GRE is not a port! It cannot be forwarded. And it is not 43.
You need to forward tcp port 1723 (pptp). That is correct. PPTP sets up
and maintains the tunnel. The actual data is encrypted and encapsulated in a
wrapper which includes a GRE header. GRE is a an IP protocol (protocol 47),
just like TCP or UDP.
Your firewall must allow GRE packets to pass in both directions, because
all VPN data packets arriving and leaving will have a GRE header. Blocking
GRE usually produces an error 721 .
"Robert" <anonymous.TakeThisOut@discussions.microsoft.com> wrote in message
news:26eee01c46392$811134a0$a601280a@phx.gbl...
> Can not connect VPN from the WAN to the LAN RRAS server
> Fowarding on ports 1723(PPTP) and 43(GRE) to RRAS server
> are enabled on the LINUX firewall.
>
> However VPN connections from LAN Stations to LAN RRAS
> server are working meanning that the RRAS server repplies
> on LAN environement.
>
> RRAS service has been installed in relaxed mode.
>
> When conecting VPN from WAN using Microsoft PPTP client
> on a laptop, NetMonitor, (I am monitoring packets on the
> server side) shows that the packets arrive from the
> originating IP, but communication sudently closes and
> ther is no repply.
>
> Graficaly on the client side the loguin process stops
> at "verifying Username an Password" it hangs and he end
> up guving me a 721 error.(remote computer is not
> reponding)
>
> I have used to PPTPping tool. Again from the WAN,
> pptpclnt.exe installed on a laptop sends the GRE packets
> to the remote RRAS and confirm me that he has established
> connection to the remote Access server.
>
> on the semote RRAS server, using pptpsrv.exe nothing
> happens.
>
> Any Ideas?
>
>
>
FAQ
Profile
Private Messages
Log in
