Batboard

I have the need for a VPN to connect up remote desktop over the internet. This is an occasional use item and I am trying to get the built in VPN to work in XP Pro. I set up the incomming connection, and the other computer to call it. It will link to the IP, and just sit on verifing user name and password. It will then fail. I have port fowarding of 1723 on the linksys router to each internal IP and just can't get it to work. Anyone have this working, and is there any windows firewall holes I have to make.

This did work about 1 year ago, but now I can't get it to work.

Yes, if you have the built-in WinXP firewall running (by default, yes), you need to allow those ports as well...or just disable it altogether since your router is protecting you better than the XP firewall anyway.

Todd

Yep, i had that problem once. It was the XP Firewall, the second i turned it off everything connected right up and worked perfectly.

If your running the XP Firewall and Linksys Router you have two firewalls running together back to back. Nothing but a pain in the butt, and no reason to run both a hardware and a software firewall.

The Linksys firewall is all you need.

kb0nly wrote:The Linksys firewall is all you need.

Technically the Linksys is not running a firewall. If you are using NAT (99.9% of home users with a router are) then it is more of the router thinking "I have no idea where this incoming packet should go, so Ill just throw it away." But yes, if you have a router, you do not need a firewall on any of the "internal" computers.

ku4zs1 wrote:

kb0nly wrote:The Linksys firewall is all you need.

Technically the Linksys is not running a firewall. If you are using NAT (99.9% of home users with a router are) then it is more of the router thinking "I have no idea where this incoming packet should go, so Ill just throw it away." But yes, if you have a router, you do not need a firewall on any of the "internal" computers.

Very true!

But most of the time i just say it has a firewall out of habit, that comes from working with a lot of technically inept customers. Easier to explain that way.

OK, I turned off the firewall on both computers and the VPN hooks up. I notice my local connection to the internet stops and it only communicates with the VPN.

Now I start remote desktop and it does not find any computer. How do I get it to connect to the computer on this vpn? The host is a stand alone xp pro. Iam I missing some other check box???

when you connect via vpn, it assigns you a seprate ip in the 169 range. you must use that ip anytime you are wanting to access resources on the computer you are vpn'ed into. if you click the propertys tab it will show you the server ip.

It assigned 192.168.1.101 and subnet mask 255.255.255.255.

The computer at the other end of this vpn is 192.168.1.100

It shows when connnected the internet ip
then

192.168.1.101
255.255.255.255

Could it be a subnet issue and should I have the client specifiy and address, or have the host assign a specified address?

If I check the properties for the VPN when connected it says the server is 192.168.1.1 and the client is the same...

If you don't like dealing with XP's VPN, check out Hamachi... http://www.hamachi.cc/

Zero-configuration VPN that bypasses firewall issues by using a mediation server during the tunnel buildup. Very cool.

hmm, i have a vpn server on a windows server 2k3 box and it gives me a 169. once i am vpn'ed in i go to propertys and look at the server ip. from there i can remote desktop in and \\ to the machine. have you tried pinging the server once the connection has been made?

Worked good this morning! I think I had a similar IP problem on the home network.

Now any idea how to punch a hole through Symantec Client Firewall? If this is off all runs well!

rrfd43 wrote:Worked good this morning! I think I had a similar IP problem on the home network.

Now any idea how to punch a hole through Symantec Client Firewall? If this is off all runs well!

Jeezus...how many firewalls/layers of security do you have running

This link may help you out:

http://integrity.castlerockresearch.com ... ration.pdf

And this one goes into detail on the 'advanced' tab settings, about 1/2 way down the page:

http://wings.buffalo.edu/computing/docu ... ntrolpanel

Well I got windows firewall shut off.

Just symantec running. I learned to allow an exception for the IP address where connect to. All works good now, thank you!

[quote="rrfd43"]Well I got windows firewall shut off.

Just symantec running. I learned to allow an exception for the IP address where connect to. All works good now, thank you![/quote]

windows firewall is like a bandaid on a broken leg.
any firewall is better than microsofts SP2 firewall

Jim2121 wrote:

rrfd43 wrote:Well I got windows firewall shut off.

Just symantec running. I learned to allow an exception for the IP address where connect to. All works good now, thank you!

windows firewall is like a bandaid on a broken leg.
any firewall is better than microsofts SP2 firewall

If the computer is connected directly to an unsecure network, such as the internet, then yes you need something better than the XP firewall. But if your connected to a private network and secure to the outside world where the networks are connected, such as a router to the internet, then your ok with the XP firewall. Though it shouldn't be needed in the first place if your network is protected properly and all the computers are on a private network.

Another note to keep in mind, on some Linksys routers, the firmware does not handle PPTP VPN passthrough properly. I think it was early V3.x firmware. The current firmware does function properly.

Got this all working but one computer.
I can link out of "point a" to "point b" and run remote desktop.
I can link from "point b" to "point c" and vice versa.
I can link from "point a" to "point c"

I can not link into "point a" from anywhere. It tells me that it is verifing username, but it never connects. I tried multiple different computers and it does not work. I set up the incomming connections each time and fowarded port 1723, 47, and 500. I even put the computer into the DMZ on the router. Just can't get it to work. Any and all software firewalls off....

Awww, for those that care.....A firmware flash solved the problem. It pissed me off that it would work on the same model router at home that had one newer flash revision. The new flash from linksys worked. A problem with VPN passthrough was noted in the flash upgade readme as to the enhancement.