Hardware firewall and W2000 VPN

  • Thread starter Thread starter B.T.
  • Start date Start date
B

B.T.

Hi, I have a client who has an ADSL router with all ports open and addressed
to the firewall.

The firewall is a 3Com Office Connect Internet Firewall 25, and the port
1723/TCP is open and addressed to a W2000 Server. This W2000 Server is a VPN
Server too (by using the Routing and Remote Access), with 5 PPTP tunnels. In
addition to this, the 47/UDP port is open too in the firewall and addressed
to that W2000 Server machine.

Well, the problem is that I can not reach the server from the Internet and
so my w2000 VPN isn't useful. This VPN works inside the local network, but
not outside due to the firewall.

But I can't understand why is happening this if I have opened the 1723/TCP
and 47/UDP ports in the firewall.

If somebody knows something about this I would appreciate, thanks,

B.T.
 
Thanks. I had seen that .pdf, but it isn't about W2000 vpn, it is about
setting a vpn between firewalls or between that firewall and software for
that firewall, and my client had the W2000 vpn yet and he doesn't want to
pay for additional software.

My problem is different, it's only about opening ports and addressing to
servers. But I can't understand it because I think the settings are right.

By the way, you opened the 47 port, are you talking about the 47/UDP port?
In my W2000 book, it is recommended to open the protocol GRE (the ID of the
GRE protocol is 47) but this firewall allows me to open just the TCP,UDP,
ICMP ports.

Thank you very much,

B.T.
 
Hello, B.T.
For our VPN I had to use Port Forwarding for 47/TCP and 1723/TCP ports (as
it described in W2000 documentations), 50/TCP and 500/TCP (from router
documentation) but also I had to use Port Triggering: 47~47; 1723~1723;
50~50; 500~500 (from my Linksys router documentation). In addition to all
above, some of our VPN clients had their own firewall (for example ZoneAlarm
on one WinXP computer blocked outcoming signal or DLink router had wrong
setup) and we did some changes with our clients stuff.
I have Win2000 network.
Good luck.
LB
 
Thanks, I don't know what port triggering is, but I'll know it. Maybe I
would solve my problem if I opened the 47/TCP port instead of 47/UDP. I'll
try it.

Thank you very much,

B.T.
 
I have the exact same issue, I can connect inside but not outside.
I even created a dmz path to the server just to test and still couldnt
connect.

PLs let me know if you get your issue solved.


RH.
 
Ok InOrbit, but I am not going to work about this problem after a few days,
I will tell you if I can solve it.

Bye,

B.T.
 
Back
Top