Remote Access Server Issue

[Guest]

Hi!
I am trying to setup an RAS on my Win 2K server. I have setup one before
and it worked like a charm. This time though, it has not worked. I have
looked over my configuration and have noticed one thing that looks
out-of-line. The Internal Interface is not functioning. I have tried
comparing the past setup with this one and have not noticed any differences.
This leads me to this Newsgroup. What services start the Internal Interface
or make it possible to start? I don't see any errors in the laslog file, so
where else would I look for errors?

Thanks!

 

[Robert L [MS-MVP]]

not sure the issue. can the server ping other and other ping the server? or
post the result of ipconfig /all here.

--
For more and other information, go to http://www.ChicagoTech.net

Don't send e-mail or reply to me except you need consulting services.
Posting on MS newsgroup will benefit all readers and you may get more help.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on
http://www.ChicagoTech.net
Networking Solutions, http://www.chicagotech.net/networksolutions.htm
VPN Solutions, http://www.chicagotech.net/vpnsolutions.htm
VPN Process and Error Analysis, http://www.chicagotech.net/VPN process.htm
VPN Troubleshooting, http://www.chicagotech.net/vpn.htm
This posting is provided "AS IS" with no warranties.

 

[Guest]

I cannot complete the connection. So I guess my answer is no. I do see an
attempt to process user name and passowrd, but then I get a 628 error.

I have checked the knowledge base on this error and have not found anything
that corresponds with my server setup.

This server is behind a firewall (Belkin Wireless router) and has a private
address, 192.168.2.xxx. The VPN port, 1723, is open.
From the remote location, the connecting computer is behind a firewall (I
don't remember the brand, but it was replaced before the VPN was setup with
one that was supplied by the ISP) and has a different IP address,
205.114.68.xxx. I can already connect to a server behind a firewall
(Netopia) with a private address,192.168.1.xxx, from this location.

 

[Bill Grant]

The internal interface not active is a symptom, not a cause. It only
becomes active after a remote client connects. The internal interface is the
server endpoint of the PPTP connection.

If your server has a private IP and is behind a firewall, you need to
forward tcp port 1723 from the firewall to the server and connect to the
firewall's public IP. You cannot connect across the Internet to a private
IP.

 

[Guest]

Thanks for the info on the internal interface. If there is some other
problem, then I have not been successful at finding it.

I am aware of the issues of connecting to a server on a private network. I
am connecting to the public IP and have opened 1723 to go through the
firewall. This part seems to be working as it is trying to verify the user
name and password before it errors out.

Any additonal info would be great!

 

[Bill Grant]

Do you get any error messages in the connection window or in the event
log?

The most common error is 721, and it usually means that something is
blocking GRE (IP protocol 47). PPTP fails if GRE is blocked because the VPN
data is encrypted, then carried inside a packet with a GRE header.

 

[Guest]

I have been getting a 628 error. I read the info on it and there was not
much to go on.

 

[BP]

Used for remote incoming connections from clients only

 

[BP]

C:\netsh interface show interface

Admin State State Type Interface Name
-------------------------------------------------------------------------
Enabled Connected Loopback Loopback
Enabled Connected Internal Internal
Enabled Connected Dedicated {ACAA8381-446C-43FF-981C-601248B7C472}
Enabled Connected Dedicated {0AD13F78-0266-4677-BB76-2FAAEB57B795}

Last 2 are specific Nic Id's and will be different in your machine

C:\netsh interface set interface ?

C:\netsh{enter}(same command but interactive mode)
netsh>interface
interface>show interface