Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Networking Networking
Search Search
Search for:
Tech Support Guy > > >

vpn port 1723


(!)

Bat_Manuel's Avatar
Bat_Manuel Bat_Manuel is offline
Junior Member with 9 posts.
THREAD STARTER
 
Join Date: Sep 2010
Experience: Beginner
24-Sep-2010, 07:23 PM #1
Question vpn port 1723
Im trying to set up a vpn. Im running windows sbs 2008 and when i run the vpn wizard it tells me that i "must manually open port 1723 and point it to the IP adress of the server". I have a Cisco rv 120w wireless-n vpn firewall router and i went to the port fowarding tab and set it up like so


and I try the vpn wizard again and its still telling me the same thing. Am i setting it up wrong or what?
Attached Thumbnails
vpn port 1723-port-1723.jpg  
Squashman's Avatar
Trusted Advisor with 19,645 posts.
 
Join Date: Apr 2003
Location: 1265 Lombardi Ave
24-Sep-2010, 08:58 PM #2
I am slightly confused. You are port forwarding to use SBS as your VPN server even though your router has VPN capability?
Bat_Manuel's Avatar
Bat_Manuel Bat_Manuel is offline
Junior Member with 9 posts.
THREAD STARTER
 
Join Date: Sep 2010
Experience: Beginner
26-Sep-2010, 04:19 PM #3
i thought thats what i need to set up the remote acsess for sbs. its my first time trying to set this up. but to answer question yes
Squashman's Avatar
Trusted Advisor with 19,645 posts.
 
Join Date: Apr 2003
Location: 1265 Lombardi Ave
26-Sep-2010, 04:36 PM #4
Could you give us the exact error the VPN wizard is giving you. Or just post a screen shot of it.
Squashman's Avatar
Trusted Advisor with 19,645 posts.
 
Join Date: Apr 2003
Location: 1265 Lombardi Ave
26-Sep-2010, 04:52 PM #5
I think you should look at using the Router as the VPN instead of your 2008 Server. But that is just my opinion.
We have a Cisco guru here that I can redirect his attention to here.

Here is the admin guide for that router.
http://www.cisco.com/en/US/docs/rout...120w_admin.pdf
__________________
.
Bat_Manuel's Avatar
Bat_Manuel Bat_Manuel is offline
Junior Member with 9 posts.
THREAD STARTER
 
Join Date: Sep 2010
Experience: Beginner
27-Sep-2010, 06:03 PM #6


This is what the vpn wizard is telling me. If i use the router to set up the vpn would it be slower or faster, or would it still be about the same?
Attached Thumbnails
vpn port 1723-untitled.jpg  
Squashman's Avatar
Trusted Advisor with 19,645 posts.
 
Join Date: Apr 2003
Location: 1265 Lombardi Ave
27-Sep-2010, 08:13 PM #7
I guess I don't understand what your issue is. The Wizard told you to open the ports and you did that on the router. What seems to be the issue?

I don't know which VPN would be faster. Will see if I can get our resident Cisco guru to answer that for you.
zx10guy's Avatar
zx10guy has a Photo Album
Computer Specs
Trusted Advisor with 4,025 posts.
 
Join Date: Mar 2008
28-Sep-2010, 11:19 AM #8
Squashman got my attention.

I can try to help with your PPTP setup but I haven't set one up personally. The VPNs I set up on a routine basis are IPSEC or SSL based. But the basic principles are the same.

First, have you verified, your SBS server is configured properly to run as a PPTP VPN server and is answering incoming connections. You need to do this first before moving on to troubleshoot any network issues. I suggest testing the server with a locally attached client.

If the SBS server is indeed running and working properly, you need to do the appropriate port forward configuration on your router to allow external connectivity. Based on your screenshot, it looks like you have the set up correctly. To verify full end to end connectivity, you can run a test from your client which doesn't invoke the VPN but just checks for basic TCP function. From your remote client, open a command prompt window. From the command prompt window, issue this command telnet [public IP address of your network with the VPN server] 1723. If you get the window to clear out and have a single blinking cursor in the upper left corner, then this means the network pathway is set up correctly and there is still something amiss with the VPN server configuration. If you get connection time outs, then something is still wrong with the network setup. To exit out of the single blinking cursor situation, type CTRL + ] . This will drop you into the telnet command line and just type quit to exit out. This only works with XP. For some reason, Microsoft decided not to include telnet as the base install for Vista and Win7.

As far as which is better to set up the VPN server on (router/firewall or actual server), this depends. My guess would be your ISP connection is probably going to be limiting factor anyways. But in general, I like running my VPN servers on network appliances. One because the device is usually the edge device to your internal network. This lowers the complexity of your setup in having to do unnecessary port forwards or NAT rules. The other thing I like about network VPN appliances is that they are usually optimized to handle VPN overhead. There isn't any unnecessary overhead in running other OS specific services which won't be running on an VPN network device. As such you don't have to over purchase on your hardware to deal with running the OS and the VPN overhead. Also the complexity of the equipment is much less. I don't have hard drives and such to worry about with a network appliance. Network VPN appliances also have processors optimized to number crunch the encryption algorithms.

With that said, I looked at the spec sheet for your router. It supports IPSEC VPNs which I prefer over PPTP as they are much much more secure. Not only do you get a stronger encryption payload algorithm in the use of 3DES or AES, but you also get better security in the encrypted traffic in negotiating the initial handshake between client and server. The option to run either MD5 or SHA-1 during the Phase 1 negotiating makes IPSEC very secure in ensuring the devices which are talking to each are supposed to be talking to each other. Now the spec says it supports 3DES which is 168bit encryption, the spec sheet doesn't state what level of AES is supports. I would assume it should support AES 256bit encryption. With that said, be aware the more complex encryption algorithms will tax your router much more and you may see a resultant performance impact. The number of concurrent client tunnels it supports (10) tells me it's not a very beefy VPN server device. You'll have to do some live testing to see if the router is adequate enough for your needs.
Bat_Manuel's Avatar
Bat_Manuel Bat_Manuel is offline
Junior Member with 9 posts.
THREAD STARTER
 
Join Date: Sep 2010
Experience: Beginner
30-Sep-2010, 05:18 PM #9
well how would i go about using the cisco to creat a vpn? sorry im really new to vpn and remote acess
zx10guy's Avatar
zx10guy has a Photo Album
Computer Specs
Trusted Advisor with 4,025 posts.
 
Join Date: Mar 2008
30-Sep-2010, 05:28 PM #10
You'll have to go through the user's manual. I'm not familiar with the Linksys/Cisco routers. But the principles should be the same as any other IPSEC VPN router/firewall. You need to configure the IKE Phase 1 parameters which involve using a passphrase and selecting the type of encryption (MD5 or SHA-1.) In addition, you'll need to select the type of DH group to use (1, 2, and 5.) Type 2 is typically what I see used for VPN client connections. Type 5 is more secure but I haven't seen any VPN client software which supports it. I typically see it configured for site to site VPN tunnels. Type 5 requires a lot more CPU overhead as the encryption algorithm is much more complex. The next configuration would be Phase 2 which is to configure the encryption level of the payload (your data.) DES is the most basic and less secure. 3DES is more secure but has given way to AES 192 and 256 level encryption. Again, typically, the higher the encryption level, the more overhead is required to encrypt and decrypt the payload.

Other things which may be required to be configured is the local IP pool address space. This is the IP address assigned to your VPN client on the connected LAN for the remote client.

I know how to do this for the actual Cisco routers and firewalls along with the Netgear VPN routers, but again can't provide much help with the Linksys/Cisco products.
Squashman's Avatar
Trusted Advisor with 19,645 posts.
 
Join Date: Apr 2003
Location: 1265 Lombardi Ave
30-Sep-2010, 06:18 PM #11
Quote:
Originally Posted by Squashman View Post
I think you should look at using the Router as the VPN instead of your 2008 Server. But that is just my opinion.
We have a Cisco guru here that I can redirect his attention to here.

Here is the admin guide for that router.
http://www.cisco.com/en/US/docs/rout...120w_admin.pdf
Quote:
Originally Posted by Bat_Manuel View Post
well how would i go about using the cisco to creat a vpn? sorry im really new to vpn and remote acess
Did you perhaps look through the link to the Administrative manual for your device that I posted 4 days ago.
Bat_Manuel's Avatar
Bat_Manuel Bat_Manuel is offline
Junior Member with 9 posts.
THREAD STARTER
 
Join Date: Sep 2010
Experience: Beginner
15-Oct-2010, 12:24 AM #12
Couldn't figure it out I just decided to go with a remote web workplace instead of a VPN
JohnWill's Avatar
Computer Specs
Retired Moderator with 106,412 posts.
 
Join Date: Oct 2002
Location: South Eastern PA, USA
15-Oct-2010, 08:53 AM #13
Did you get that working?
Bat_Manuel's Avatar
Bat_Manuel Bat_Manuel is offline
Junior Member with 9 posts.
THREAD STARTER
 
Join Date: Sep 2010
Experience: Beginner
15-Oct-2010, 06:04 PM #14
The remote web workplace yes the VPN no
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


Tags
port 1723, vpn

(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


Similar Threads
Title Thread Starter Forum Replies Last Post
Error 1723 Gbomb Windows 7 4 14-May-2010 09:48 AM
java DLL ERROR 1723 WSRH Windows Vista 1 25-Jan-2010 05:33 AM
Error 1723 Prohibiting Installation/Uninstallation ArchGeoElectro All Other Software 12 21-Dec-2009 09:33 PM
Error 1723 - Java plugin install apope236 Windows Vista 0 30-Jun-2009 12:10 PM
How to Open Port 1723 for VPN robastewart Networking 10 11-Feb-2008 07:59 PM

WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑