12-16-2010 05:33 PM - edited 12-16-2010 05:38 PM
I have delete my old VPN connection and follow your instruction. I have try to connect with my WAN IP w/o a colon, but this time it gave me an 800 error. I open up port TCPAny->1723, UDPAny->500, GRE, UDPAny->1701, and TCPAny->443. I was still able to connect from the inside my network.
I'm sorry, wasn't thinking when I gave you these Instructions
Using XP that would be
Control panel, network connections
create a new connection, next
connect to network at my workplace, next
Virtual Private Network, next
Give the connection a name, next
autodial connection, next This should be Do not dial the initial connection
ip address (your router wan address), next
Oh well, guess there must be something odd in your setup or you have not got the server or client end connections defined correctly.
If as you say it works from the inside and not from the outside then you should see rejection notices in the router security log if you are getting to the router. If there are no rejections in the log then you are not getting to the router which says that there is something wrong with your client end.
A last thought might be, are you using a client on your internal network to access the wan ip address of your router? If so that is your problem as that won't work. The external client has to be outside your network for this to work.
The setup as I defined works perfectly for me accessing external vpn connections and also for external clients getting to my vpn servers.
Best of luck
I was trying to connect my public IP within the my home network. I finally got it to connected, but I have to open port PPTP 1723 and GRE 47. Another question, when I got it to connect, I could see my server file on the network folder at all?
Dunno why you would have to allow GRE.
You should be able to attach/map to shares on your inside network and see your files that way. Also rdp from your client machine via the vpn connection to an rdp server on the inside network. Print etc. etc.
It's as if your client machine is now part of your internal network so you should be able to do anything from it that a machine on your internal network can do.
You been very helpful and thanks a lot for your help! Could you please explain about the RDP? Does that mean I have to remote desktop connection again?
You should be able to run (mstsc.exe) from your vpn client machine to machines on your internal network directly using their internal IP addresses as once you are connected via the vpn server your client machine becomes a device on the internal networ. This would mean that you don't have to expose the rdp port/s through the router. Also means that you should be able to access all the machines which isn't so easy by port forwarding on the router as you would have to designate different lsiteners for each server.
I've never tried it but it should work - guess it could give me something to do for an hour or two while I sit here nursing the flu.
Yes, works just fine.
I rdp'd to machine in europe from a machine here in MA. On the European desktop built a vpn connection to my vpn server here and connected it. The ran mstsc to a 192.168.3.x address on my internal network to a server and it acme up with no issues.
Means you could run ftp setc the same way across the vpn connection.