configured. The ports I have opened are 1723, User Defined (47), 500, 50
and 51 all using TCP, though 500 also has UDP open.

I have tried turning off the firewall altogether, changing the port
forwarding to 0.0.0.0 (I believe this a broadcast address). I have also
deleted and recreated the connections at both ends numerous times. The
router has also been reset to factory default and the ports reopened.

Both ends can successfully connect to my partners work and map drives there.
I assume this tells me that the requisite ports are open on the routers and
that my problem is at the server end.

Can anybody please help me?

TIA

--
Harry
 
B

Bob

Distinguished
Dec 31, 2007
3,414
0
20,780
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

On Mon, 19 Apr 2004 08:15:07 +1200, "John Harris"
<johnh@antispam.comptroub.co.nz> wrote:

>I have followed the instructions given on the following site
>http://www.onecomputerguy.com/networking/xp_vpn_server.htm and
>http://www.onecomputerguy.com/networking/xp_vpn.htm. and opened the ports
>on the Dynalink RTA-220 DSL Router.

There was an error on that website previously which has been fixed by
removal. The error is a common one - the confusion of protocol 47 with
port 47.

You need to do the following:

1) Forward Port 1723 to the VPN machine.

2) Provide PPTP Passthru, which passes Protocol 47 GRE packets.

Some routers use terminilogy like "PPTP Passthru" for Protocol 47
passthru.

Don't forget to configure firewalls accordingly. I have found most
firewalls are not very friendly with PPTP VPN. I recommend Kerio
Personal Firewall 4 - it self configured perfectly.

Set up a range of addresses for the VPN machines, say
192.168.1.100-200. Turn off DHCP in the 2 routers for that range,
although it is very unlikely a LAN machine would get that high. After
all, peer-peer networking is free only for 10 hosts.

The base address for that range will become the VPN IP address for the
VPN Server, even though it has a different LAN address. PPTP VPN
treats the VPN connection as if it were associated with a separate
adapter, so a separate IP address is assigned.

I prefer to set up the VPN such that the VPN Client requests a static
VPN IP, say 192.168.1.120. That way I can put an entry in the HOSTS
table and get instant name resolution. That makes it easy to access
shares, as follows.

1) For access to the VPN Server shares: Go to Start|Run and put
\\192.168.1.100 in the command textbox. Soon a window will spawn
displaying all the shares on the VPN Server, although your VPN Client
username may only be permissioned for one or more. Make a shortcut for
the Desktop, so that you have a quick way to access shares again
later. Or you can open each share for which you have permission and
make shortcuts out of their windows.

2) For access to the VPN Client shares (yes, you can have access both
ways), use \\192.168.1.120 and do the same thing as above. This is the
motive behind using a static VPN IP address.

In principle you can browse the entire LAN of the VPN Server if you
have permission on the various machines, but you cannot browse the VPN
Client LAN, only the VPN Client itself.

HTH




--

Map Of The Vast Right Wing Conspiracy:
http://www.freewebs.com/vrwc/

"You can all go to hell, and I will go to Texas."
--David Crockett
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Thanks for the reply Bob,
I had already found out about the Protocol 47 GRE issue from another site so
had configured this (sorry, forgot to write that down in my rambling). I
will follow up on the rest of your message tomorrow morning (currently
8:30pm here) and keep you posted. One other question I have, is a thing
called Internet Gateway supposed to appear in Network Connections? This
keeps popping up after any delete/reset of the Server. I assume this is
added in automatically by Windows but when I talked to a friend who is doing
the same thing at his work he said he doesn't have Internet Gateway.

--
Harry



"Bob" <spam@spam.com> wrote in message
news:4083e40f.10727134@news-server.houston.rr.com...
> On Mon, 19 Apr 2004 08:15:07 +1200, "John Harris"
> <johnh@antispam.comptroub.co.nz> wrote:
>
> >I have followed the instructions given on the following site
> >http://www.onecomputerguy.com/networking/xp_vpn_server.htm and
> >http://www.onecomputerguy.com/networking/xp_vpn.htm. and opened the
ports
> >on the Dynalink RTA-220 DSL Router.
>
> There was an error on that website previously which has been fixed by
> removal. The error is a common one - the confusion of protocol 47 with
> port 47.
>
> You need to do the following:
>
> 1) Forward Port 1723 to the VPN machine.
>
> 2) Provide PPTP Passthru, which passes Protocol 47 GRE packets.
>
> Some routers use terminilogy like "PPTP Passthru" for Protocol 47
> passthru.
>
> Don't forget to configure firewalls accordingly. I have found most
> firewalls are not very friendly with PPTP VPN. I recommend Kerio
> Personal Firewall 4 - it self configured perfectly.
>
> Set up a range of addresses for the VPN machines, say
> 192.168.1.100-200. Turn off DHCP in the 2 routers for that range,
> although it is very unlikely a LAN machine would get that high. After
> all, peer-peer networking is free only for 10 hosts.
>
> The base address for that range will become the VPN IP address for the
> VPN Server, even though it has a different LAN address. PPTP VPN
> treats the VPN connection as if it were associated with a separate
> adapter, so a separate IP address is assigned.
>
> I prefer to set up the VPN such that the VPN Client requests a static
> VPN IP, say 192.168.1.120. That way I can put an entry in the HOSTS
> table and get instant name resolution. That makes it easy to access
> shares, as follows.
>
> 1) For access to the VPN Server shares: Go to Start|Run and put
> \\192.168.1.100 in the command textbox. Soon a window will spawn
> displaying all the shares on the VPN Server, although your VPN Client
> username may only be permissioned for one or more. Make a shortcut for
> the Desktop, so that you have a quick way to access shares again
> later. Or you can open each share for which you have permission and
> make shortcuts out of their windows.
>
> 2) For access to the VPN Client shares (yes, you can have access both
> ways), use \\192.168.1.120 and do the same thing as above. This is the
> motive behind using a static VPN IP address.
>
> In principle you can browse the entire LAN of the VPN Server if you
> have permission on the various machines, but you cannot browse the VPN
> Client LAN, only the VPN Client itself.
>
> HTH
>
>
>
>
> --
>
> Map Of The Vast Right Wing Conspiracy:
> http://www.freewebs.com/vrwc/
>
> "You can all go to hell, and I will go to Texas."
> --David Crockett
>
 
B

Bob

Distinguished
Dec 31, 2007
3,414
0
20,780
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

On Tue, 20 Apr 2004 20:36:58 +1200, "John Harris"
<johnh@antispam.comptroub.co.nz> wrote:

>Thanks for the reply Bob,
>I had already found out about the Protocol 47 GRE issue from another site so
>had configured this (sorry, forgot to write that down in my rambling). I
>will follow up on the rest of your message tomorrow morning (currently
>8:30pm here) and keep you posted. One other question I have, is a thing
>called Internet Gateway supposed to appear in Network Connections? This
>keeps popping up after any delete/reset of the Server. I assume this is
>added in automatically by Windows but when I talked to a friend who is doing
>the same thing at his work he said he doesn't have Internet Gateway.

That sounds like Internet Connection Sharing. Why it is on is
anybody's guess. You have a router, so why would you be running ICS?


--

Map Of The Vast Right Wing Conspiracy:
http://www.freewebs.com/vrwc/

"You can all go to hell, and I will go to Texas."
--David Crockett
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

The Internet Gateway is automatically placed there if your router is
UPnP compliant... It is normal...

Jeffrey Randow (Windows Net. & Smart Display MVP)
jeffreyr-support@remotenetworktechnology.com

Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....

Remote Networking Technology Support Site -
http://www.remotenetworktechnology.com
Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone

On Tue, 20 Apr 2004 20:36:58 +1200, "John Harris"
<johnh@antispam.comptroub.co.nz> wrote:

>Thanks for the reply Bob,
>I had already found out about the Protocol 47 GRE issue from another site so
>had configured this (sorry, forgot to write that down in my rambling). I
>will follow up on the rest of your message tomorrow morning (currently
>8:30pm here) and keep you posted. One other question I have, is a thing
>called Internet Gateway supposed to appear in Network Connections? This
>keeps popping up after any delete/reset of the Server. I assume this is
>added in automatically by Windows but when I talked to a friend who is doing
>the same thing at his work he said he doesn't have Internet Gateway.
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Sorry to Bob for taking so long to get back to this but had some other
issues (work) that needed sorting yesterday. Thanks Jeffrey for your
comments also. Does Internet Gateway, or can it, interfere with the
operation of VPN? I have deleted the server and client and recreated both.
I am still having no luck making this work and am seriously starting to
consider VNC.

--
Harry



"Jeffrey Randow (MVP)" <jeffreyr-support@remotenetworktechnology.com> wrote
in message news:svnb80dvftk855b8uht6ffn8bfa06qjerh@4ax.com...
> The Internet Gateway is automatically placed there if your router is
> UPnP compliant... It is normal...
>
> Jeffrey Randow (Windows Net. & Smart Display MVP)
> jeffreyr-support@remotenetworktechnology.com
>
> Please post all responses to the newsgroups for the benefit
> of all USENET users. Messages sent via email may or may not
> be answered depending on time availability....
>
> Remote Networking Technology Support Site -
> http://www.remotenetworktechnology.com
> Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone
>
> On Tue, 20 Apr 2004 20:36:58 +1200, "John Harris"
> <johnh@antispam.comptroub.co.nz> wrote:
>
> >Thanks for the reply Bob,
> >I had already found out about the Protocol 47 GRE issue from another site
so
> >had configured this (sorry, forgot to write that down in my rambling). I
> >will follow up on the rest of your message tomorrow morning (currently
> >8:30pm here) and keep you posted. One other question I have, is a thing
> >called Internet Gateway supposed to appear in Network Connections? This
> >keeps popping up after any delete/reset of the Server. I assume this is
> >added in automatically by Windows but when I talked to a friend who is
doing
> >the same thing at his work he said he doesn't have Internet Gateway.
>
 
B

Bob

Distinguished
Dec 31, 2007
3,414
0
20,780
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

On Thu, 22 Apr 2004 10:29:06 +1200, "John Harris"
<johnh@antispam.comptroub.co.nz> wrote:

>Sorry to Bob for taking so long to get back to this but had some other
>issues (work) that needed sorting yesterday. Thanks Jeffrey for your
>comments also. Does Internet Gateway, or can it, interfere with the
>operation of VPN? I have deleted the server and client and recreated both.
>I am still having no luck making this work and am seriously starting to
>consider VNC.
It might be worth your while to hire someone to teach you how to do
this. Once you catch on, you will be ahead of things.


--

Map Of The Vast Right Wing Conspiracy:
http://www.freewebs.com/vrwc/

"You can all go to hell, and I will go to Texas."
--David Crockett
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Mine doesn't... Try disconnecting it to see if it makes a difference
(right click on it, select status, then hit the disconnect button).

However, lets diagnose your original problem a bit better.

A few questions:

1) What is the IP address space of the network you are trying to
connect to? Are you using the same address space (i.e., 192.168.1.x)
for your local network? If so, this is a big part of the problem
since routing will be problematic... Very problematic...

2) Are you changing any of the default options on the client side
when setting up your VPN adapter?

3) Explain how you setup your "server" side environment.


Jeffrey Randow (Windows Net. & Smart Display MVP)
jeffreyr-support@remotenetworktechnology.com

Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....

Remote Networking Technology Support Site -
http://www.remotenetworktechnology.com
Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone
On Thu, 22 Apr 2004 10:29:06 +1200, "John Harris"
<johnh@antispam.comptroub.co.nz> wrote:

>Sorry to Bob for taking so long to get back to this but had some other
>issues (work) that needed sorting yesterday. Thanks Jeffrey for your
>comments also. Does Internet Gateway, or can it, interfere with the
>operation of VPN? I have deleted the server and client and recreated both.
>I am still having no luck making this work and am seriously starting to
>consider VNC.
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom