GRE 47
|
Prev: WSUS - MsiInstaller event ID 11722
Next: Malware
From: Joe on 26 Jul 2006 12:52 FREEMAN wrote: > I've forwarded both TCP port 47 and UDP port 47 to the SBS server-side NIC to > no avail. > > The error message in the SBS log says at the end to check with your ISP to > see if they are disallowing GRE packets. I really don't think this is it, > but I'm pulling my hair out on this thing. > > I have been able to successfully create an internal VPN, by hooking my > workstation up to a different Subnet, and using the SBS private IP, rather > than the Router's public IP. GRE is IP *protocol* 47, nothing to do with ports, which only a few of the IP protocols use, notably TCP and UDP. Most cheap routers don't do protocols explicitly, but many have 'services' which include the required protocols. PPTP is one such, and is the one you need. Some routers call it PPTP(TCP1723) while also secretly passing protocol 47.
From: Dave Nickason [SBS MVP] on 26 Jul 2006 13:42 FWIW, my Linksys had an option in the configuration that was called something like "Allow PPTP Pass-Through" that had to be enabled for this. It may not be on the page where you open or block ports. If you don't see anything obvious, you could try updating the firmware. I also had good luck with their tech support, although I have not called them in quite a while. And lastly, while this error is often caused by GRE, it's not always, so you could have a different issue altogether. Have you run the vpn wizard from the SBS Console? "FREEMAN" <FREEMAN(a)discussions.microsoft.com> wrote in message news:4E66EC7E-C272-4E4A-84EF-C4A19F5875B7(a)microsoft.com... > I've forwarded both TCP port 47 and UDP port 47 to the SBS server-side NIC > to > no avail. > > The error message in the SBS log says at the end to check with your ISP to > see if they are disallowing GRE packets. I really don't think this is it, > but I'm pulling my hair out on this thing. > > I have been able to successfully create an internal VPN, by hooking my > workstation up to a different Subnet, and using the SBS private IP, rather > than the Router's public IP.
From: FREEMAN on 26 Jul 2006 16:02 yes, I have ran the VPN wizard from SBS. Like I said, I was able to create an "internal" vpn connection by placing my workstation on a different subnet and rerunning the VPN wizard using the SBS's private ip address, rather than the routers static public one. I've called my ISP to make sure they don't block GRE ports, and I'm really ready to take a hammer to the Linksys router. I'm tempted to hook the SBS straight into our dsl modem and test it to see if it will at least allow the VPN to work then. Then I'll know for sure (I'm 98% sure already) that the Linksys VPN router is killing it. Any more ideas of what I can do to isolate the problem?
From: Chad A. Gross [SBS-MVP] on 26 Jul 2006 16:52 Have you upgraded the firmware on the Linksys router? Seems every other firmware release breaks VPN passthrough, and you either have to upgrade or rollback firmware to get it to work :^) -- Chad A. Gross [SBS-MVP] SBS ROCKS! www.msmvps.com/blogs/cgross www.mobitech.biz "FREEMAN" <FREEMAN(a)discussions.microsoft.com> wrote in message news:9C5AA949-9AAB-408C-A5B9-D4601EF7D68E(a)microsoft.com... > yes, I have ran the VPN wizard from SBS. > > Like I said, I was able to create an "internal" vpn connection by placing > my > workstation on a different subnet and rerunning the VPN wizard using the > SBS's private ip address, rather than the routers static public one. > > I've called my ISP to make sure they don't block GRE ports, and I'm really > ready to take a hammer to the Linksys router. I'm tempted to hook the SBS > straight into our dsl modem and test it to see if it will at least allow > the > VPN to work then. Then I'll know for sure (I'm 98% sure already) that the > Linksys VPN router is killing it. > > Any more ideas of what I can do to isolate the problem?
From: FREEMAN on 26 Jul 2006 16:59
Yes I have upgraded firmware. After much hunting I have found the solution!! I did a search in this forum for the specific model of my Linksys router (RV042 for future reference), and someone else had the same problem. Apparently, even though UPnP redirects port 1723 to the SBS, you still have to go forward the port manually on the router. Wow, what a wasted day, but at least I'm through this. Thanks for everyones help. |