1

I have a Windows Server 2003 with RRAS (1 NIC) configured.

It works like a charm when I connect to the VPN server directly on the same LAN. But it fails when I try to connect to it from the WAN. So I think it's a port forward problem.

I have a Linksys WRT45G router and configured the port forwards; 1723, 47 and 500 to the RRAS server. The WAN IP works correct, because the websites I host are all up and reachable.

Can anyone tell me what I'm doing wrong?

Sven van Zoelen
  • 219
  • 1
  • 5
  • 12

2 Answers2

1

The Linksys WRT54G should have a VPN passthrough option. Disable/delete the port forwarding rules that you set up and enable the VPN passthrough option for the appropriate VPN protocols that you're using (PPTP, L2TP, etc).

joeqwerty
  • 108,377
  • 6
  • 80
  • 171
  • All the options are enabled. And I can't remove/delete the rules, I need the rules, otherwise the router doesn't know where to 'forward' the incomming calls to.. – Sven van Zoelen Sep 26 '11 at 14:12
  • 1
    Right, sorry. You will need to forward TCP port 1723 for a PPTP connection. You don't need to forward port 47 as GRE isn't a port, it's a protocol. The VPN passthrough option is what allows GRE (protocol 47) to traverse the WRT54G. Try it with just PPTP passthrough enabled. Also, set up a packet sniffer on the server to see if the VPN client connection is making it to the server and to see if the server is responding. You can do the same thing on the client. The combination of the two may help you see which side of the communication is being lost. – joeqwerty Sep 26 '11 at 14:23
  • I removed the 47 forward rule, and only enabled the PPTP. But it's not working :( I've read on the internet that the MTU had to be set to 1400, also tried that but still no luck. So, i have replaced the LinkSys router with another one (other brand), and just setted the rule 1723 to the RRAS server and... Magic! So strange.... Thx for your answer and time! – Sven van Zoelen Sep 29 '11 at 13:12
  • Glad to help and glad you got it working. – joeqwerty Sep 29 '11 at 13:48
0

I decided to try it one more time with the Linksys router. I finally got it working after some hours of research about the WRT54 on the internet. And it was pretty damn easy.

  • I forwarded the port 1723 TCP/UDP to the RRAS server IP.
  • Enabled the PPTP mode in security->VPN.
  • Unchecked the "Block Anonymous Internet Requests" option.
Sven van Zoelen
  • 219
  • 1
  • 5
  • 12