Dear all,
I am currently a junior administrator and currently having a spot of bother connecting through a vpn connection to our new server as the error messge tells me it is not able to connect.

I have enabled remote connection but still cant set up a network place for it. The router is the netgear dg834g and i am using server 2003 but i think i must have a slight configration problem on the router side of things.

Please help


Sam

are you trying to vpn in to your server or are you using RDP and logging in using terminal server sessions. Are you port forwarding to the correct ip address to the server. just a few things to check.

no i am trying to vpn into the server which i believed was a case of opening a connection and tapping in the isp provided ip address. will check it out today and let you know how i am going.

Is there anything else i should be trying?

if its the isp's IP address then is the server outside the network like a DMZ server...if not then you will need to portforward to that servers ip address within the subnet.

There are few things to check... Firewall (ISA2004), port forwarding on Router, Domain name or IP lookup. GPO settings for user remote access...

Still trying to set up a connection into the server and i thought i would give you a little more info. If i use remote desktop and the ip address i get a pc that is out of our domain but in the building, but if i try to set up a vpn then i get an error721.

i have configured the WAN side to the router to


100.100.100.100
255.255.255.0
D/G 100.100.100.1

and the LAN is standard but i cant seem to get the router to let me in.Is this the router firewalling me? how do i port forward? any ideas?

OK... im sure there are plenty of guides online... but:

1. Enable VPN end point (built in XP connection) on ur client pc outside of your domain/building etc (ie. like home PC)

2. Determine ur WAN IP from ISP for your modem/router in ur domain.

3. Log into ur modem/Router and enable VPN forwarding (might be preselected option or just port forward)

4. Enable Remote Access and VPN protocols on ur Server 2K3, grant the 'User' remote access priviledges and specifiy a strong password.

5. Allow Remote access ports through ur Server Firewall, typically ISA2004.

Now, these can be done in different orders (i just brainstormed)... others might have a better sequence... Good luck, let us know.

Cheers cash site, have done all you told me to although for some reason i cant get into the windows firewall for the reason stated being "windows firewall cant run because another program or service is running that might use the network translation component (ipnat.sys)"

How can i configure the ports when i cant get in?:confused: sorry to be a burden.

Cheers for the backup tip i will ask Dehcbad today

Hmm.. not sure about the firewall... Other members might have experience with ISA, it is weird that you cant make real-time changes to the IPSec or Rules, but maybe it provides low-level firewall protection, thus must be loaded during driver boot-up...??

We'll get it sorted soon ;)

Sorry this has taken me a while to get back, we have moved on slighty now. When trying to connect we get a message saying error 649 which i looked up on google telling me that i dont have permission access to enter although it is the administrator a/c and correct p/w. Am i making policies correctly???? it seems i am pass the router stage now but another hurdle has been put in the way

when entering the administrator username, you may need to specifiy the domain first ie DOMAIN_NAME\administrator ... this will aid in authentication across different networks etc.

Cheers mate,

Blinding tip:cool:between your help and google and a bit of tampering i managed to vpn in and i am all connected but i dont get any graphical interface, especially as i want to maintain the server through this connection. How can i get to see the screen of my server so i can administer it:confused:

step by step hehehe

well once your connected to your network via vpn then you can just rdp into the server with the server name or the ip.

Yep, phish got it right... All the VPN connection does is 'virtually' adds your remote computer to the internal corporate network, ie, it assigns you an internal IP address, and access to shared folders etc...

So, once you've got the IP, then Remote Desktop/Terminal Services etc to the Domain Controller Server, and from there you can manage everything.

well I know I got it right ;)

All sorted

Cheers for your help. You have been invaluable

No Probs Sambo, hope you stick around :D