VPN connection problem from WinXP to Windows Server 2003.
I have configured a Windows Server 2003 to accept incoming VPN-connections behind a firewall. The firewall forwards port 1723 to the server. When I try to connect with a WinXP Pro desktop via the internet (the server has a public IP at the firewall), I get an errormessage (number 691) that the server does not recognize the user or password on the server. The server has AD installed and I've tried to use the users full AD-name at login, but still it doesn't recognize the user. I get the following in the VPN-log:
192.168.0.100,Testdomain.localVpnuser,12/20/2004,14:05:09,RAS,VPNSERVER,44,47,4,192.168.0.100,6,2,7,1,5,134,61,5,64,1,65,1,31,192.168.0.3,66,192.168.0.3,4108,192.168.0.100,414 7,311,4148,MSRASV5.20,4160,MSRASV5.10,4159,MSRAS-0-Vpnuser2,4155,1,25,311 1 192.168.0.100 12/16/2004 12:32:35 18,4129,Testdomain.localVpnuser,4130,Testdomain.localVpnuser,4127,4,4136,1,4142,0
192.168.0.100,Testdomain.localVpnuser,12/20/2004,14:05:09,RAS,VPNSERVER,25,311 1 192.168.0.100 12/16/2004 12:32:35 18,4127,4,4130,Testdomain.localVpnuser,4129,Testdomain.localVpnuser,4154,Anvand Windows-autentisering for alla anvandare,4155,1,4136,3,4142,16
Have any clues to how to solve this problem?
Software/Hardware used:
Software/Hardware used:
ASKED:
December 26, 2004 8:15 AM
UPDATED:
December 27, 2004 8:30 AM
Answer Wiki:
It seems that you are working with PPTP
make sure that your firewall is also passing GRE traffic its IP protocol 47, its not TCP port, its an IP protocol number, for example TCP is IP protocol 6, UDP is IP protocol 17
To see all answers submitted to the Answer Wiki: View Answer History.
Also, make sure that the user’s AD permissions include Dial-Up/Remote access.
Bob
Thank you for your help. AD permissions should be ok, but I’ll check if the firewall passes protocol 47. It’s made for VPN tunneling between firewalls, but I haven’t checked if it really passes VPN-protocol 47.