12
4
I am trying to connect to a VPN Server (BestUKVPN) but I'm failing each time I try.
I get a "691 error" but the username and password are OK.
I searched and I am told that "port 1723" or 'GRE protocol port 47" being blocked can cause this issue as well.
How can I check them and, in case they are blocked, unblock them?
Rika
Posted 2012-09-28T16:29:40.297
Reputation: 583
4
netstat | find "1723"
Thats all u need.
Oh and to unblock them, this page may help
Gutsygibbon
Posted 2012-09-28T16:29:40.297
Reputation: 774
That command didnt find anything! – Rika – 2012-09-29T12:45:09.493
That just means 1723 isn't currently in use. That's all. If you try netstat only, that will give you a list of all the currently used ports. The piping to find 1723 wont give you any result if your port isn't even used. – Gutsygibbon – 2012-10-01T15:21:50.213
1A couple things to point out. 1723 TCP Microsoft Point-to-Point Tunneling Protocol (PPTP) This works in conjunction with your GRE port 47. It should be active no matter what. Also try the following:
Well i tried running the vpn connection, and checking the netstat results,thats why i said nothing showed up.When a VPN connection is dialing, it should use that port right?when it fails then it means that port is blocked right? – Rika – 2012-10-03T09:36:48.850
1When the connection is dialing, the PORT HAS TO BE USED. Correct. It's not necessarily blocked but can also be disabled.(as in the service was disabled) Check the running services and see if PPTP is actually running. – Gutsygibbon – 2012-10-03T16:06:54.410
16
GRE is a protocol, not a port. (A lot of people say "My router isn't blocking any ports" but that's irrelevant.) Your router needs to understand how that protocol works. In particular, assuming that you're using NAT (Network Address Translation), the router will need to replace your private IP address with its public IP address in the outbound packets, then do the reverse on the inbound packets. If your router doesn't understand GRE then you either need to upgrade the firmware or replace the hardware - you'll need to check the manufacturer's documentation.
You could also try a different type of VPN connection. PPTP uses GRE, but L2TP/IPSec and SSTP don't. However, the VPN server will need to support them, and it will need a digital certificate; you will also need a certificate on your computer for L2TP/IPSec. It looks as if "BestUKVPN" only support PPTP, so you'll need to decide whether it's more work to change your router or your server.
John C. Kirk
Posted 2012-09-28T16:29:40.297
Reputation: 161
10
From command line, to check Windows Firewall rules for 1723 port:
netsh advfirewall firewall show rule name=all | find "1723"
If you have no results, there are no references to any 1723 port (supposedly not blocking).
If yes, try to search more details about the involved rule. For example:
netsh advfirewall firewall show rule name=all > AllPorts.txt
Then edit AllPorts.txt file and search for 1723 to obtain more info.
To check GRE protocol, try:
netsh advfirewall firewall show rule name=all | find "gre" /i
and repeat the procedure.
Of course, you are always supposed to be able to perform this search at Windows Firewall screen, on Windows Control Panel.
NOTE: I assume you are talking about checking outgoing 1723 TCP port and outgoing GRE protocol. Incoming firewalling rules are only needed if you have some VPN server running inside your computer.
Sopalajo de Arrierez
Posted 2012-09-28T16:29:40.297
Reputation: 5 328
This might help-
– Ankit – 2012-09-28T17:51:25.060netstatin cmd gives the status of ports. Have a look at this http://support.microsoft.com/kb/308127.You ISP may not be allowing them, call and ask them if they are. :) – Ƭᴇcʜιᴇ007 – 2012-09-28T17:54:13.433
@techie007:I can easily connect from a Windows Xp machine,If it were the ISP, i shouldn't have been able to connect using windows xp! – Rika – 2012-09-29T12:41:17.623