Jump to content

2k3 server vpn problems


Recommended Posts

Can anyone please confirm for me that 2003 server with SP1 installed will NOT allow a vpn conection???

I have been pulling my hair out a SP1 is the only thing left that could be stopping the connection.

P.S. I have set up VPN's in the past, there is no 3d party fire wall and windows firewall is set for VPN ports to open.

Oh one last thing, the VPN works from the lan, just not the wan. and the modem is setup as a pass through DMZ.

PLEASE HELP,,,,ANYONE :blushing:

Link to comment
Share on other sites


If the VPN works from the LAN then it does work on Win2k3SP1 and with this being the case then it sounds like a firewall issue

More specifically.. when you say it doesnt work.. what do you mean.. can you connect but not see anything on the network.. can you not connect at all. Please give more information

Link to comment
Share on other sites

Initially the RRAS Basic firewall blocked WAN access and resulted in "Error 800: No connection" from any computers trying to establish a VPN connection to the server.

After the firewall was configured to run with VPN server, a calling PC will connect but then get an "Error 721" which seems to be an authentication issue.

This Error only occurs when dialling in from outside the LAN. Internally there are no errors when pointing the VPN 'dialler' to 192.168.0.1. If however you try to dial from outside the LAN, or try to connect from inside the LAN using the WAN IP address of the server ie 203.xxx.xxx.xxx it results in Error 721...

Link to comment
Share on other sites

Just trying to cover the basics... If you can connect from the lan but not from the lan. Is this RRAS server infront of or behind a firewall.

If it is behind a firewall make sure you have port 1723 open to the RRAS server. Error 721 means the remote computer cannot see the server on port 1723. What is it that could be blocking it from the wan side

What firewall do you have in front of it.

Link to comment
Share on other sites

The server is not running any 3rd party firewall, only the built in firewall. It has been configured to allow tcp port 1723 on 192.168.1.1 (the card the modem is connected to). The hardware firewall has been disabled and the modem is set to a pass through configuration (in other words i dont think its the modem).

The thing that is anoying me is that this machine is only being bench tested before we roll over the actual server to sp1 and as far as i can tell, all RRAS and firewall settings are identical (obviously the existing non sp1 server is working fine as a vpn server). :wacko: Its for that reason that im blaming a security update in sp1 that requires aditional setting in order to get the vpn running correctly. :whistle:

P.S I used a MS guide for configuring the VPN after the 'memory setup method' failed. Still no joy :}

Link to comment
Share on other sites

Could you verify that the security option "Network security: LAN Manager authentication level" is set to "Send NTLMv2 response only\refuse LM".

You can also verify this by looking at the following registry key:

HKLM\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel=?

Where the number at ? should be 4 (or lower) If it's 5, this could be your problem.

Link to comment
Share on other sites

another thing that this server is not allowing is a remote desktop conection from the wan address.

its a simular situation to the VPN problem, i can remote login from anywhere on the lan but as soon as i point the address to 203.xxx.xxx.xxx it times out with a unreachable message.

I have tripple checked the modem settings (and even tried a backup modem). I am 100% sure the modem is not blocking ANY traffic from the internet to the server. The problem is defenately in the server and it seems to be caused by new security features in SP1. :realmad:

I'd really like someone to confirm this theory and then offer a workaround :whistle:

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...