VPN lost connection even after Persistent port forwarding ..

Archived from groups: microsoft.public.broadbandnet.hardware (More info?)

I have a MN-700 router and DSL service from SBC Yahoo
with a Dynamic IP, I use win XP.

I have updated the latest FW and SW from the MS web site
posted in July 2003.

My problems persist before and after the updates:

I enabled persistent port forwarding in the router for
the ports (500 and 2200-2300 ) my Nortel VPN client needs
over UDP.

When I try to connect, the VPN client is able to
authenticate and connect but then immediately (in less
than 30 seconds) times out while trying to get Banner
text (the message is, "Getting Banner Text from server").

Any tips on what might be wrong here?

I am able to connect only when I enable DMZ over a
particular host, however I feel I am compromising
security by enabling DMZ, more over I often have to
connect multiple clients and DMZ allows only one client
at a time to be on DMZ.
5 answers Last reply
More about lost connection persistent port forwarding
  1. Archived from groups: microsoft.public.broadbandnet.hardware (More info?)

    It appears like one of the ports needed is not open.

    Enable the DMZ again, run netstat -ano before and while
    running the VPN, and compare which ports are open.

    >-----Original Message-----
    >I have a MN-700 router and DSL service from SBC Yahoo
    >with a Dynamic IP, I use win XP.
    >
    >I have updated the latest FW and SW from the MS web site
    >posted in July 2003.
    >
    >My problems persist before and after the updates:
    >
    >I enabled persistent port forwarding in the router for
    >the ports (500 and 2200-2300 ) my Nortel VPN client needs
    >over UDP.
    >
    >When I try to connect, the VPN client is able to
    >authenticate and connect but then immediately (in less
    >than 30 seconds) times out while trying to get Banner
    >text (the message is, "Getting Banner Text from server").
    >
    >Any tips on what might be wrong here?
    >
    >I am able to connect only when I enable DMZ over a
    >particular host, however I feel I am compromising
    >security by enabling DMZ, more over I often have to
    >connect multiple clients and DMZ allows only one client
    >at a time to be on DMZ.
    >
    >.
    >
  2. Archived from groups: microsoft.public.broadbandnet.hardware (More info?)

    Is the computer on a wireless connection to the MN-700?

    If so what kind of wireless security are you using?

    UD wrote:
    > I have a MN-700 router and DSL service from SBC Yahoo
    > with a Dynamic IP, I use win XP.
    >
    > I have updated the latest FW and SW from the MS web site
    > posted in July 2003.
    >
    > My problems persist before and after the updates:
    >
    > I enabled persistent port forwarding in the router for
    > the ports (500 and 2200-2300 ) my Nortel VPN client needs
    > over UDP.
    >
    > When I try to connect, the VPN client is able to
    > authenticate and connect but then immediately (in less
    > than 30 seconds) times out while trying to get Banner
    > text (the message is, "Getting Banner Text from server").
    >
    > Any tips on what might be wrong here?
    >
    > I am able to connect only when I enable DMZ over a
    > particular host, however I feel I am compromising
    > security by enabling DMZ, more over I often have to
    > connect multiple clients and DMZ allows only one client
    > at a time to be on DMZ.
    >
  3. Archived from groups: microsoft.public.broadbandnet.hardware (More info?)

    I also forgot you can't connect more then one client behind the MN-700
    at the same time.

    joker wrote:

    > Is the computer on a wireless connection to the MN-700?
    >
    > If so what kind of wireless security are you using?
    >
    > UD wrote:
    >
    >> I have a MN-700 router and DSL service from SBC Yahoo with a Dynamic
    >> IP, I use win XP.
    >>
    >> I have updated the latest FW and SW from the MS web site posted in
    >> July 2003.
    >>
    >> My problems persist before and after the updates:
    >>
    >> I enabled persistent port forwarding in the router for the ports (500
    >> and 2200-2300 ) my Nortel VPN client needs over UDP.
    >> When I try to connect, the VPN client is able to authenticate and
    >> connect but then immediately (in less than 30 seconds) times out while
    >> trying to get Banner text (the message is, "Getting Banner Text from
    >> server").
    >> Any tips on what might be wrong here?
    >> I am able to connect only when I enable DMZ over a particular host,
    >> however I feel I am compromising security by enabling DMZ, more over I
    >> often have to connect multiple clients and DMZ allows only one client
    >> at a time to be on DMZ.
    >>
    >
  4. Archived from groups: microsoft.public.broadbandnet.hardware (More info?)

    Thanks Lilo, that worked!
    Also with the help of "netstat -ano" I was able to change
    from persistent to application triggered port forwarding.

    Answer to the question from "Joker", I use both WEP and
    MAC security on the wireless, however I am curious how
    will that impact VPN connections?

    UD
    >-----Original Message-----
    >It appears like one of the ports needed is not open.
    >
    >Enable the DMZ again, run netstat -ano before and while
    >running the VPN, and compare which ports are open.
    >
    >>-----Original Message-----
    >>I have a MN-700 router and DSL service from SBC Yahoo
    >>with a Dynamic IP, I use win XP.
    >>
    >>I have updated the latest FW and SW from the MS web
    site
    >>posted in July 2003.
    >>
    >>My problems persist before and after the updates:
    >>
    >>I enabled persistent port forwarding in the router for
    >>the ports (500 and 2200-2300 ) my Nortel VPN client
    needs
    >>over UDP.
    >>
    >>When I try to connect, the VPN client is able to
    >>authenticate and connect but then immediately (in less
    >>than 30 seconds) times out while trying to get Banner
    >>text (the message is, "Getting Banner Text from
    server").
    >>
    >>Any tips on what might be wrong here?
    >>
    >>I am able to connect only when I enable DMZ over a
    >>particular host, however I feel I am compromising
    >>security by enabling DMZ, more over I often have to
    >>connect multiple clients and DMZ allows only one client
    >>at a time to be on DMZ.
    >>
    >>.
    >>
    >.
    >
  5. Archived from groups: microsoft.public.broadbandnet.hardware (More info?)

    Because of problems with 802.1x authentication (which is enabled by
    default with SP1) and some VPN connections when using wireless. I take
    it that you are using a wired connection then. Because when using WEP
    the MN-700 is not a 802.1x authentication server & that causes problems
    for wireless VPN computers. (That is at least my understanding of VPN's
    & 802.1x authentication.) Thus if you were using WEP & wireless I'd
    recommend using WPA & enabling 802.1x authentication on the wireless
    computers. Since you are using WEP you will need to do the VPN on a
    wired connection. (Once again this is according to my understanding of
    the technologies involved.)

    UD wrote:
    > Thanks Lilo, that worked!
    > Also with the help of "netstat -ano" I was able to change
    > from persistent to application triggered port forwarding.
    >
    > Answer to the question from "Joker", I use both WEP and
    > MAC security on the wireless, however I am curious how
    > will that impact VPN connections?
    >
    > UD
    >
    >>-----Original Message-----
    >>It appears like one of the ports needed is not open.
    >>
    >>Enable the DMZ again, run netstat -ano before and while
    >>running the VPN, and compare which ports are open.
    >>
    >>
    >>>-----Original Message-----
    >>>I have a MN-700 router and DSL service from SBC Yahoo
    >>>with a Dynamic IP, I use win XP.
    >>>
    >>>I have updated the latest FW and SW from the MS web
    >
    > site
    >
    >>>posted in July 2003.
    >>>
    >>>My problems persist before and after the updates:
    >>>
    >>>I enabled persistent port forwarding in the router for
    >>>the ports (500 and 2200-2300 ) my Nortel VPN client
    >
    > needs
    >
    >>>over UDP.
    >>>
    >>>When I try to connect, the VPN client is able to
    >>>authenticate and connect but then immediately (in less
    >>>than 30 seconds) times out while trying to get Banner
    >>>text (the message is, "Getting Banner Text from
    >
    > server").
    >
    >>>Any tips on what might be wrong here?
    >>>
    >>>I am able to connect only when I enable DMZ over a
    >>>particular host, however I feel I am compromising
    >>>security by enabling DMZ, more over I often have to
    >>>connect multiple clients and DMZ allows only one client
    >>>at a time to be on DMZ.
    >>>
    >>>.
    >>>
    >>
    >>.
    >>
Ask a new question

Read More

Routers Port Forwarding Connection VPN Networking