Home | Site Map | Cisco How ToNet How To | Wireless |Search | Forums | Services | Donations | Careers | About Us | Contact Us|

Troubleshooting Windows RRAS Issues

RRAS, VPN, TS/RDP, Routing and remote Access.

Troubleshooting Windows RRAS Issues

Postby guest » Tue Nov 06, 2007 11:25 am

Q: I have a server with 2 NIC's. 1 Public IP and a private on the internal
interface. (its just one server, in a hosting env. no other servers
connected on the inside int. no DHCP server either)

When I enable VPN on the external interface in RAS it seems the server is
unable to contact the internet. But it seems I can make a PPTP connection to
the server, so VPN works but

Do I need to setup rules in order to get this working. What am I missing
here?

A: By default, RRAS server creates these filters when you setup RRAS server:

Inbound: any to Server IP GRE 47, any source port 1723 to Server any
destination, any source port to server destination port 1723.
Outbound: Server to any IP GRE 47, server 1723 to any port, Server any port
to any 1723 port.

These filters only allows VPN access to the Server, which matches the fact
that you can establish VPN connection to RRAS server. Thus, these filters
can block internet access.


Troubleshooting Plan:
==================================
Step 1: check inbound/outbound filters:
======
1. Open RRAS console, Expand IP routing, Click general.
2. Right click the External Interface and click Properties.
3. Click Inbound filters, make sure there are no inbound filters.
4. Click outbound filters, make sure there are no outbound filters.


Step 2: Check NAT/Basic firewall:
======
Note: if you also have NAT/Basic firewall configured on the RRAS server,
please check Firewall is not blocking internet access.

1. Open RRAS console, Expand IP routing.
2. Click NAT/Basic firewall, Right click the Interface in the right pane
and properties.
3. Navigate to "Services and Ports" tab, make sure necessary Ports/services
are allowed to visit internet.

Please restart Routing and remote access service on the Server and try to
access internet again.

For your reference about RRAS filters and NAT/basic firewall, I have
attached these articles here:

How To Install and Configure a Virtual Private Network Server in Windows
2000
http://support.microsoft.com/kb/308208

Configure NAT/Basic Firewall
http://technet2.microsoft.com/windowsse ... db-455e-8c
2c-2d515dd04fad1033.mspx?mfr=true
Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com

Troubleshooting Vista Wireless
http://chicagotech.net/
guest
 
Posts: 10191
Joined: Mon Nov 27, 2006 1:10 pm

Return to VPN, TS and Remote Access

Your Ad Here

Who is online

Users browsing this forum: No registered users and 6 guests