VPN error code 628

Discussion in 'Server Networking' started by Rod, Sep 28, 2004.

  1. Rod

    Rod Guest

    Hi!
    I have to connect my PC at home to my pc at my office.

    Office : PC1 as VPN server (XP Prof.) ip 10.30.1.1
    router ip 10.30.1.2 - public ip 85.25.67.35

    Home : PC2 as VPN client (XP Prof.)

    On the router I forwarded TCP Port 3389 to 10.30.1.1. Is it the only port
    used by VPN connection ?

    When I try to connect I have ..."User and password verification" and after
    some minute I have error 628 (Port closed by remote PC).

    Could anyone help me ?

    Antonio Grasso
     
    Rod, Sep 28, 2004
    #1
    1. Advertisements

  2. Rod

    Rod Guest

    Excuse, the right port is 1723.
    I don't understand what I have to do with "...protocol name GRE..".
    Do I have to forward also the port 50 and 51 (TCP and UDP)?
     
    Rod, Sep 28, 2004
    #2
    1. Advertisements

  3. 3389 is for TS. quoted from http://www.ChicagoTech.net
    Which ports need to be opened for running VPN

    A: PPTP VPN uses TCP Port 1723, IP Protocol 47 (GRE); L2TP: UDP Port 1701;
    IPSec: Pass IP protocol 50 and 51. Note: 47 is a protocol number and not
    TCP port. The protocol name is GRE. It'll make a big difference when
    configuring your firewall or router.


    --
    For more and other information, go to http://www.ChicagoTech.net

    Don't send e-mail or reply to me except you need consulting services.
    Posting on MS newsgroup will benefit all readers and you may get more help.

    Robert Lin, MS-MVP, MCSE & CNE
    Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on
    http://www.ChicagoTech.net
    This posting is provided "AS IS" with no warranties.
     
    Robert L [MS-MVP], Sep 28, 2004
    #3
  4. Rod

    Bill Grant Guest

    If you are using PPTP, then tcp port 1723 is the only port you need to
    forward. But, as Bob said, your router must allow GRE in both directions.
    The VPN encrypted data is inside a packet with a GRE header. If the router
    blocks GRE in either direction, your VPN connection fails.

    Depending on your router/firewall. you can allow GRE by its name or by
    its IP protocol number (47). Some SOHO routers ever call it PPTP
    pass-through mode. What ever it is called, VPN will fail unless GRE can pass
    the router/firewall.
     
    Bill Grant, Sep 29, 2004
    #4
  5. Rod

    Rod Guest

    How could I decide to use PPTP on VPN Server (XP PRO) ?
    I connect but when it says "Username and passwords verification" it fails
    with error 628 (the connection was closed by remote pc)
    On the remote pc event viewer I have error 20049.

    I'm sure that username and password are corrected.
    Could you help me ?
     
    Rod, Sep 29, 2004
    #5
  6. Rod

    Rod Guest

    This is the error description on the server vpn (XP pro) :

    "ID:20049 (The user connected to port VPN7-1 has been
    disconnected because the authentication process did not
    complete withing the required amonut of time). "

     
    Rod, Sep 29, 2004
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.