Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

VPN Win2003 Server Dual Nic + Router

  • Filter
  • Time
  • Show
Clear All
new posts

  • VPN Win2003 Server Dual Nic + Router


    I wonder if anyone can review my current office VPN setup and let me know what i'm missing.

    I have the following config:

    Internet->BiPAC 5102 ADSL Router->Windows 2003 (ExternalNIC)

    WAN IP: Fixed
    Subnet: ISP assigned
    Gateway: ISP assigned
    LAN IP:
    DHCP: No

    Windows 2003: External NIC
    DHCP: Relayed to

    Windows 2003: Internal NIC
    Gateway: Blank
    DHCP: Yes

    The 2003 server is configured for DHCP, DNS on its internal NIC. I used the 2003 wizard to setup VPN using the external NIC as the interface to the outside world.

    I've configured the router to pass through on port 1723.

    My problem is that a remote client trying to access the VPN server is getting a 800 error. My gut feeling is that i've overlooked something or have miss-understood something.

    I can connect and logon to the VPN server ( from inside the lan but no outside. Also, should I be able to connect to the VPN by connecting to (router lan ip) ? Because I can't. Neither can I ping the VPN server from the router though I can ping the router from the VPN server.

    So please feel free to comment and tell me where my thinking is astray.

    Many thanks in advance,

    PS: I've spent three days on this and read just about every article on the web but still no joy....i'm convinced i've missed something. Perhapps another way to the solution would be if someone could describe how to setup VPN on a similar config machine (i.e. dual nic, seperate networks etc).

  • #2
    Re: VPN Win2003 Server Dual Nic + Router

    Hi just a quick one.

    Don't know a hugh amount about Windows VPN (I always use my gateway device to do VPNs).

    Are you mapping port <wanip>:1724 to

    Allowing the traffic may not be enough. On some routers you will need to creat a NAT or PAT too.

    Also seems you need this too

    IP type 47 GRE


    don't ask me how I'm just relaying what I've seen on other forums.

    Note: If you are using PPTP consider using IPSec instead - far better security.