VPN Server(RRAS) only works with clinet from the same subnet, Erro

Discussion in 'Server Networking' started by Jeff, Feb 28, 2007.

  1. Jeff

    Jeff Guest

    Hello everyone,
    Need help from experienced admins.

    Scenario #1,
    Windows 2003 VPN Server (RRAS), external NIC connects directly to internet
    for testing purpose. No firewall, no router etc for this connection. Internal
    NIC connects to Windows 2003 domain. Get error 721 on internet client side.
    telnet vpn-server-ip 1723 works fine. By running ethereal on vpn server, I
    can see there are several PPTP requests coming in. But VPN server logs
    nothing (is set to logging all events).

    Scenario #2,
    Shutdown VPN service. Then I run pptpsrv on server side and pptpclnt on
    client side, there is no problem. Following is output on server side,
    Start >>>>>>>>>>>>>>>>>>>>>>
    Now you must run pptpclnt.exe on remote machine
    Waiting for inbound connection on TCP port 1723...
    Inbound connection from client has completed successfully!
    Data received from client:
    ---> abc
    Sending the message 'Reply from server' to the client
    Connectivity test to TCP Port 1723 was successful!!!
    Closing down socket...
    Created socket for GRE protocol test
    Listening on PROTOCOL 47 for incoming GRE packets...
    <<<<<<<<<<<<<<<<<<<<<<< End

    And this is output on client side,
    Initializing WinSock...
    Obtaining host information...
    Successfully resolved server's host information
    Enter data to send to server (between 1 and 255 chrs.), then hit enter:
    Successfully connected to server using TCP port 1723 (PPTP)
    Sending data to server

    Waiting for a reply to the data which was just sent...
    Received a reply. Reply contains the following text:
    ---> Hello, there! This is a reply from the server.
    Connectivity test to TCP Port 1723 was successful!!!
    Closing down socket...

    Creating a socket to test GRE protocol traffic...
    Total GRE packets sent = 1
    Total GRE packets sent = 2
    Total GRE packets sent = 3
    Total GRE packets sent = 4
    Total GRE packets sent = 5
    Check server to see if the GRE packets were received successfully
    Closing down socket
    <<<<<<<<<<<<<<<<<<<<<<<<<<< End

    Scenario #3,
    No change on 2003 VPN server, just plug out the network cable of external
    connection from T1, and plug it into a hub, connect another Windows XP box to
    the same hub, change XP’s IP so that it’s in the same subnet as VPN server’s
    external network. VPN client works fine.

    Scenario #4,
    Take what we have in Scenario #3, just change IP of XP VPN client, so that
    it isn’t in the same subnet of VPN server. Get error 721, same as Scenario #1.

    Is VPN server dropping requests coming from outside subnet. How to config it.
    Thanks in advance
    Jeff, Feb 28, 2007
    1. Advertisements

  2. Jeff

    Jeff Guest

    Sorry. Please ignore the last scenario, there is no error 721 there. Hub
    won't route request at all. I got server can not be reached.
    Jeff, Feb 28, 2007
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.