I set up a Win2k3 SBS (Small business server) and all seems to be working fine. Now I am trying to make this thing a VPN server so that I can reach it when outside of my office. I followed (as best as I could) the instructions that are provided my Microsoft's white papers/how-tos. However, I noticed that they assume that your server has two NICs and acts as the router. While in my setting, I have my server behind a router/firewall (SMC). After doing all the steps in the papers and setting up the connection on my client machine, I still ge the "error: 800" which tells me that the VPN server is unreachable. I did and redid all the steps in the instructions, so now I am thinking that maybe I have to do something to the router/firewall...I recall reading something about opening some ports or something.... Any ideas of what I am missing or where I can get the needed steps? Thanks for any assistance. r.

For one thing, you've got a router/firewall between you and the server....so unless it allows VPN passthrough.......you will have to remove it from the mix and plug your internet directly into the server as directed in the white papers. If it does allow VPN passthrough, then set that up so the connection can pass through the router to the server. Think of it this way. You're trying to get into a room. There are two doors you have to get through to get to the room, the door "firewall" and the door "server". You're not opening the "firewall" door (which is between you and the door "Server"), so you obviously cannot reach the "server" door to open it and get into the room.

Ur setting is ; SBS2003 --> Router --> Internet So did u configure the route at the router correctly? And as a VPN server, u will still need 2 Nic correct? One nic is to connect u to the router which lead u to the interent (WAN) n ne nic to connect you to the internal lan. I am also very new to this so pls allow me to join in the discussion.

Thanks for the replies, they are really appreciated. The "official" Microsoft guides say that one needs to have two NICs. One that goes into the internat (to the modem) and one that goes to the LAN (the switch/hub). However, this set up is only if one is not using a router in the set up. Seems that the people from MS, want you to use the server for everything, even to act as a router and DHCP server. However, I have also seen/read that one can do the set up with only one NIC if indeed there is a router in the setup. And it is in this set up that port forwarding come into play...which is probably what I am missing. I can go to the control pages on the router and see the setting for firewall and port forwarding, but honestly, I have no idea of what to punch in in the fields. Anyhow...I guess I will install another NIC in the server and see what it does.... thanks, r.

I was able to get the VPN going. This document was very helpful. http://support.microsoft.com/default.aspx?scid=kb;en-us;324747 My setup still had only one NIc but it was connected to a router/firewall so I guess that is the alternative to having 2NICS. However, the router needs to allow VPN (PPTP and the other) traffic (I think probably all newer routers do...I have tried it in a Belkin and a SMC, both under 80 dollars). The items to pay close attention when setting up the server are: - making the groups for vpn access - adding the users under this group - making this group a member of the RAS (the group that is already made by the server, not the one you made). The last section of the document which deals with access policies is something I don't recall addressing in my unsuccessful attempts. Lastly to test the set up, one can not test the connection from within the same network...it will not work and you will think it has to do with the server setup. One needs to test the connection from outside the network. So maybe one needs to go to another network and connect (say at a coffee shop or friend’s house). Before I went to my friends house to test the connection for "real" I unplugged the network cable from laptop (to make sure I was out of the network) and then dial-up an old fashion IPS (Netzero in this case because it is free)and the test the VPN connection. Once I saw the password checking process going on, I had a good feeling and then went to my friend’s house to test the connection via broadband (it all worked fine). Now, once the VPN connection is up and running, don't be surprised if you can not see the other computers in My Network Places, along with the shared resources. It seems that these will not show up and you need to add each needed resource with "Add a Network Place" option. Having done all of these....now I think that Remote Desktop might be a more practical approach...which also worked fine and it allowed me to surf all network resources. However, I was not able to neither transfer files from the server to the local computer nor print via a local printer.....BUT I was able to email to myself any needed files for printing. Hope this helps.

Have you looked into remote desktop?