WinXP VPN Port Forwarding

[Kerberos]

I recently decided to give the whole "vpn" thing a try since I take my laptop everywhere with me (as is it's purpose) and often connect to public wireless networks. I figured before setting up anything too fancy I'd just try to get a basic setup working. I remembered that Windows XP actually has a VPN server built in (sorry if it's not technically a "server", but it accepts VPN connections so that's what I would assume would be the best term to use). So I set up my desktop at home with a VPN connection, forwarded all of the ports that I figured I'd need, and gave it a test. I couldn't connect from my laptop.

So I went looking around and found a few tips for which ports to forward. So far I've tried 500,50,51,1701,1723 TCP and UDP. I also have PPTP Passthrough, L2TP Passthrough, and IPSEC Passthrough enabled on my router. However I still can't get through. The reason that I know it's my port forwarding causing the problem is that I was able to connect when I DMZ'd my desktop. So it has to be the port forwarding (at least I can't think of any other logical problem). So my question is: Can anybody tell me what I'm doing wrong and which ports I should be forwarding?

[lbsl]

Opening up everything has no real use.

If you don't use certificates, opening up IPSec can only cause you more problems than solutions. Specially if you turn IPSec on on your VPN incoming connections. (I guess you are using the Routing and Remote Access service on XP to use the Incoming connections module). If you want to use IPSecm you also have to create certificates and i believe since Windows XP2, using the IPSec services on the local VPN server option has been bashed out of the options by Microsoft. (It is still there, but you have to use some hackwork to get it going). IPSEc on Windows XP (The native one in the Pro edition then) (by Microsoft nature) has security issues and therefore removed leaving only PPTP VPN tunneling option.

By default almost every router or switch i know, allow connections through ports 443. Connecting to your VPN server usually requires only one port to be routed to your PC through NAT.

Yet if you have the Windows Fire-wall turned on as well, you might have to toggle the HTTPS service in the Advanced tab (click on the settings button for the selected network adapter in the list on the left) and add the VPN port to it as well. (Add, name it VPN, add port 1723 and 1701 into the list).

Or if you trust your other LAN users that they don't pull in crap and virusses, turn off your Windows firewall and trust your router to do all the filtering. (usually turning off your firewall and test again is a good way to figure out if your XP firewall is the culprit as well)

[Wetwork]

make sure that you also set your IP Address range in routing and remote access or the program will terminate the link because it wont have a local IP address to your remote location

1723 TCP is the port that you want to foward

[Iain]

make sure that you also set your IP Address range in routing and remote access ...

Isn't the OP using XP as the VPN server rather than a WIndows server OS?