UnaBonger Posted October 7, 2003 Share Posted October 7, 2003 Can you guys clarify something for me? I want to set up a VPN on my server @ home. I have a cable connection which goes into a Linksys BEFSR41 and is shared out to the rest of the network from there. My question is once I set up the RRAS server and enable to VPN connections, how do I change my modem/router config? Do I - A. Plug my cable connection directly into the external NIC on my server and plug the router into the internal NIC? (doesn't sound too secure) B. Keep the cable connection going into the WAN port of the router and plug both the internal NIC & external NIC in the router? (loopback probs?) C. Something else all together? Thanks Link to comment Share on other sites More sharing options...
Frank Posted October 8, 2003 Share Posted October 8, 2003 With our RRAS connectiopn at work, we only have ONE NIC. The two NIC option is just if you want to make your RRAS server a router (which it can do). Are you having problems with the settings, or have you gotten there yet? Link to comment Share on other sites More sharing options...
UnaBonger Posted October 8, 2003 Author Share Posted October 8, 2003 Thanks Fowen. I havent actually set it up yet or even attempted to. For some reason I was under the impression that I needed 2 NIC to accomplish this. Would you happen to know which port(s) I would need to forward to my server to make the connection from the outside? Link to comment Share on other sites More sharing options...
Eversurf Posted October 8, 2003 Share Posted October 8, 2003 I'm currently working on the same project. We are trying to get a VPN server to Server to work. I believe the port to open depends on the protocol you are using to encrypt the data. L2tp or pptp. We are using PPTP because we don't want to have a certificate. We opened i believe port 1701 but i can't seem to authenticate to my server. I think i have a setting problem Let's work it together and post your the info you get up here Thanx Link to comment Share on other sites More sharing options...
Frank Posted October 8, 2003 Share Posted October 8, 2003 Unabonger: Like eversurf stated, it depends on the type. PPTP is the most common of VPN connections, and I believe that is TCP port 1723. I have not set up a L2TP VPN server yet, but that will be comming soon. Eversurf: Try opening port 1723. This should fix your problem. Link to comment Share on other sites More sharing options...
kowcop Posted October 8, 2003 Share Posted October 8, 2003 I would say you would need to forward the RRAS traffic to your server using the router config... Doesn't your router accept incoming VPN connections? Link to comment Share on other sites More sharing options...
Frank Posted October 8, 2003 Share Posted October 8, 2003 Doesn't your router accept incoming VPN connections? His model of router (Linksys BEFSR41) does not support VPN connections. I have actually found it easier to set up a Microsoft server with RRAS then to setup a router that supports VPN. Now I haven?t tried it with all routers, but the one I did try it with was a nightmare. Link to comment Share on other sites More sharing options...
UnaBonger Posted October 8, 2003 Author Share Posted October 8, 2003 His model of router (Linksys BEFSR41) does not support VPN connections. I have actually found it easier to set up a Microsoft server with RRAS then to setup a router that supports VPN. Now I haven?t tried it with all routers, but the one I did try it with was a nightmare. Are you sure the Linksys doesn't support VPN's? It does do PPTP pass through... wouldn't that be the same thing? Link to comment Share on other sites More sharing options...
Frank Posted October 8, 2003 Share Posted October 8, 2003 Your router does support PPTP pass through, but what kowcop is talking about is something completely different. They make a lot of routers that double as the actual VPN server. The Linksys doesn?t have a built in VPN server. With your Linksys you will need to set up a RRAS server and forward the PPTP ports to your RRAS server. Link to comment Share on other sites More sharing options...
UnaBonger Posted October 8, 2003 Author Share Posted October 8, 2003 So, by saying RRAS are we back to using 2 NICS? I can't see how I could "route" without the second NIC... Sorry if I sound ignorant, I thought I knew some of this stuff.... Link to comment Share on other sites More sharing options...
Frank Posted October 8, 2003 Share Posted October 8, 2003 RRAS stands for Routing AND Remote Access Server (or service, I can't remember). You will not be using the routing part, for that you would need two nics, and it would basically turn the server into a router. You will be using the Remote Access portion of RRAS to set up a VPN. You don't sound ignorant at all. No one understands this stuff right off the bat, unless your BudMan, or Staindx :) Link to comment Share on other sites More sharing options...
UnaBonger Posted October 8, 2003 Author Share Posted October 8, 2003 Would I then have to forward the VPN ports to the server? 1723 I think you said earlier? Link to comment Share on other sites More sharing options...
murr Posted October 8, 2003 Share Posted October 8, 2003 what os are you using on your server? Link to comment Share on other sites More sharing options...
Frank Posted October 8, 2003 Share Posted October 8, 2003 Exactly. I run a PPTP VPN server here at work, and all I have is port 1723 forwarded to the private (192.168.0.3) servers address. It works great. The initial setup of the RRAS server is a little tricky (at least it was for me) and I have the documentation on it around here somewhere, I?ll see if I can dig it up for you. Link to comment Share on other sites More sharing options...
UnaBonger Posted October 8, 2003 Author Share Posted October 8, 2003 what os are you using on your server? 2003 Link to comment Share on other sites More sharing options...
UnaBonger Posted October 8, 2003 Author Share Posted October 8, 2003 Exactly. I run a PPTP VPN server here at work, and all I have is port 1723 forwarded to the private (192.168.0.3) servers address. It works great. The initial setup of the RRAS server is a little tricky (at least it was for me) and I have the documentation on it around here somewhere, I?ll see if I can dig it up for you. Thanks, that'd be great:woot:t: email or IM would be great. Both are in my profile...:D:D:D:D Link to comment Share on other sites More sharing options...
murr Posted October 8, 2003 Share Posted October 8, 2003 give this a whirl Connecting Remote Users to Your Network with Windows Server 2003 Link to comment Share on other sites More sharing options...
UnaBonger Posted October 8, 2003 Author Share Posted October 8, 2003 give this a whirl Connecting Remote Users to Your Network with Windows Server 2003 Hey, thanks murr thats exactally what I need :D Link to comment Share on other sites More sharing options...
Eversurf Posted October 9, 2003 Share Posted October 9, 2003 I'm using a 3com firewall and 2k3 server. I have already tried to open 1723 and that didn't work either. I will take a peak at the configuration link you have put up Thanx Link to comment Share on other sites More sharing options...
UnaBonger Posted October 10, 2003 Author Share Posted October 10, 2003 I don't want to beat a dead horse here, but I think I need a little more help. I ran the RRAS wizard which went okay. After that I found that my website & exchange server were no longer accessable. Either internally or externally. Internet connectivity was never disrupted. By removing the RRAS functionality everything came back to normal. Any thoughts as to why this would have happened? Link to comment Share on other sites More sharing options...
Frank Posted October 10, 2003 Share Posted October 10, 2003 Did you set up RRAS on the same machine that your web and email server is on? Do you have WINS/DHCP/DNS on the same server? When I first set up my RRAS connection, I did it on my WINS/DHCP server. I also had IIS installed. It caused ALL sorts of problems. It would add wrong IP's in the WINS database so when people tried to get to it, it didn't work to well :). I didn't research it too much, but I put it on our backup server, and everything has been fine since. /edit: woohoo! 3 stars :D Link to comment Share on other sites More sharing options...
UnaBonger Posted October 10, 2003 Author Share Posted October 10, 2003 Did you set up RRAS on the same machine that your web and email server is on? Do you have WINS/DHCP/DNS on the same server? Well, I only have 1 server so yes, I did put RRAS on the Web/Mail server. I don't have WINS running. My router is handling DHCP and I have DNS running on my server for AD. Link to comment Share on other sites More sharing options...
Frank Posted October 10, 2003 Share Posted October 10, 2003 There may be a work around for this, I am not sure. I was lucky and had another server I could put it on. Will it only be you connecting in, or will it be more then one person at a time? Link to comment Share on other sites More sharing options...
UnaBonger Posted October 10, 2003 Author Share Posted October 10, 2003 It's just me connecting in. It's one of those things that I dont necessarily need. I just though it would be interesting to set up... Link to comment Share on other sites More sharing options...
Frank Posted October 10, 2003 Share Posted October 10, 2003 What OS are you running on your machine? If it is Windows XP (and I believe maybe Windows 2000) you can set up your machine to accept incoming connections. I have mine set up this way with a dialup line just in case something happens at work and the VPN is down, I can still get in. You can also do this with incoming VPN connections. There should be a fix, or at least a reason why this wouldn't work, Ill research and see if I can find out why. Link to comment Share on other sites More sharing options...
Recommended Posts