PPTP CONNECTION ERROR 721

[Todd Gallina]

We have a cisco Pix Router 506e and are trying to connect VPN clients
to our Network. We have W2k server setup with SP4 and RRAS services
configured. The PIX firewall has one to one mapping for gre 47
protocol and port 1723 open. The only fix I see is the same thing
over and over, allow gre protocol and open up port 1723. Any other
idea's or fixes would be greatly appreciated. Each time we try and
connect we recieve error 721 "Remote computer not responding" Cisco
reported this is a microsoft problem and not theres. Once again any
help or idea's would be appreciated.

Todd Gallina
Milwaukee, WI

 

[Michael Holzemer]

Do you have a NAT entry in the router to the Windows server?


--
Regards,

Michael Holzemer
No email replies please - reply in newsgroup

Learn script faster by searching here
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/scriptcenter/default.asp

 

[Bill Grant]

It would make more sense to me if you had said that gre was permitted
at the firewall and port 1723 was mapped to the RRAS server. The clients
should connect initially to the firewall's public IP, but the VPN connection
is actually established between the client and server (because PPTP is
forwarded to the RRAS server). PPTP is used to set up and maintain the
connection. GRE must be allowed in both directions through the firewall
because the encrypted VPN traffic is the payload of a packet with a GRE
header.

If the problem isn't obvious, you just have to enable logging on the
server (and perhaps on the client as well) and see exactly where it is
failing.

 

[Dave Roth]

This sounds similar to my problem (see message posted
last week) which I haven't gotten an answer for yet. In
my case the RRAS server is the same Win2k box as the NAT
box. But I get the same error.