Question : Problem: Windows VPN through a netscreen 5GT

I have a site to site Route based VPN tunnel between 2 netscreen 5GT routers. The tunnel has worked great with no problems. I have a user who I need to set up with VPN access from home for a short period of time and do not want to use Nescreen remote software. In the netscreen I set up port 1723 to a VIP pointing to a server 2003 machine running routing & remote access. This is the way it was set up before the tunnel was put in place and it worked fine before.

When I try to connect from the outside now, it hangs at "verifying username and password..", then I get error 721. Checking the event viewer on the RRAS server I see this:

Event ID 20209

A connection between the VPN server and the VPN client  1.2.3.4  has been established, but the VPN connection cannot be completed. The most common cause for this is that a firewall or router between the VPN server and the VPN client is not configured to allow Generic Routing Encapsulation (GRE) packets (protocol 47). Verify that the firewalls and routers between your VPN server and the Internet allow GRE packets. Make sure the firewalls and routers on the user's network are also configured to allow GRE packets. If the problem persists, have the user contact the Internet service provider (ISP) to determine whether the ISP might be blocking GRE packets.

Does the Route based VPN between the netscreens affect the Windows VPN?

Is there a way around this problem?

   

Answer : Problem: Windows VPN through a netscreen 5GT

"Shouldn't"

For reference
PPTP
http://5gt.support.juniper.safeharbor.com/knowbase/root/public/ns10552.htm?
http://5gt.support.juniper.safeharbor.com/knowbase/root/public/nskb5143.htm?

L2TP
http://5gt.support.juniper.safeharbor.com/knowbase/root/public/ns10158.htm?

Random Solutions  
 
programming4us programming4us