Changes

http://www.domain-logic.com/support/secure_tunnel_XP.htm

http://www.domain-logic.com/support/secure_tunnel_XP.htm

For advanced troubleshooting techniques see http://pptpclient.sourceforge.net/howto-diagnosis.phtml

For advanced troubleshooting techniques see http://pptpclient.sourceforge.net/howto-diagnosis.phtml

===Background information===

===Background information===

VPN uses port 1723 and protocol 47.  

VPN uses TCP port 1723 and protocol 47 (GRE).  

In server & gateway mode your modem should be configured in bridged mode and automatically forwards all traffic to the server.

In server & gateway mode your modem should be configured in bridged mode and automatically forwards all traffic to the server.

In server only mode, your router must be configured to forward port 1723 to your server and must provide full support for protocol 47. Note that protocol 47 (GRE) is not a port and therefore you cannot forward it. Not all routers support this protocol so VPN is not always possible in this network arrangement. In order to make pptp type VPN connections in this network arrangement, the router specification must clearly say that it can handle passthrough pptp VPN connections. Note that the routers at both the remote and local ends of the VPN pptp connection must be able to handle pptp VPN passthrough for this scenario to work correctly. Check your router specifications carefully. Errors in your log files may indicate that one of your routers may have a problem forwarding GRE packets. If you see LCP timeout errors in your log files, there are many possible reasons. The most likely one is that a firewall somewhere between the two ends is blocking/dropping GRE packets.

In server only mode, your router must be configured to forward TCP port 1723 to your server and must provide full support for protocol 47. Note that protocol 47 (GRE) is not a port and therefore you cannot forward it. Not all routers support this protocol so VPN is not always possible in this network arrangement. In order to make pptp type VPN connections in this network arrangement, the router specification must clearly say that it can handle passthrough pptp VPN connections. Note that the routers at both the remote and local ends of the VPN pptp connection must be able to handle pptp VPN passthrough for this scenario to work correctly. Check your router specifications carefully. Errors in your log files may indicate that one of your routers may have a problem forwarding GRE packets. If you see LCP timeout errors in your log files, there are many possible reasons. The most likely one is that a firewall somewhere between the two ends is blocking/dropping GRE packets. Some routers/gateways automatically forward GRE when required, by watching the negotiation on TCP port 1723.

In any point to point VPN connection, there will be numerous pieces of equipment that the signal passes through eg corporate firewalls, additional routers/firewalls, software firewalls/filters etc. All these steps in the chain must support protocol 47, if any piece of equipment in the chain does not support that protocol then the VPN connection will be unsuccessful. Sometimes these matters are out of the end users control, especially in corporate situations, or home user situations where low end broadband connections are used and ISP's limit functionality.

In any point to point VPN connection, there will be numerous pieces of equipment that the signal passes through eg corporate firewalls, additional routers/firewalls, software firewalls/filters etc. All these steps in the chain must support protocol 47, if any piece of equipment in the chain does not support that protocol then the VPN connection will be unsuccessful. Sometimes these matters are out of the end users control, especially in corporate situations, or home user situations where low end broadband connections are used and ISP's limit functionality.

You cannot establish a VPN passthrough connection through an SME server to a local machine due to problems with the sme server supporting the passthrough of protocol 47 (GRE).

You cannot establish a VPN passthrough connection through an SME server to a local machine due to problems with the sme server supporting the passthrough of protocol 47 (GRE).

===Workaround for Appletalk issue===

===Workaround for Appletalk issue===

 

Try this workaround to resolve issues with Kernel Panic errors, Appletalk and VPN disconnection problems

Try this workaround to resolve issues with Kernel Panic errors, Appletalk and VPN disconnection problems

See:

See:

http://wiki.contribs.org/OpenVPN

http://wiki.contribs.org/OpenVPN

Also see:

Also see:

http://forums.contribs.org/index.php?topic=40314.0

http://forums.contribs.org/index.php?topic=40314.0

https://secure.logmein.com/home.asp?lang=en

https://secure.logmein.com/home.asp?lang=en

http://support.microsoft.com/kb/186607

http://support.microsoft.com/kb/186607

This technical troubleshooting diagnostic guide, which while not sme specific, will assist to diagnose connection problems related to VPN pptp with SME server.

This generic technical troubleshooting diagnostic guide, http://pptpclient.sourceforge.net/howto-diagnosis.phtml while not sme specific, will assist to diagnose connection problems related to VPN pptp with SME server.

http://pptpclient.sourceforge.net/howto-diagnosis.phtml

 

Windows 7 - http://windows.microsoft.com/en-us/windows7/Set-up-a-remote-connection-to-your-workplace-using-VPN

 

Windows 7 - http://windows.microsoft.com/en-US/windows7/Why-am-I-having-problems-with-my-VPN-connection