It is currently Mon Sep 22, 2014 4:36 pm

All times are UTC - 8 hours




Post new topic Reply to topic  [ 2 posts ] 
Author Message
 Post subject: Server2008R2 L2TP/IPSec VPN behind router
PostPosted: Mon Apr 16, 2012 6:31 am 
Offline

Joined: Sun Jan 31, 2010 6:43 pm
Posts: 132
Location: US
Hey!

I am trying to set up an L2TP/IPsec VPN server with a preshared key behind a firewall/router. The VPN server is running Windows Server 2008 R2. Microsoft recommends allowing the VPN server access to a public IP, but this is impractical in my situation. I'm able to establish a VPN connection from inside my house network, but trying to access from an external ip, I get errors (Error 789).

My router/firewall allows IPsec passthrough. What ports do I need to forward to the VPN appliance? I believe UDP 500 and UDP 4500 are all that are necessary. Noramlly, only UDP 500 is required, but since I'm NATing to the VPN appliance, it'll be doing NAT-T, and I believe I need to open UDP 4500. Additionally, Microsoft recommends that I do a registry change as outlined here: http://support.microsoft.com/kb/926179.

Again, I am able to access my VPN appliance from within my network (on the same subnet). Can't access from an outside IP, which leads me to believe I don't have the ports forwarding properly, and possibly having an issue with NAT Transversal. I will do the registry setting as soon as I get home. Are ports UDP 500 and UDP 4500 the only ones that I need to forward to my VPN appliance? There was some mention of UDP 1701, but I don't think this is necessary...


Top
 Profile  
 
 Post subject: Re: Server2008R2 L2TP/IPSec VPN behind router
PostPosted: Mon Apr 16, 2012 11:52 am 
Offline

Joined: Sun Jan 31, 2010 6:43 pm
Posts: 132
Location: US
Creepy...I just posted this question 4 hrs ago, and the google crawler already picked it up. Anyways, I found a thread on Anandtech asking the same question, and it seems making the registry change and forwarding UDP 500 and UDP 4500 should fix the issue. I'll test it when I get home. Here's to hoping...


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group