Archived from groups: microsoft.public.windowsxp.work_remotely (
More info?)
Hi Jack,
Sorry I didn't get back to you sooner but I've been a bit tied up with home
stuff and haven't been able to get back to this for a couple of days.
I've just had a look at what Robin posted last and am trying a couple of
things including trying to make sense of the link he sent about L2TP/IPsec.
I'll be back, as he said in the movie....
John
"jackjenkins" wrote:
> John,
>
> It can't see my 47 either, but both sides can see 1723.
> I have both boxes configured with dynamic dns client. The dns is provided
> free by no-ip.com. So when I try to connect to the box, I don't type in an
> ip address I type in name.no-ip.com. Also I use that name when 'making a
> connection'. Since you have a pixed ip on one end yours is a little
> different. Email me and I'll give you the address of my test box I have
> setup and see if you can connect to it to see which side has a problem. The
> email is my user name at softhome dot net. Then maybe we can figure out how
> to share folders.
>
> Jack
> "gyrocam1" wrote:
>
> > Hi Jack,
> > My client ip is dynamically asigned behind a D-link broadband router. Is
> > that likely to be a problem.
> >
> > I logged into the server machine with RDC and remotely ran your suggested
> > canyouseeme.org. Interestingly enough, It could see port PPTP 1723 but
> > couldn't see GRE port 47. When I tested GRE 47 i got a message that said
> > something along the lines of could not see your port 47 because the
> > connection was refused. The port is forwarded in the linksys router and is
> > listed as an exception in the windows firewall. Anything else I might be
> > doing wrong?
> >
> > John
> >
> > "jackjenkins" wrote:
> >
> > > John,
> > > I just setup a vpn with 2 xp pro boxes on dsl, can't get the drives, folders
> > > to share yet though. Are you using dynamic dns or no-ip type client to keep
> > > your dynamic address constant? I had the same problem of the window just
> > > saying "connecting" before time out. After I connected it is quick. Got can
> > > youseeme.org though RDC and check to make sure the ports can be seen. Check
> > > the other computer too. Make sure in the Connection that it is pointing to
> > > the right ip or server name. Mine is working with the box 'Use remote
> > > gateway' checked in tcp/ip. You might try turning off encryption just to get
> > > it connected. On the "Incoming Connection" make sure tunneling is checked.
> > >
> > > Hope that helps. Maybe I'll figure out the share problem too.
> > >
> > > Jack
> > >
> > > Hope that helps
> > >
> > > "gyrocam1" wrote:
> > >
> > > > Hi Jack,
> > > > I'm not using a dynamic dns service on the vpn server, it has a static IP
> > > > but the client computer (laptop) is dynamic.
> > > >
> > > > Also I'm not getting an error message as such, what happens is I get a
> > > > message saying "veryfying user name and password" which just sits there until
> > > > I get frustrated with it and click cancel.
> > > >
> > > > I use the same username and password to connect using RDC without any
> > > > problem at all.
> > > >
> > > > John
> > > >
> > > > "jackjenkins" wrote:
> > > >
> > > > > What error message are you getting?
> > > > > Are you using a dynamic dns service?
> > > > >
> > > > > Jack
> > > > >
> > > > > "gyrocam1" wrote:
> > > > >
> > > > > > Hi Robin,
> > > > > >
> > > > > > Thanks for your response.
> > > > > >
> > > > > > These are the ports that I have forwarded in the linksys router:
> > > > > >
> > > > > > PPTP 1723 TCP protocol
> > > > > > RDC 3389 Both (TCP/UDP) protocol
> > > > > > GRE 47 Both (TCP/UDP) protocol
> > > > > > IPsec 50 Both (TCP/UDP) protocol
> > > > > > L2TP 500 Both (TCP/UDP) protocol
> > > > > >
> > > > > > All these ports are listed as exceptions within the Windows Firewall setup.
> > > > > >
> > > > > > If you want you could have a look at the setup for yourself through RDC.
> > > > > >
> > > > > > Hope this makes sense to you.
> > > > > >
> > > > > > Kind regards
> > > > > >
> > > > > > John Marzano
> > > > > >
> > > > > > "Robin Walker" wrote:
> > > > > >
> > > > > > > "gyrocam1" <gyrocam1@discussions.microsoft.com> wrote in message
> > > > > > > news:B8D4629C-A5A4-46E5-875F-5CF2A1DFDC95@microsoft.com
> > > > > > > >
> > > > > > > > I am trying to set up a vpn connection between my home (laptop
> > > > > > > > dynamic IP) and my office (pc static IP).
> > > > > > >
> > > > > > > Are you trying to make a VPN with PPTP or with L2TP?
> > > > > > >
> > > > > > > > Both machines are running
> > > > > > > > windows xp pro sp2. The office machine is behind a Linksys router and
> > > > > > > > has port forwarding to the if address of the PC enabled.
> > > > > > >
> > > > > > > Which ports are forwarded? The required ports are different depending on
> > > > > > > whether you are trying PPTP or L2TP. For PPTP you need to forward TCP port
> > > > > > > 1723, plus IP protocol number 47 (known as GRE). On a Linksys, forwarding
> > > > > > > GRE is usually enabled by enabling "PPTP pass-through". However, depending
> > > > > > > on which model of Linksys router you have, PPTP pass-though is broken on
> > > > > > > certain firmware versions, and incoming PPTP connections cannot be made.
> > > > > > >
> > > > > > > With L2TP/IPSec, you need to forward UDP ports 1701, 500, and 4500, and
> > > > > > > enable "L2TP pass-through". But setting up an L2TP server is non-trivial on
> > > > > > > the IPSec side.
> > > > > > >
> > > > > > > > Windows
> > > > > > > > firewall is configured to allow VPN and rdc and indeed I can connect
> > > > > > > > no problem using RDC. When I try to establish a vpn I get as far as
> > > > > > > > logon name and password veryfication and then everything stops. I
> > > > > > > > have a feeling it may be something to do with authentication
> > > > > > > > prorocols but I don't know enough about how to configure
> > > > > > > > IPsec/certificates/MS-Chaps v2 blah blah blah.
> > > > > > >
> > > > > > > If you are trying L2TP/IPSec, then see
> > > > > > >
http://support.microsoft.com/default.aspx?scid=kb;en-us;885407 because your
> > > > > > > L2TP server is behind a NAT router.
> > > > > > >
> > > > > > > --
> > > > > > > Robin Walker
> > > > > > > rdhw@cam.ac.uk
> > > > > > >
> > > > > > >
> > > > > > >