Announcement

Collapse
No announcement yet.

VPN to sbs2008

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • VPN to sbs2008

    hello,

    I cannot establish a vpn connection to an sbs2008 box from a remote xp client. I get error 721.
    I can connect via a pc on the lan ok. From the xp support tools, i ran pptpsrv.exe on a lan PC and pptpsrv.exe on a remote PC and connects ok.
    Any help appreciated.

  • #2
    Re: VPN to sbs2008

    Could you tell me some more about your infrastructure ?

    Do you have a router or firewall in front of the SBS server?

    What abouty a home router for your windows XP computer?

    THe error 721 is most likely caused by a failure to pass either PPTP Traffic (on tcp/1723) or the GRE protocol (protocol 47)
    THis issue could be caused at either end.

    Best way to test, is from your computer at home, try and telnet to port 1723 on the server's public IP address.
    If that works, in all liklihood you need to get GRE passthrough configured, quite possibly on your home router

    http://support.microsoft.com/kb/888201
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

    Comment


    • #3
      Re: VPN to sbs2008

      thanks for reply.
      when I telnet to port 1723 on the server's public IP address I get a flashing cursor, no error messages so i guess this connects OK?
      have a zyxel 662hw fiirewall in fromt of sbs. have opened 1723.
      i ran pptpsrv.exe on a lan PC and pptpclnt.exe on a remote PC and connects ok so this would suggest gre is allowed thru to the destination network
      Attached Files

      Comment


      • #4
        Re: VPN to sbs2008

        no - pptpsvr and pptpclt wouild suggest PPTP (tcp/1723) is passing through.

        in all likelihood, you need to configure passthru on your local router.
        exactly how, I'm not sure - check through your router manual or see if you can find some info online

        see if this helps
        http://www2.zyxel.com/support/knowle...ail_2053.shtml
        Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

        Comment


        • #5
          Re: VPN to sbs2008

          have managed to connect by disabling and then renabling the firewall.
          I can ping the server local address 192.168.1.5 but cannot browse any shares.
          My remote xp client has lan address 192.168.2.10.and is a workgroup member only. ( it has a pp adapter address of 192.168.1.30.)
          Does this remote pc need to be joined to the sbs2008 doamin to access resources?

          Comment


          • #6
            Re: VPN to sbs2008

            it doesn't need to be joined to the domain, but you will need to pass it domain credentials.

            so yo ushould be able to go to "map network drive' and give it the proper path ie \\server\home\someone
            then tell it to use explicit credentials
            Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

            Comment


            • #7
              Re: VPN to sbs2008

              thanks again.
              can map to server using IP. created entry in hosts file to map server name to the ip and can now map using servername.
              have joined pc to domain, restarted and logged onto domain using dial up networking.
              have access to mapped shares but when try to browse network in 'my network places' fails with 'the list of servers for this workgroup is not currently available'

              Comment


              • #8
                Re: VPN to sbs2008

                it's likely you have a DNS problem

                double check what DNS details are assigned:

                can you ping your domain controller by name?
                (Not the one you put in the hosts entry)

                for instance, try:

                ping server1
                then ping server1.domain.com

                and let me know if either of them work
                Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

                Comment


                • #9
                  Re: VPN to sbs2008

                  cannot ping server. but can ping server.domain.local.

                  Comment


                  • #10
                    Re: VPN to sbs2008

                    That's expected behaviour for non-domain member DNS queries. You'll need to either add host files entries or use FQDNs as VPN clients will query their local DNS servers before remote ones.
                    BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
                    sigpic
                    Cruachan's Blog

                    Comment

                    Working...
                    X