But I am using a PPTP.. and I have had a test environ where in a Win 2K machine was a 
\RRAS server and all the clients were able to connect from behind the RRAS server.. 
which was connected to the ADSL


-----Original Message-----
From: John Matteson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 7:23 PM
To: Exchange Discussions
Subject: RE: VPN issue...


IPsec cannot be used through a router that NAT's the packets. The NAT'ing
hoses things on the packet.

John Matteson; Exchange Manager 
Geac Corporate Infrastructure Systems and Standards 
(404) 239 - 2981

Defeat is a state of mind. No one is ever defeated until defeat has been
accepted as a reality. To me, defeat in anything is merely temporary, and
its punishment is but an urge for me to greater effort to achieve my goal.
Defeat simply tells me that something is wrong in my doing; it is a path
leading to success and truth. --Bruce Lee



-----Original Message-----
From: Muqeem Syed [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 22, 2002 6:11 PM
To: Exchange Discussions
Subject: VPN issue...




Hi All,
Please check this out... we have a pix firewall in our office with a
frame-relay connection... at the branch office we are connected Via an ADSL
Lucent Cell pipe router... All the configurations on the router were done by
the service provider.... and he informed us to use the default gateway of
192.168.0.10 for our LAN there... now the problem is that we cannot
establish a PPTP connection between the firewall and the Win 2K clients thru
the ADSL and the LAN ... but when we use dial up coonections and use the
services of the same ISP... we can establish  the VPN connection...
At the firewall end I can see that the client gets connected for some time..
and then is disconnected... on the client side I see the dialg that the
machine is trying to connect to the remote host.. then says.. verifying
username and password and then after some time I get the error that says...
The L2TP connection attempt failed becasue the security layer encountered a
processing error during initial negotiations with the remote computer....

Actually this LAN is being set up by a Novice.. but very Enthusiast .. Sys
Admin .. from our branch office.. and so far he had been telling me that the
remote client only attempts to connect to the firewall... he gets the
verifying username and password screen and then it tels him that the
username and the password is bad... .. till I had to force him to allow me
to use PCANywhere and dial into one of the clients... and check myself what
was happening from that end.. when I noticed this...
I feel that this has to do with ... the Win 2000 domain security... I feel
that he has set up the domain and all the machines there on the network to
be forced to use IPSec and since the IPSec policy is being applied to the
LAN cards... but not to the dial up modem interfaces.. I am getting the
error mentioned.... But if you guys can help me with this.,... please do.. 

I get the error 789 on the Win 2K server.. where in I set up the machine for
PPTP with secure connection as an option.. since the firewall has been set
up at the moment to allow PPTP connections.... I have myself treid it out on
a ADSL connection .. but from a different Service provider and it appears to
work fine...
CAN it be a NAT issue... but logically again.. I feel it is not.. since I
have configured for a WIndows RRAS server... on a LAN with an ADSL
connection and have succesfully established a VPN conneciton from all the
clients ... .. so I feel that the NATtting is not an issue here... unless
this ISP is blocking some ports.. 
Can some one please throw more light on this
Regards

_________________________________________________________________
List posting FAQ:       http://www.swinc.com/resource/exch_faq.htm
Archives:               http://www.swynk.com/sitesearch/search.asp
To unsubscribe:         mailto:[EMAIL PROTECTED]
Exchange List admin:    [EMAIL PROTECTED]

_________________________________________________________________
List posting FAQ:       http://www.swinc.com/resource/exch_faq.htm
Archives:               http://www.swynk.com/sitesearch/search.asp
To unsubscribe:         mailto:[EMAIL PROTECTED]
Exchange List admin:    [EMAIL PROTECTED]

_________________________________________________________________
List posting FAQ:       http://www.swinc.com/resource/exch_faq.htm
Archives:               http://www.swynk.com/sitesearch/search.asp
To unsubscribe:         mailto:[EMAIL PROTECTED]
Exchange List admin:    [EMAIL PROTECTED]

Reply via email to