Cisco WAN :: 1723 - PPTP Over NAT NVI
Dec 20, 2010
i have a user in LAN which needs access to remote PPTP server. My router uses NAT NVI for some reasons to provide internet access.
Problem is what tcp/1723 is NATed successfully and it appears what GRE traffic is NATed as well, but GRE packets are NOT passed back to user on LAN.
Config is that simple:
interface Fas4
ip address x.x.x.x x.x.x.x
ip nat enable
interface Vlan1
ip address 10.0.0.1 255.255.255.0
ip nat enable
ip access-list extended nat_clients
permit ip 10.0.0.0 0.0.0.255 any
ip nat source list nat_clients interface Fas4(code)
View 2 Replies
ADVERTISEMENT
Sep 11, 2011
We have just acquired a Cisco RV120W Firewall Router and we are experiencing issues with this router. I've read some threads related to port forward issue with RV120W before writing this new topic.
We have 2 locations (site A and site B) connected with a Site to Site VPN (PPTP) running under Windows Server 2008 R2 with TMG 2010. This Site to Site VPN worked very well until we replaced our old router with the RV120W at site B. Since this moment, our engineers are not able to make the site to site VPN work again. The TMG box are located just behind the router.
We have followed some threads about Port Forwarding but it did not solve our issue (others port forwarding rules for RDP for example work). Our RV120W is running the last stable firmware (1.0.2.6) provided by Cisco.
View 1 Replies
View Related
May 15, 2006
Can I configure a PIX (515), as PPTP client to establish a tunnel with non-Cisco PPTP server ? Can my PIX initiate this type of connection ?Today, I use a PC with PPTP client to establish this and I want replace this with a PIX and I don´t want depends of a PC.
View 5 Replies
View Related
Jul 17, 2012
Where did I need to go on the Concentrator to disable tcp 1723 and 10000? We don't require these to be open and our pen test shows these as being open.
View 1 Replies
View Related
Jul 15, 2012
I'm configuring this asa for to connect home users to my network using the native microsoft vpn clients with windows xp over internet.This asa have on the outside interface one public intenet ip and in the inside inferface have configured in the the network 192.168.0.x and i want to acces to this network from internet users using native vpn clients.I tested with one pc connected directly to the outside interface and works well, but when i connect this interface to internet and tried to connect on user to the vpn i can see in the logs this, and can't connect with error 800.TCP request discarded from "public_ip_client/61648" to outside:publicip_outside_interface/1723"
(running configuration)
: Saved
:
ASA Version 8.4(3)
!
hostname ciscoasa
enable password *** encrypted
[code].....
View 6 Replies
View Related
Feb 1, 2011
I have small business server 2003 setup as a DC and did not install exchange, i use hosted exchange. i am trying to setup vpn and have opened port 1723 on both of my router. my network routes through a wireless router(192.168.1.1) (port 1723 forwarded to .1.104) to a second wireless router (192.168.2.1) to my server with two nic cards (.2.2 - external and .2.103 - internal) (port 1723 forwarded to .2.2) i can telnet 192.168.2.2 1723, .2.103, .1.104 - my ip of my second router handed by the first router. my server in handling dhcp and it is disabled on my .2 router. I CAN NOT telnet my public ip handed to 1.1 from the ISP(my internet IP). it tries for about 30 secs and dies.
View 8 Replies
View Related
Sep 10, 2012
I have two Windows7 machines (PC and laptop). I've set PC as VPN server and laptop as VPN client using default built-in W7 network tools. I've disabled use default gateway in remote network on client machine, so client don't try to route all communication through VPN. I've routed port 1723 (TCP/UDP) on NAT to my server and enabled IPSec/PPTP/L2TP passthrough
I've put my laptop in indepedent network (basically I've connected it via 3G network), connected to VPN server and checked ipconfig /all
I've get:
IP Address: 192.168.1.101
Mask: 255.255.255.255
Gateway: (none)
LAN mask in server LAN network is 255.255.255.0 - I am surely missing something obvious, but Google doesn't give me any good advices; How can I access local LAN network from remote VPN client? How can I access local shared documents?
View 2 Replies
View Related
Jul 25, 2011
I'm having a problem forwarding port 1723. What i'm trying to do is to use VPN to access my server pc and I don't want to use the VPN software that is in the router. When I telnet the port it goes through but when i try to access it outside of the office I can't get through. I've been using [URL] to check port 1723 and I get this:
Error: I could not see your service on XX.XX.XX.XX on port (1723)
Reason: Connection refused
View 4 Replies
View Related
Dec 15, 2011
an RVS4000 shall establish a pptp VPN connection. The router is connected trough its WAN port to the first router which connects to the internet.
The PPTP VPN connection cannot be established but the pptp server can be pinged from the VPN router. Login data and password is OK. Connection can be established from a win7 computer without any problem.
View 3 Replies
View Related
Jul 2, 2011
I have a Cisco 877 router and I configured it to act as a VPN server, supporting both PPTP and L2TP VPNs. I can succesfully connect to it from Windows computers using the built-in VPN software.There is only one problem: when using a PPTP VPN, encryption doesn't work. If I configure the client to require encryption (default setting), the connection fails with an error about the remote endpoint not supporting it. If I remove the encryption requirement, the connection succeeds. I've also tried tweaking the encryption settings (40/128 bits), but this didn't work either. [code]
The router's IOS version is 15, and it fully supports encryption. The strangest thing is, encryption is actually required in the router config; but not only the router doesn't seem to offer it... it also accepts unencrypted connections, which it shouldn't. It's like the ppp encrypt mppe auto required command is completely ignored.
View 2 Replies
View Related
May 22, 2012
I'm trying to set up a permanent VPN connection for an Expat. We've got an RV042 set up on site to act as the server, and an RVL200 as a client. This RVL200 will be behind a home router, so it needs to initiate the connection every time; the site side router won't be able to see it behind the Expat's home router.I've got a PPTP server set up on the RV042, and I'm trying to get the RVL200 to connect to it as a client. Is there any way to do so, or will we need to go with another option? Because on the RV042, I see no way to set up an SSL server of any kind; only a direct SSL Tunnel, which won't work as again, the RV042 will not be able to see the RVL200.
View 1 Replies
View Related
Mar 6, 2011
We have a Cisco 891 with this configuration belowI got several computer on my lan that needs to connect to an external Windows server with pptp. The windows server is not mine but it works. The clients are using the windows connection manager. We can connect to the windows pptp server for hours sometimes.But, sometimes we can just connect about 3-4-5 minutes, and it auto-disconnects. Is there something wrong in my configuration ? I heard the cisco router is messing with the keepalive or the connection state.It seems to happens when i have more than 5-6 clients connected at the same time on the same server. I got theses mesages : Link to VPN failed. OR ERROR 619 OR ERROR 651Before, I had a RV042 and it worked like a charm. We were 10 on the vpn server and it was working. I dont see why Its not working now.
version 15.0no service padservice tcp-keepalives-inservice tcp-keepalives-outservice timestamps debug datetime msec localtime show-timezoneservice timestamps log datetime msec localtime show-timezoneservice password-encryptionservice sequence-numbers!hostname Quantis891!boot-start-markerboot-end-marker!!aaa new-model!!aaa authentication login local_authen localaaa authorization exec local_author local !!!!!aaa session-id common!!!clock timezone PCTime -5clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00!!!no ip source-route!!ip dhcp excluded-address 10.10.10.1ip dhcp excluded-address 10.1.1.201 10.1.1.254!
[Code] .....
View 2 Replies
View Related
Jul 6, 2012
I recently obtained a 2901 router running 15.2(2)T to replace my old 877 which was running 15.1(4)M1. The 2901 is humming along quite nicely but I have had difficulty configuring one feature which was working fine on the 877. The router needs to be a PPTP client to a hosted VPN service. On the 877, I had it configured like this: [code] I then had a dialer interface to actually set up the connection, and some PBR to control what went over the VPN. All well and good, and it worked fine. But on the 2901, when I try to configure the same thing, there is no such command as "protocol pptp" -- the only option is protocol l2tp.Was PPTP support deprecated somwhere between 15.1 and 15.2, or does the 2901 itself not support it for some reason? Obviously I understand that l2tp is superior to pptp, but at the moment this is my only option.
View 2 Replies
View Related
Mar 9, 2012
I am trying to configure a Cisco 871 to act as a PPTP VPN server on my home network. I have referenced Cisco's documentation regarding this which I will include below as well as a copy of my current running configuration and terminal monitor information from when I attempt to establish a connection.
When I attempt to connect from a Windows machine I receive the following error: 'Error 807: The network connection between your computer and the VPN server was interrupted.' 'The remote device won't accept the connection.'When I attempt to connect VIA my mobile, I get 'The server has hung up'.The 871 does detect the incoming connection which can be seen from the terminal monitor output: url...
View 2 Replies
View Related
May 19, 2012
Looks like cisco 857w does not support pptp client in my IOS version, only l2tp is supported. Does there is some IOS version I can upgrade/downgrade to configure cisco as pptp client?
View 1 Replies
View Related
Jul 19, 2012
I set up a PPTP VPN with an RV220W recently. It was working flawlessly until a recent power outage and now users are getting the 807 error when attempting to connect. I have PPTP passthrough enabled and TCP/UDP 1723 open. As far as I can tell GRE 47 is open as well. Why it was working and is not working after a power outage?
View 2 Replies
View Related
Mar 21, 2011
don't steer the topic from PPTP to IPsec and other types of VPN which is more secure than PPTP,,,,etc have got this scenario windows 7 is acting as vpn client at home and windows XP is acting as vpn server at workAt home (LAN address is 192.168.10.x/24)And I configured windows 7 as VPN client same as here [CODE]
View 6 Replies
View Related
Oct 31, 2011
Cisco 2651xm router
IOS: c2600-ipvoicek9-mz.124-15.T7.bin
Can a 2651XM router be configured as a PPTP VPN endpoint (client)? I ask because I want to connect this router to a professional vpn (privacy) service such as proxpn or mullvad or similar. If it can't, any vpn privacy services that cater for cisco-based vpn connection?
View 0 Replies
View Related
Apr 10, 2012
How to enable PPTP passthrough on Cisco ASA 5505?I have a RRAS server inside and the client is trying to connect from outside.
View 1 Replies
View Related
Sep 19, 2011
I am actualy trying to make a remote access VPN between a ISR1921 and Windows 7 pro. I already managed to put a PPTP VPN with an authentication against our LDAP databse via radius. But our password are in SHA1 in our LDAP, so I had to let the password unencrypted on the network using pap and this is bad.If I don't use pap, it simply doesn't work since all the other method need unencrypted password for the challenge authentication.Does that mean that every remote access VPN keep our password unencrypted ? Maybe use EAP (but I can't find a howto or good documentation about it)? Can I add a certificate or something?
View 1 Replies
View Related
Mar 23, 2012
I recently installed a new 220W with the sole intention of setting up the PPTP server. I got the router installed and working but cannot get the PPTP server working. Also when i configure a block of IP address from my lan for the server it tells me i cannot use that subnet? i have set it up this way with other routers ( RV042 ) with no issues.
firmware is 1.0.0.26
View 3 Replies
View Related
Feb 2, 2012
How do I change the subnet of a PPTP VPN network on an RV220w?
View 1 Replies
View Related
May 6, 2008
i read cisco document:[URL] pptp client is in inside,pptp server is in outside.when i donot use firewall, the pptp connection can establish successfully.but use pix 525 7.0(7) i config:
inspect pptp.
pptp connection cannot setup.
show connection in pix:
pptp tcp 1723 is ok.
gre connection only one "E" flag, E means 'outside back connection'.i try second method:delete 'inspect pptp',permit tcp 1723 and gre traffic from outside to inside, and i have config static nat,but the pptp connection cannot work too.so i think there is a pptp bug exist in pix 7.0(7).
View 5 Replies
View Related
Jul 28, 2012
We would like to have the ability to connect to a VPN of a business we recently acquired. When connecting to it directly from the Internet (no firewall), it is accessible. However, behind our firewall, there is no access. We are using Cisco ASA 8.2 (2).Currently, we have an entry as follows:
-object-group service PPTP tcp
-port-object eq pptp
access-list inside_access_in extended permit tcp any host object_name object-group PPTP. we want any device within our network to be able to access the VPN via PPTP.
View 6 Replies
View Related
Feb 7, 2012
A user in our office needs to connect to a client's remote PPTP VPN but can't connect. The user is running Windows 7. We have a Cisco PIX 515e firewall that is running PIX Version 6.3(3) - this is what our user is having to go through to try and make the connection to the client's remote VPN.
The client's network guys have come back and said the issue is at our side. They say that they can see some of our traffic but not all of it. The standard error is shown below, and they say it's symptomatic of the client-side firewall not allowing PPTP traffic:
"A connection between the VPN server and the VPN client XXX.XXX.XXX.XXX has been established, but the VPN connection cannot be completed. The most common cause for this is that a firewall or router between the VPN server and the VPN client is not configured to allow Generic Routing Encapsulation (GRE) packets (protocol 47). Verify that the firewalls and routers between your VPN server and the Internet allow GRE packets. Make sure the firewalls and routers on the user's network are also configured to allow GRE packets. If the problem persists, have the user contact the Internet service provider (ISP) to determine whether the ISP might be blocking GRE packets."
I have very little firewall experience and absolutely no Cisco experience I'm afraid. From looking at the PIX config I can see the following line:fixup protocol pptp 1723.Does this mean that the PPTP protcol is enabled on our firewall? Is this for both incoming and outgoing traffic?
I can see no reference to GRE 47 in the PIX config. What I should look for to see if this has been enabled or not?
View 5 Replies
View Related
Mar 22, 2011
I need add following to our firewall configuration ( we are changing watchguard firewall to cisco and it was necessary to be configured this way )
1) I need to create 1-1 NAT for our voip system and video conferencing unit and to do it as bellow
VOIP-SIP : from 85.90.225.100 to 217.207.96.121 on port tcp/udp 5060
VC-SIP : from any_external to 217.207.96.120 on port tcp/udp 5060
VC-Video : from any_external to 217.207.96.120 on port tcp/udp 60000 to 64999
VOIP-RTP : from 85.90.225.100 to 217.207.96.121 on port tcp/udp 10000 - 20000
2) I need to eneble to pass PPTP traffic from outside to inside and vice versa
current config:
Result of the command: "show running-config"
: Saved:ASA Version 8.2(2) !hostname ciscoasa
namesname 10.10.1.19 barracudaname 192.168.1.2 ctxdmzname 10.10.1.39 ftp1name 10.10.1.38 ftp2name 10.10.1.37 ftp3name 10.10.1.192 mailsvrname 217.207.96.114 outside_114name 217.207.96.115 outside_115name 217.207.96.116 outside_116name 217.207.96.117 outside_117name 217.207.96.118 outside_118name 217.207.96.119 outside_119name 217.207.96.120 outside_120name 10.10.1.8 transfer_servername 10.10.1.10 backupsvrname 10.10.1.4 citrixsvr1name 85.90.225.100 voip_sipname 10.10.1.9 minimac1name 82.111.186.146 sdt_rdpname 217.207.96.121 outside_121!interface Vlan1 nameif inside security-level 100 ip address 10.10.1.1 255.255.255.0 !interface Vlan3 nameif dmz security-level 50 ip address 192.168.1.1
[code]....
View 5 Replies
View Related
Jan 26, 2012
I have a pptp server on my network and am trying to configure my new RV110W so that I can tunnel through to it from outside.
I believe I must do port forwarding for TCP on port 1723 to get those packets going to my PPTP server. PPTP also uses GRE and I don't see that as an option anyware in port forwarding... Does that just work... as a matter of the VPN pass through checkbox being enabled ?
My netgear router would lock up every few days but it under the firewall configuration it had list of services that included PPTP and I just selected that, entered the IP addresses on the outside that I would accept, and the IP address on the inside that the PPTP clients would connect to, and it worked....
I'm thinking it is harder on this device because this device supports actually logging into it.. I am interested in learning more about that technique especially if it is more secure but the way I see it the firewall device can see all of my network and the pptp server I am using is on a file server and limited to those files shared on that server.
View 3 Replies
View Related
Aug 8, 2012
I Have RV220W Rev 1.0.3.5/I want to create 5 users adn connect remotely to the office network using a PPTP connection.
I have enabled the PPTP server and created users.From a remote location (WAN) on Windows 7, I have created a PPTP connection and I can connect however I can not ping or map to the office network.
View 13 Replies
View Related
Sep 21, 2012
My network to use a RV042 router. It is connected to my cable modem and working well. I may add a DSL connection later in the month as a backup. All I really want to do now is setup my PPTP VPN connection. I have not been able to find a guide so I will assume it isn't that bad. I set up 2 accounts in the VPN-PPTP Server screen. Built my connection on my android phone and voila nothing works. So I tried to disable the "Block WAN requests". I tried port forwarding the VPN to 192.168.1.1 (address of the router) and no luck. AT this point I am stuck. I know my infrastructure is right because from outside the network I can [URL] and see my router configuration. Now if I could just get a simple PPTP connection
View 7 Replies
View Related
Sep 15, 2011
I have an I pad 1, a Linksys RV042 At My Office. And a Cisco RV042 at my Home
However I'm Creating PPTP Connection on my I pad For Both VPN , Office is Connection, but Home is not Connecting. I tried to connect to Home Thru any PC, And It is Working. Any Issues With I pad and Cisco Firmwares and Software?
View 1 Replies
View Related
Apr 2, 2012
I need a name resolution within my pptp users. How do I configure the dns settings of a pptp user client.
View 4 Replies
View Related
Nov 9, 2012
My ISP has just implemented a new network on the cable infrastructure which uses a PPTP authentication method. It works on my Cisco RVS4000 router as there is an option to set PPTP as the WAN type. The only trouble with the RVS4000 is that the performance is very poor, hence I am trying to get it working with a Cisco 1921. I have looked high and low and I cannot find an sample of a Cisco router functioning as PPTP client to a ISP.Enclosed is the screen shot of my Cisco RVS400 with the options etc.
View 2 Replies
View Related
Sep 16, 2011
I have two virtual machines (of Oracle VirtualBox). On one of them,I installed Windows Server 2003 and on the other I installed Windows XP (SP3). I made two VPN connections between them one is PPTP-based and another is L2TP-based. Now I want to transfer a file from the server side to the client side (Windows XP) once using the PPTP-based VPN connection, and again using the L2TP-based VPN connection. And by using the network monitor (protocol analyzer), I have to determine which protocol is more secure than the other.how to know which one is more secure using the network monitor?
View 1 Replies
View Related
