Cincinnerdi Tech Stuff

A mind-numbing read if ever there was one

Success: One number makes all the difference!

leave a comment »

I got up to go to the eTech conference in Columbus (in fact I’m starting this post from a Panera down the street from the Columbus Convention Ctr) and went thru configuring RRAS to be NAT router and remote VPN at about 4:40AM. (By the way, this server is starting to be REAL SLOW. Guess it’s due to the services its running.)
I have never know what to do with the message given in the lower part of this screenshot:
The DHCP server seems to have been involved. After I trimmed down the PPTP and L2TP ports to 5 each, I get this DHCP lease assignments:

Here’s how it setup the basic firewall:
At the cafe, setup a new VPN client connection and tried it. No good. I got to go to the conference now and will try to fix it in the lab.
Back home, I notice that there was an error in the System log that occurred during the setup early this A.M.:
A MS KB article says that you can just shut down L2TP by settting ports to zero. OR setup certificates. I was hoping just to use PPTP and thought that would be the default.
Let’s try this again and I’ll sniff packets (using capture filter “not broadcast and not multicast and not arp”)
It showed absolutely nothing incoming! Outgoing from the client showed three PPTP SYN packets that never received a reply. Maybe the server firewall is killing incoming handshaking packets. I used’s shields up to test four ports and got this:
Hmmm. That looks correct. By the way this corresponds to the RED Properties screenshot above as follows:
Port GRC name Win name
500 isakmp IPSecurity (IKE)
1701 l2tp VPN Gateway (L2TP/IPSec-running on this server)
1723 pptp VPN Gateway (PPTP)
4500 ipscec-msft IPSecurity (IKE NAT Traversal)

By the way, notice that at no time did I try to select any specific IPSec, it defaults to PPTP.

Lets JUST probe port 1723 and sniff it.
In case I later care, here’s what a SUCCESSFUL server side PPTP VPN handshake looks like:
BTW, here is a screen shot from the client. Not sure what get’s the IP address for Let me check…
I decided to try to turn off the VPN facility by using the RRAS snap-in and selecting “Pause.” GRC still reports the port as open, but I’m assuming the server won’t answer.
I also, want to be able to use Remote Desktop to control the server from my laptop over the VPN. So I enabled the Remote Desktop for two users. It’s working well.


Written by scottledyard

2007, February 5th at 7:29 am

Posted in vpn rras

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: