Question : Problem: Cannot connect to VPN via external IP

We have recently setup a SBS 2003 server and are trying to setup remote VPN access.  We have Routing and Remote access setup to the point where we can connect to the VPN while connected to the local network via the server's local host name/IP but cannot establish an external connection via the external IP for the router.  We have tried disabling the firewall/going on the DMZ to no avail.  The connection hangs on 'Verifying username and password'.

Again, this only happens when trying to connect via the external IP, everything seems to function fine when connection to 192.168.1.106 which is the server's internal network ip.

Any advice as to why this may be happening and a possible resolution would be greatly appreciated.

Thanks!

Chris

Answer : Problem: Cannot connect to VPN via external IP

As far as other services like web and ftp... if your setup is as follows:

Internet->router->WIN2K3SRVR (WAN ADAPTER) then NAT to a LAN adapter that provides the access to clients( i.e: your Linksys router is 192.168.1.1, your wan adapter is 192.168.1.* with gateway setup as the router ip (in this case 192.168.1.1) im assuming that you have your LAN adapter plugged into a switch that has all the client PC's connected to it. And that LAN adapter has an address of lets say 10.10.10.1 with the applicable subnet obviously. You do not need to specify a dns on that adapter since it will take it from your WAN b/c you are using NAT. Then i assume your client PC's are on the 10.10.10.* network. With their gateways and DNS being the 10.10.10.1 as used in this example.

If it is setup something like that.... you need to make sure that in RRAS when you got to the NAT/Basic Firewall properties...in the services and ports tab you have the applicable services enabled. For instance the http for your website or ftp server. And make sure you specify the INTERNAL IP address of these because you are behind the router. This is if you are setup the way i am assuming you are. If you decide to connect the server directly and omit the router...you can use your public IP instead of the internal in the services and ports field.

Hope that helps a bit.
Random Solutions  
 
programming4us programming4us