VPN setup


Recommended Posts

Can you guys clarify something for me? I want to set up a VPN on my server @ home.

I have a cable connection which goes into a Linksys BEFSR41 and is shared out to the rest of the network from there. My question is once I set up the RRAS server and enable to VPN connections, how do I change my modem/router config? Do I -

A. Plug my cable connection directly into the external NIC on my server and plug the router into the internal NIC? (doesn't sound too secure)

B. Keep the cable connection going into the WAN port of the router and plug both the internal NIC & external NIC in the router? (loopback probs?)

C. Something else all together?

Thanks

Link to comment
Share on other sites

With our RRAS connectiopn at work, we only have ONE NIC. The two NIC option is just if you want to make your RRAS server a router (which it can do). Are you having problems with the settings, or have you gotten there yet?

Link to comment
Share on other sites

Thanks Fowen.

I havent actually set it up yet or even attempted to. For some reason I was under the impression that I needed 2 NIC to accomplish this.

Would you happen to know which port(s) I would need to forward to my server to make the connection from the outside?

Link to comment
Share on other sites

I'm currently working on the same project. We are trying to get a VPN server to Server to work. I believe the port to open depends on the protocol you are using to encrypt the data. L2tp or pptp. We are using PPTP because we don't want to have a certificate. We opened i believe port 1701 but i can't seem to authenticate to my server. I think i have a setting problem

Let's work it together and post your the info you get up here

Thanx

Link to comment
Share on other sites

Unabonger: Like eversurf stated, it depends on the type. PPTP is the most common of VPN connections, and I believe that is TCP port 1723. I have not set up a L2TP VPN server yet, but that will be comming soon.

Eversurf: Try opening port 1723. This should fix your problem.

Link to comment
Share on other sites

Doesn't your router accept incoming VPN connections?

His model of router (Linksys BEFSR41) does not support VPN connections. I have actually found it easier to set up a Microsoft server with RRAS then to setup a router that supports VPN. Now I haven?t tried it with all routers, but the one I did try it with was a nightmare.

Link to comment
Share on other sites

His model of router (Linksys BEFSR41) does not support VPN connections. I have actually found it easier to set up a Microsoft server with RRAS then to setup a router that supports VPN. Now I haven?t tried it with all routers, but the one I did try it with was a nightmare.

Are you sure the Linksys doesn't support VPN's? It does do PPTP pass through... wouldn't that be the same thing?

Link to comment
Share on other sites

Your router does support PPTP pass through, but what kowcop is talking about is something completely different. They make a lot of routers that double as the actual VPN server. The Linksys doesn?t have a built in VPN server. With your Linksys you will need to set up a RRAS server and forward the PPTP ports to your RRAS server.

Link to comment
Share on other sites

So, by saying RRAS are we back to using 2 NICS? I can't see how I could "route" without the second NIC...

Sorry if I sound ignorant, I thought I knew some of this stuff....

Link to comment
Share on other sites

RRAS stands for Routing AND Remote Access Server (or service, I can't remember). You will not be using the routing part, for that you would need two nics, and it would basically turn the server into a router. You will be using the Remote Access portion of RRAS to set up a VPN.

You don't sound ignorant at all. No one understands this stuff right off the bat, unless your BudMan, or Staindx :)

Link to comment
Share on other sites

Exactly. I run a PPTP VPN server here at work, and all I have is port 1723 forwarded to the private (192.168.0.3) servers address. It works great. The initial setup of the RRAS server is a little tricky (at least it was for me) and I have the documentation on it around here somewhere, I?ll see if I can dig it up for you.

Link to comment
Share on other sites

Exactly. I run a PPTP VPN server here at work, and all I have is port 1723 forwarded to the private (192.168.0.3) servers address. It works great. The initial setup of the RRAS server is a little tricky (at least it was for me) and I have the documentation on it around here somewhere, I?ll see if I can dig it up for you.

Thanks, that'd be great:woot:t: email or IM would be great. Both are in my profile...:D:D:D:D

Link to comment
Share on other sites

I'm using a 3com firewall and 2k3 server. I have already tried to open 1723 and that didn't work either. I will take a peak at the configuration link you have put up

Thanx

Link to comment
Share on other sites

I don't want to beat a dead horse here, but I think I need a little more help.

I ran the RRAS wizard which went okay. After that I found that my website & exchange server were no longer accessable. Either internally or externally. Internet connectivity was never disrupted. By removing the RRAS functionality everything came back to normal.

Any thoughts as to why this would have happened?

Link to comment
Share on other sites

Did you set up RRAS on the same machine that your web and email server is on? Do you have WINS/DHCP/DNS on the same server?

When I first set up my RRAS connection, I did it on my WINS/DHCP server. I also had IIS installed. It caused ALL sorts of problems. It would add wrong IP's in the WINS database so when people tried to get to it, it didn't work to well :). I didn't research it too much, but I put it on our backup server, and everything has been fine since.

/edit: woohoo! 3 stars :D

Link to comment
Share on other sites

Did you set up RRAS on the same machine that your web and email server is on? Do you have WINS/DHCP/DNS on the same server?

Well, I only have 1 server so yes, I did put RRAS on the Web/Mail server. I don't have WINS running. My router is handling DHCP and I have DNS running on my server for AD.

Link to comment
Share on other sites

There may be a work around for this, I am not sure. I was lucky and had another server I could put it on. Will it only be you connecting in, or will it be more then one person at a time?

Link to comment
Share on other sites

What OS are you running on your machine? If it is Windows XP (and I believe maybe Windows 2000) you can set up your machine to accept incoming connections. I have mine set up this way with a dialup line just in case something happens at work and the VPN is down, I can still get in. You can also do this with incoming VPN connections.

There should be a fix, or at least a reason why this wouldn't work, Ill research and see if I can find out why.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.