Have you looked at the log files on the 2000 server? Do you see a connection rejection? This will at least confirm if the connection is making through. -Sanjay
-----Original Message----- From: Gino Imbrunetti [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 14, 2002 2:13 PM To: [EMAIL PROTECTED] Subject: Too much security? Not sure if this is the right forum but here goes... I seem to have "too much security" when trying to set up a VPN between two offices. The setup: Remote user running Windows XP (or 2000, or 98, etc.) setting up a VPN to connect to a remote office. Corporate office with Windows 2000 Server running RAS on 192.168.0.51. Linksys BEFSR4 (Firmware ver 1.4) DSL router with forwarding set (1723 TCP and 500 UDP) to the .51 address, and PPTP and L2TP allowed on the LinkSys. Filters on the W2K RAS network interface set to accept from ANY IP address the required ports/protocols (1723 TCP, 500 UDP, TCP protocol 47), and the user trying to connect has been granted remote access (dial-in) in Acitive Directory. When trying to access RAS from the same subnet (say 192.168.0.221), I can authenticate and get right in to the server (and RAS shown that I am connected). When trying to access RAS from the 'net (216.xxx.xxx.xxx) I can't gain access. Remote scans shows port 1723 open for connection and, if I shut down the interface on the RAS server, port 1723 is now shown as closed (trying to verify if I am getting through the Linksys). Is the LinkSys the problem? Am I missing some ports/protocols in addition to 1723 TCP and 500 UDP? Thanks Gino Imbrunetti _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com
