Ok, here's the deal. I have configured both PPTP and L2TP connections to our server. The server is behind 2 router/firewalls with all necessary ports being forwarded.
Remote clients can connect via both PPTP and L2TP. However, some clients report that when connecting through PPTP, after 15-30 mins. they lose connection. Note: The connection icon indicates that it is still connected and they do not receive a pop up that the connection has been terminated. But, they lose the ability to browse the network and Exchange says "trying to connect".
When connected through L2TP they are able to keep the connection for anywhere from 3-6 hours, but it will eventually drop the connection the same way as through PPTP.
Idon't mean to take over your thread but if its not too much to ask, can you give me some tips on how to properly configure my VPN connection.
When double-clicking and trying to connect on the 'Connect to Small Business Server' connection that is created by default in SBS 2003, I get the following error - 'nable to establish the VPN connection. The VPN server may be unreachable, or security parameters may not be configured properly for this connection. (Error 800) For customized troubleshooting information for this connection, click Help. Connecting is cancelled. Click Connect to begin connecting again. To work offline, click Cancel.'
For some reason it just won't work.
Is there anything I might be missing? Do I have to configure anything with my ISP?
Also, the https://mydomain/remote link that you get in the Welcome email message after setting up SBS2003 gives me a 'mydomain.co.uk' doamin name to connect to. However, my doamin is mydomain.local. Does thia .co.uk make a big difference and does this mean I configured it wrong?
jefton5...I have a couple questions regarding your setup.
Do you have a FQDN pointing to your IP for your server? Meaning sbs.domain.com points to x.x.x.x?
Also, is your server behind a router/firewall? You will need to configure port forwarding on the router if so. PPTP uses port 1723 and L2TP uses port 1701.
Your internal domain may be mydomain.local, but your FQDN needs to be mydomain.co.uk or similar. When someone tries to access the remote web page of your server from outside your network they will be going to http://mydomain.co.uk/remote not http://mydomain.local.
As I said before, I don't mean to take over your thread, but thanks very much for your response.
I'm new to VPNs. However, I'll do my best to both configure it right and answer your questions.
*Do you have a FQDN pointing to your IP for your server? Meaning sbs.domain.com points to x.x.x.x?*
I'm not entirely sure what you mean. I think this is probably where my configuration headache lies. The welcome email I got from the server said to connect to mydomain.co.uk.
I don't know of any FQDN (mydomain.co.uk) that we have. We only have a few domain names with a different ISP to our broadband ISP.
Who handles your DNS for your domain? I'm assuming from your response it's your ISP. You would have to create an A record pointing your domain name mydomain.co.uk to your server's IP address.
Also, you need to have your ISP create a pointer (PTR) record for your IP address. This is basically reverse DNS, mapping your IP address to your domain name. If you don't do this some domains will not accept email from your server.
If you've never created an A record or other record through your ISP's DNS service then I would call them. Usually you can log in online and do this yourself. I realize that your server will be doing DNS for your internal network. You might also want to think about changing your IP address scheme for your office if people are going to be VPNing from their homes. You don't want the IP address range (i.e. 192.168.0.x) to be the same as their home IP range. Most home routers will assign in the range of 192.168.1.x or 192.168.0.x.
We are just sorting out 'Business broadband' with our ISP so we can have a static IP. Also, does this mean I then just phone them to create an A record for my static IP or my FQDN?
Also, I've tested my laptop at home and before we moved to a SBS2003 domain my laptop could connect to the internet through my home broadband. Now it won't connect at all. It says 'limited or no connectivity'. Do you know why this is? And how can I then get it to connect to the internet at home?
Yes, you'll defintely want to get static IP for your server. If they handle DNS for your domain then yes you would have them create the A record. So, mydomain.co.uk points to whatever your IP address is from your ISP.
The problem with your laptop could be the built-in connection manager with SBS if you used that to try and create the VPN. The application may have made your server a proxy server for the internet. To check this I'd go to Control Panel, Internet Options and click the Connections tab. In the Dial-UP and VPN settings box check to see if anything is there. If your VPN connection is there make sure underneath you have "never dial a connection" selected. See if that helps.
Sorry for the late reply and thanks for your response. I'll try and sort out the Static IP address with my ISP somewhere this week and see how far we get.
As for the Connection Manager in SBS. I do think there's something wrong with it. The reason being that it does not even work internally. It gives me the error message in my first post above.
However, I did create another connection and that one worked using the server's IP address etc. This connection however does not work externally seeing that I configured using the server's internal IP address.
If I then want to connect to it externally, I suppose I should then configure it using the router's IP?????
Also, have you got issues with (if you use any) laptops not wanting to connect to the internet from say your home broadband? Previuosly when we were still in a Workgroup our laptops could connect to the internet even at home. Now it won't connect and I testes this with two other users???
Thanks alot. I don't know when but I'll post back on the VPN configuration and statip IP issue when I've got a heads up next time.
Have you configured everyone in the office to use static IP and DNS servers? If so when they go outside the network it will not work. You'll need to change them to dynamic. For this to work in the office you'll need to have a DHCP server (either the router or the SBS box, SBS box would be better) handing out IP addresses.
Yep, their all configured using dynamic IP addressing. However, DHCP is provided by the NETGEAR DG834 Router. I am looking to move DHCP to the SBS2003 box in the new year as soon as we come back into work.
Is this (DCHP on router) a big concern?
Even though their dynamic, for some reason we can't connect to home broadband.
The information on Computing.Net is the opinions of its users. Such
opinions may not be accurate and they are to be used at your own risk.
Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net, LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE
Version Tracker Pro
Driver Agent