VPN not working

  • Thread starter Thread starter Mike Hunt
  • Start date Start date
M

Mike Hunt

Hi,

I've just about read everything about setting up a VPN server, and quite
frankly Im all confused as ever. Here is my configuration.

VPN Server :
windows 2000 server
domain controller
one nic: with 2 IP's
192.168.0.100
10.167.1.2

subnet mask:
255.255.255.0
255.255.255.224

DNS: itself
DHCP running

gateway: 10.167.1.1


Router ISP configured router:
IP: 10.167.1.1

I've followed all the 'how-to's' still to no avail. The router is actually
an ISP router which comes with the IP address 10.167.1 - 30. We can not
change anything on the router as it is done by the ISP. The router does
have port mapping enabled and is GRE enabled and I have opened up ports 47,
1723, 500, 1701, etc... I still get the error 721. Im not too sure what
else to do.

Please help
 
we need more details to help. why do you have two IPs on the same NIC? How
do you forward the port. or which ip?

--
For more and other information, go to http://www.ChicagoTech.net

Don't send e-mail or reply to me except you need consulting services.
Posting on MS newsgroup will benefit all readers and you may get more help.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on
http://www.ChicagoTech.net
VPN Solutions, http://www.chicagotech.net/vpnsolutions.htm
VPN Process and Error Analysis, http://www.chicagotech.net/VPN process.htm
VPN Troubleshooting, http://www.chicagotech.net/vpn.htm
This posting is provided "AS IS" with no warranties.
 
the router which is from the ISP has a private IP address of 10.167.X.X and
we have to use that group of addresses to access the internet through the
router. The other IP address 192.168.X.X is there for our private IP
addresses. The rest of the LAN PC's have 192.168.X.X as their addressing
scheme. Im not too sure whether I should just change all the 192.168.X.X
addressing PC's to 10.167.X.X .

There is a limit of 30 addresses (private) using that scheme and Im not too
sure if that could contribute to some of the problem.
 
You have two options. These are really the only two scenarios that work
behind a hardware ISP router. You can set up the server with one NIC (and
one IP) and use port forwarding from the router so that the router remains
the default gateway for the LAN.

If you want to use two IPs on the server, you will need to use two NICs.
You will also need to reconfigure your network so that the RRAS server is
the default gateway of the LAN, and only the "public" NIC of the server
connects to the ISP router. In other works, you set up a dummy subnet
between the server and the router, rather like a DMZ.
 
Back
Top