Koozali.org formerly Contribs.org

Legacy Forums => General Discussion (Legacy) => Topic started by: kokomi on April 07, 2005, 06:18:51 AM

Title: SME VPN behind linksys router.
Post by: kokomi on April 07, 2005, 06:18:51 AM
I am running SME in server mode behind a Linksys 802.11b wireless router.
I have PPTP pass-thru enabled and have forwarded TCP 1723 to my SME server.
This setup worked fine when my VPN server was a Win2003 box.  Now on my client, I receive an Error 619: A connection with the remote computer could not be established and in the SME log I have the following error:
Starting negotiation on /dev/pts/0
GRE: read(fd=6,buffer=80559a0,len=8260) from network failed: status = -1 error = Protocol not available
CTRL: GRE read or PTY write failed (gre,pty)=(6,5)
CTRL: Client 192.168.1.1 control connection finished
Modem hangup

It looks like the GRE data is not being passed.  I think this might be a router issue because I can connect fine if my client is also behind the firewall.  Like I said early though, I had no problem with the router and a Windoze VPN Server.
I really want to use SME, but if I can't get VPN to work, I will have to go back to Windoze.
Anyone have any ideas?
Thanks,
Title: SME VPN behind linksys router.
Post by: raem on April 07, 2005, 09:00:48 AM
From earlier posts re VPN

to do VPN make sure the router is setup to forward TCP 1723, UDP 500, and protocol 47 to the sme box
Title: SME VPN behind linksys router.
Post by: duncan on April 07, 2005, 10:38:23 AM
Hi,

For pptp - you only need to forward 1723. The protocol 47 is a furphy and 500 is IPSec. Not sure how to help except to say that I have exactly the same setup here using a netgear gateway and it works fine with only 1723 forwarded.

Regards Duncan
Title: SME VPN behind linksys router.
Post by: cc_skavenger on April 07, 2005, 02:21:41 PM
make sure that you have vpn pass-through turned on in the linksys router.
Title: SME VPN behind linksys router.
Post by: CharlieBrady on April 07, 2005, 05:13:23 PM
Quote from: "duncan"

For pptp - you only need to forward 1723. The protocol 47 is a furphy and 500 is IPSec. Not sure how to help except to say that I have exactly the same setup here using a netgear gateway and it works fine with only 1723 forwarded.


Your connection can only work if protocol 47 is automatically forwarded by your router (either as a side effect of it snooping TCP 1723, or in response to outgoing protocol 47). Other routers will require protocol 47 to also be forwarded. TCP 1723 is the PPTP control connection, protocol 47 carries the actual tunnel traffic.

You are correct that UDP port 500 is not required for PPTP VPN traffic. That's for IPSEC, which requires UDP 500 and protocol 50.
Title: Still having problems
Post by: kokomi on April 07, 2005, 08:16:16 PM
Thanks for all you help, but I am already doing all of your suggestions so far.  Like I said initially, I have PPTP forwarding on the router turned on and I have port 1723 forwarded.  
It worked fine when the VPN server was a windows box.  The only things to change is the server is now an SME server.  I have not changed any of the router settings.  And yes, the new server has the same ip address as the old server.
Is there any setting that would limit VPN access from only certain networks?  Is VPN different on SME than on Windoze?  Anyone have any ideas?
I have even tried making my SME server the DMZ host, which means all traffic is forwared to it and I still have the same problem.
Thanks for your help!
Title: SME VPN behind linksys router.
Post by: CKConsulting on April 07, 2005, 09:57:17 PM
I've had the same issues.  I removed my Linksys router and still had the issues.  What is odd it that it didn't work,  then I tried again after a couple months and it worked fine for several weeks, then one day it stopped again.  I hadn't made any changes to the server it just stopped.  You can always plug into the router and by pass the SME server when you need to VPN.

Rick
Title: Well, its working.
Post by: kokomi on April 09, 2005, 03:15:00 AM
Well, just for shits, I had a friend try to VPN in and it worked.  It appears that it will just not allow me to VPN in via the wan link.  It must know that I am really inside.
Title: SME VPN behind linksys router.
Post by: sanchotai on May 23, 2007, 09:19:27 PM
Ive been trying to do this for a while -

could anyone tell me how you forward protocol 47 - is this just port forwarding of port 47?

I have an sme server behind a netgear fvs318 router - have forwarded 1723 to the server and the router is supposed to do vpn passthru but I cannot connect.

any thoughts would be gratefully received.
Title: SME VPN behind linksys router.
Post by: CharlieBrady on May 23, 2007, 09:30:56 PM
Quote from: "sanchotai"

is this just port forwarding of port 47?


No. port 47 is either port 47 of protocol 6 (TCP) or port 47 or protocol 17 (UDP). protocol 47 is just protocol 47, it's not a subset of protocol 6 or protocol 17.