+ Reply to Thread
Results 1 to 3 of 3
  1. Member
    Join Date
    Feb 2015
    Location
    Everett, WA
    Posts
    55

    Certifications
    A+, Net+, Sec+, too many MTAs
    #1

    Unhappy Real World situation, but applies heavily to VPN with Windows 10

    All IP Addresses and Locations have been changed for client privacy. But this is the situation.
    SO, I got to set up VPN from Location A to Location B. Windows 10 machine from site A to Windows 10 machine on location B

    Location A is the VPN server.
    Location B is the client location that will VPN into Location A

    VPN server has a reserved static IP Address

    Gateway is say 80.82.192.168 for Location A
    Static reserved IP Address by ISP is 80.82.192.167 (descending is correct per ISP)
    Internal IP Address for the server at Location A is 10.0.0.115
    Username is say somedude@IloveIT.com
    The internal IP Address range for VPN clients we will call 10.0.0.10 to 10.0.0.15 so 5 addresses can be allocated to VPN'd users.

    Modem is set as:
    Port Forwarding

    PPTP
    TCP/UDP
    80.82.192.167
    Start Port 1723
    End Port 1723



    When Location B goes to connect to VPN it keeps saying it fails. It says LT2P/IPSec fails. But this VPN is going PPTP instead.

    Would SSTP be a better selection? If so, Port 443 would be the start and end port on the modem correct?

    What am I royally screwing up?
    Reply With Quote Quote  

  2. SS -->
  3. Member
    Join Date
    Apr 2004
    Location
    Michigan
    Posts
    63

    Certifications
    MCSE in Server 2012, VMware VCAP, CISSP, Security+, CCNA
    #2
    I've never setup a Windows to Windows VPN but just by looking at this I'd say firewall issue. However, it might just help to get more info on the error message you are getting. Below are the steps to get a detailed log. As far as whether to use SSTP, I haven't read anything wrong with using that protocol with the main benefit of it being that it will get around most firewall issues. I'm also pasting a table below that has what ports need to be open for each type of VPN protocol. Hope some of this helps

    1.Right-click the Dialup Networking folder, and then click Properties.
    2.Click the Networking tab, and then click to select the Record a log file for this connection check box.
    Default log location: C:\Windows\Ppplog.txt

    For PPTP: ◦IP Protocol=TCP, TCP Port number=1723 <- Used by PPTP control path
    ◦IP Protocol=GRE (value 47) <- Used by PPTP data path

    •For L2TP: ◦IP Protocol Type=UDP, UDP Port Number=500 <- Used by IKEv1 (IPSec control path)
    ◦IP Protocol Type=UDP, UDP Port Number=4500 <- Used by IKEv1 (IPSec control path)
    ◦IP Protocol Type=ESP (value 50) <- Used by IPSec data path

    •For SSTP:
    ◦IP Protocol=TCP, TCP Port number=443 <- Used by SSTP control and data path
    •For IKEv2: ◦IP Protocol Type=UDP, UDP Port Number=500 <- Used by IKEv2 (IPSec control path)
    ◦IP Protocol Type=UDP, UDP Port Number=4500 <- Used by IKEv2 (IPSec control path)
    ◦IP Protocol Type=ESP (value 50) <- Used by IPSec data path
    Reply With Quote Quote  

  4. Member
    Join Date
    Feb 2015
    Location
    Everett, WA
    Posts
    55

    Certifications
    A+, Net+, Sec+, too many MTAs
    #3
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks