No announcement yet.

SBS2K3 - RRAS VPN not working

  • Filter
  • Time
  • Show
Clear All
new posts

  • SBS2K3 - RRAS VPN not working

    What is the System/OS?
    • Server- SBS2K3 w/SP2 running RRAS for PPTP VPN connectivity. Firewall disabled.
    • Network- Server is connected to Cisco1841 router LAN interface with a further two WAN interfaces - both connected.
    What are you trying to do?
    Trying to authenticate WAN clients to RRAS VPN.
    This was working but it stopped sometime over the holidays. I can't see that anything has changed.

    I can connect and authenticate clients from LAN (internal).

    What is the error message?

    WAN clients are receiving either of the following (OS dependant):
    • Win7/Vista - "Error 807 - The network connection between your computer and the VPN server was interrupted."
    • WinXP - "Error 678 - The remote computer did not respond."

    What have I tried already?
    • Ping WAN interface - tested OK.
    • Restart RRAS services.
    • Restart Router.
    • Restart Server.
    • Check port tcp1723 and udp1701 for RRAS listener - tested OK.
    • Check Remote Access Policies are correct.
    • Check user group permissions are correct for Remote Access Policies.
    • Reconfigure RRAS.
    • Reset network adapters (@cmd prompt> - "netsh interface ip reset c:\ipreset.txt") and reconfigure.
    • Rerun CEICW to setup up Internet Connection.
    • Rerun Configure Remote Access.
    • Check Cisco router config for TCP port 1723 port forward (confirmed in current configuration "ip nat inside source static tcp 1723 interface Dialer2 1723").
    • Telnet on port 1723 to WAN IP from internet (external IP) doesn't work.
    • Call ISP to check for port blocking - none.
    • Checked DNS settings.
    I can connect and authenticate VPN clients from the LAN (internally).
    I can also telnet on port 1723 (@cmd prompt> "telnet 1723") from the LAN.

    What does the Event Log say?
    Nothing is logged in the Application or System event logs for the failed connections.
    I have enabled additional logging in RRAS and checked them (C:\WINDOWS\tracing) but I can't see anything in them logged for the failed attempts.

    I have searched a number of forums and threads all to no avail.
    I have rechecked against TechNet RRAS Configuration articles to ensure I haven't left anything out.

    Is there anything else I have missed though?
    Any thoughts on what this could be?

  • #2
    Re: SBS2K3 - RRAS VPN not working

    So I changed the router for a non Cisco device, configured it for PPTP/L2TP passthrough and voila, the VPN now works for external clients.

    It is definitely the config on the router. Now I just need to figure that out.


    • #3
      Re: SBS2K3 - RRAS VPN not working

      Moved to Cisco forum for a better response.


      • #4
        Re: SBS2K3 - RRAS VPN not working

        In addition to tcp 1723 you also need to allow GRE (Protocol 47) inbound as well

        access-list 100 permit gre any "public ip of your server"
        CCNA, CCNA-Security, CCNP
        CCIE Security (In Progress)