VPN Connection error 721

  • Thread starter Thread starter rob
  • Start date Start date
R

rob

Hi

I am currently studying towards the mcse and i am trying
to set up a vpn tp a dc at home. when i try and connect
from the remote client i am getting the following error
message. error 721
my server is connected to the net through an adsl router.
i have opened the vpn ports on the router and have port
forwarded to the IP address of the NIC on the server.

If i try to connect to the rras server from my internal
network using the 192 .168 .0. 25 ip it will connect no
problem.

Any help would be much appreciated.

thanks in advance
 
If you had read this newsgroup before posting you would have found many
answers to this question!

This is usually caused by the router (or some other router/firewall in
the path) blocking GRE. The encrypted VPN data travels as the payload of an
IP packet with a GRE header. If anything blocks GRE in either direction, no
data will flow and the connection fails. GRE (Generic Routing Encapsulation)
is IP protocol 47.
 
You can specify IP address for a client at the server in the following ways:

1. DHCP - the server gets a reserved set of IPs from the DHCP server.
2. Static address pool - the server can allocate set of addresses for its
client
For the 1 and 2 options do the following:
In the RRAS mmc, right click on the root node [it would be having the name
of the server].
Click on Properties.
Go to IP tab, you will find the options.

3. Client may request IP - the server can allow the client to specify its IP

Server side:
In the RRAS MMC, right click on the existing Remote Access Policies in the
right pane of the
MMC, and right click and select Properties menu.
Select Edit Profile.
Select the IP tab.
Check if you have selected the below option
-Client may request IP address
Client side:
After creating the connectoid in Network Connections folder on the client do
the following:
1. Go to Properties of the connectoid - Networking tab
2. Select Internet Protocol TCP/IP - Click properties
3. Check the box for "Use the following IP Address" - and enter the IP
address

Thanks,
Sharoon
 
Back
Top