- Community Home
- >
- Servers and Operating Systems
- >
- Legacy
- >
- Windows Server 2003
- >
- VPN setup. Weird results
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-29-2004 03:42 AM
тАО06-29-2004 03:42 AM
VPN setup. Weird results
I did this and all of the sudden the VPN works great. Inside my local network. VPN works wonderfully using the default setting for Windows 2000 Pro or Windows XP Pro.
I have tried forwarding the Linux firewall and got no results.
So I put the VPN Nic on the public Internet and ran the same configuration wizard. Again, I can only connect on my internal network.
I am a real newbie and am thoroughly confused.
I have remove active directory because this machine is not my primary domain controller.
Its obvious I should have paid some more attention during installation, but I noticed this:
The VPN setup has lines for Protocol 47, ports 500, 4500 and 1701 and 1723.
The checkbox says accept only traffic on these ports and none other. My support.microsoft.com document says this.
I have a few questions:
1) Are there changes to the VPN client I can make to get this beastie to accept connections.
2) Are there other server componenents besides DCHP(which works) that need to be configured. Perhaps I need the firewall with NAT.
3) Does anyone know what firewall ports need to be forwarded to make the VPN work sitting behind a firewall.
4) Has anyone seen this kind of behavior?
5) Is there maybe a special VPN client to connect to Windows Server 2003?
Complications: I will be out of the country the next two weeks. I am not sure I can connect to the box via Terminal services but I will try. I'm afraid I might mess up the box anyway.
I can try anything on the client side.
I might need a book. I'm heading to the store at lunch time.
Rules: Client solutions are acceptable for any platform. Server suggestions are welcome but they need to be Windows 2003 Server only. Getting this working on Windows 2000 Server was trivial.
Lots of point opportunities, but I'm not going to be generous for solutions that don't apply to this situation.
I am busily searching support.microsoft.com
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-29-2004 06:56 AM
тАО06-29-2004 06:56 AM
Re: VPN setup. Weird results
I already activated Windows 2003 Server. Can I start over with a cold install?
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-29-2004 07:55 AM
тАО06-29-2004 07:55 AM
Re: VPN setup. Weird results
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/networking/vpnexamp.mspx
Ganesh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-29-2004 07:56 AM
тАО06-29-2004 07:56 AM
Re: VPN setup. Weird results
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-29-2004 08:28 PM
тАО06-29-2004 08:28 PM
Re: VPN setup. Weird results
1) More probably on the VPN server side and/or firewall.
2) http://www.isaserver.org/img/upl/vpnkitbeta2/nat-t-packetfilters.htm
3) 500 is essential for VPN connections. Also some firewalls (especially the personal kind) may not support more than one connection via VPN. Look for "multi-VPN" capability of the firewall. Also see point 2.
4) Haven't tried it yet... :)
5) Activate Remote Desktop, and allow it in your firewall (port 3389)
Cheers,
Rune
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-30-2004 12:09 AM
тАО06-30-2004 12:09 AM
Re: VPN setup. Weird results
2) Not that I├в m aware of, and NAT is known to break some implementations of IPSEC
3) In general, you need port 500 (UDP), IP protocols 50 and 51. Some firewalls only accept IP Protocols 6 and 17 (TCP and UDP), so check this.
5) Windows is the only client Microsoft accepts for obvious reasons.
I have to disagree strongly with rune, though DO NOT ALLOW REMOTE DESKTOP THROUGH YOUR FIREWALl, this is essentally giving hackers a conso
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-30-2004 06:55 PM
тАО06-30-2004 06:55 PM
Re: VPN setup. Weird results
Yes - totally agree - my brain must've been "out to lunch". Use VPN first to the internal network then Remote Desktop to the server. Additionally allow only access to a limited account (meaning use RunAs when necessary).
Cheers,
Rune
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-01-2004 01:15 AM
тАО07-01-2004 01:15 AM
Re: VPN setup. Weird results
It is quite wierd honestly that it works just fine on the internal network and not at all on the firewall.
The meaning of this is obvious. The wizard that comes with Windows 2003 doesn't complete the setup.
I will try adding protocol 50 and 51 when I get home.
For a few reasons I'd like to totally redo the OS on the Windows 2003 server. Will I be able to activate the product again?
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-01-2004 01:19 AM
тАО07-01-2004 01:19 AM
Re: VPN setup. Weird results
Similar to what I printed, but I believe once I put all of this together and go through the document methodically I will have my answer.
What about the Routing and firewall configuration?
Also, I'd like to check the server logs after connection attempts.
Can someone give me the location and viewing instructions for the logging for the following components:
Firewall
VPN/Remote Access
Routing
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-01-2004 05:10 AM
тАО07-01-2004 05:10 AM
Re: VPN setup. Weird results
Founded this
http://www.tacteam.net/isaserverorg/vpnkit/configisavpn.htm
and
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/networking/vpndeplr.mspx
Regards
Bruno
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-27-2004 03:07 AM
тАО07-27-2004 03:07 AM
Re: VPN setup. Weird results
I've created a local certificate but when I try and connect through the firewall I get a message saying there is no valid certificate.
I found this doc:
http://support.microsoft.com/default.aspx?scid=kb;en-us;323342
Seems trivial to request a certificate for a machine sitting on the lan.
How do I deliver this certificate to a workstation sitting 100 miles away if the server isn't on the public Internet. This is a VPN after all.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-28-2004 02:32 AM
тАО07-28-2004 02:32 AM
Re: VPN setup. Weird results
This article, applying to 2000 Server scares me.
http://support.microsoft.com/default.aspx?scid=kb;en-us;247231
The fix suggested here does not work.
This scares me more because the router in this case is a Linux box.
http://support.microsoft.com/default.aspx?scid=kb;en-us;329858
I'm going to file a case on support.microsoft.com and perhaps open a incident with Microsoft
After a google search and some other ideas.
Help please, this is getting ridiculous.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-28-2004 02:45 AM
тАО07-28-2004 02:45 AM
Re: VPN setup. Weird results
I seem to have this symptom.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-30-2004 06:23 AM
тАО07-30-2004 06:23 AM
Re: VPN setup. Weird results
In the case of certain Linksys routers, Microsoft recommends a firmware update. Obviously this is not possible in a Linux ES 3.0 environment. I have done a direct connect to the Internet and locked down the server. It now works the way its supposed to work.
I will continue to test firewall passthrough and as soon as it works report back. There may be a hotfix to the software that works, but Microsoft isn't talking about that right now. I'll report these findings back as well.
Regards,
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com