1

I'm just trying to do a quick test of a VPN set up for testing some software on. I am setting up a VPN using the "New Incoming Connection" option in "Network Connections".

It seems to set up fine but I'm having real trouble connecting to it.

So far I've tried connecting to it from an iPhone and another Win 7 machine.

The iPhone does pretty well but doesn't seem to be able to authenticate. If i check the system log I can see an error 812 "The connection was prevented because of a policy configured on your RAS/VPN server [etc]". Does anyone know what that policy is and how I can get my iPhone to connect to the machine?

The win 7 machine never even gets that far. I get an error in the system log of "The user [blah] connected to port VPN3-1 has been disconnected because no network protocols were successfully negotiated"

So does anyone know how to solve this? I'd really like to be able to test something with the iPhone connected to my LAN via 3G and I thought this would be an "easy" solution. It seems not :(

Any help would be much appreciated!

Edit: Interestingly I thought I'd give it a burn at home on ym XP laptop. Strangely when I connect to the machine via the network local ip then all is good. The moment I try to connect via my public IP (with NAT setup for port 1723) then the authentication is timing out on both my android phone AND my iPhone.

Interestingly I was testing this out at work by connecting via the public IP address.

Are there other ports I need to open up?

Bart De Vos
  • 17,761
  • 6
  • 62
  • 81
Goz
  • 156
  • 2
  • 8

2 Answers2

1

I didn't have any problem setting this up on a Win7 box and connecting from a W2K3 client with the default settings on both the Win7 box and the W2K3 box. Are you authenticating as a user on the Win7 box? Are you using DHCP to allocate an ip address to the VPN client? If so, do you have a DHCP server on the LAN that can service the client (via the Win7 machine)? Do you have the same network protocol bound to the Win7 incoming connection and the VPN client (TCP\IP)?

joeqwerty
  • 108,377
  • 6
  • 80
  • 171
  • What do you mean authenticating as a user on the win 7 box? I do have a DHCP server on the LAN and under the "incoming connection properties->IPV4->Properties" I have it set to "Allow callers to access my LAN" AND "Assign IP address automatically using DHCP". The client machine is setup to use IPV4 and was set to auto vpn type and optional encryption (I just played with those settings) with all encryption stettings enabled. The best I could get it to do was to faild to negotiate protocols ... – Goz Aug 12 '10 at 15:17
  • You're allowing incoming connections to the Win7 box, as such the VPN client has to authenticate as a user the Win7 box recognizes, that being a user on the Win7 box. When you set up the incoming connection did you see an option to select which users could make incoming connections? – joeqwerty Aug 12 '10 at 15:20
  • yes and the user selected is the one that is trying to log on. – Goz Aug 12 '10 at 15:24
  • Does the DHCP server use NAP? – joeqwerty Aug 12 '10 at 15:29
  • no idea ... its a BT 2 Wire business hub (and is pretty goddamned crap) – Goz Aug 12 '10 at 15:31
  • Oh, it's probably not using NAP then. Try setting a static ip address on the Win7 box in the properties of the incoming connection for the VPN client. – joeqwerty Aug 12 '10 at 16:22
  • tbh my big wish is to get the iphone connecting ... but ill give that a burn when in the office in the morning ... – Goz Aug 12 '10 at 17:15
1

I had the same issue. I specified an IP address range in the IPV4 settings of the Win7 incoming connection (I think that's the same thing JoeQwuerty was saying) and it worked like a charm.

SoftCoder
  • 11
  • 1