Question : Problem: VPN not working from public internet but does work from local outside the firewall...

Hopefully an easy question here...

First a quick synopsys of the background to the problem:

I have set up VPN access into my SBS2003 box. I had logged another question on experts-exchange because initially my tests could not connect through to the server. I was attempting to connect through to the VPN server by plugging directly into the ADSL router and putting the test notebook on the external 10.0.0.x network (thus attempting to replicate being outside the network). My internal network is 192.168.0.x. When testing in this manner I was using the actual public IP address however I could not connect. This was resolved when someone here said that I was testing it incorrectly and rather than put the external public static address I should be putting the 10.0.0.8 address which is to the "external NIC" on the SBS2003 box. I tried this and the VPN worked successfully. I thought the problem had therefore been solved...

However I now have had the opportunity to attempt to VPN from a real external internet connection and unfortunately I cannot connect through. I'm getting an Error 721.

I have ensured that my firewall is off on the client to be sure but no luck.

What's different from connecting via the 10.0.0.x address through the ADSL router and a public internet addresss going through the same ADSL router (obviously via the ADSL connection rather than directly into a port on the back of the router). I would have thought that both ways would still be routed by the routers same firewall routing rules? Or have I got this incorrect....??

Given that it works from the 10.0.0.x address the only difference is the source IP and the fact that the public IP is coming through the ADSL telephone link as opposed to a direct UTP connection into the router...

Any ideas?... I'm flying out tonight and need this resolved ASAP!!!...

Cheers.

Answer : Problem: VPN not working from public internet but does work from local outside the firewall...

Sorry, I am guessing I am in a different time zone. GMT +4. Everything does seem in order.
-Just to confirm, you are trying to connect to the 61.9.247.216 address not the 10.0.0.8, right?
-The fact that the canyouseeme works, would indicate all port forwarding is OK, however that doesn't test for GRE
-Since you provided the 61.9.247.216 address I tried to connect with the Windows PPTP client and I seem to connect to the VPN server (I assume the SBS) but get an incorrect UserName and/or password message, which would indicate it is working correctly
-What I cannot test without connecting (not suggesting I do connect) is that GRE is being passed satisfactorily. A 721 error can often indicate GRE is being blocked.

-Make sure the windows firewall is disabled on the server if possible. It could be blocking GRE, and make sure the remote computer you are connecting with, does not have a 10.0.0.0 address assigned to any enabled network adapters.
-Which model Speedtouch pro ? I was looking for configuration details. Also I assume the router supports PPTP VPN traffic? A few don't.
-Also to confirm, there is no additional router between the Speedtouch and the SBS?

Random Solutions

Problem: How do I scan multiple pages without preview with HP Scanjet 5P and Deskscan 2.9

Problem: Updating an old Laptop graphic card?

Problem: How to choose to buy a USB Flash memory stick?

Problem: nForce 790i Raid Controller issues

Problem: Create link for application in program menu during cab installation

Problem: Application performance degraded after upgrading from SQL 2005 32 Bit to SQL 2008 64 Bit

Problem: How can I edit edit m4a files

Problem: Disk Cloning Software

Problem: RAID 10 or RAID 01??

Problem: Exchange Agent shows fails due to agent license graace period expire