Jump to content

WinXP VPN Port Forwarding


Kerberos
 Share

Recommended Posts

I recently decided to give the whole "vpn" thing a try since I take my laptop everywhere with me (as is it's purpose) and often connect to public wireless networks. I figured before setting up anything too fancy I'd just try to get a basic setup working. I remembered that Windows XP actually has a VPN server built in (sorry if it's not technically a "server", but it accepts VPN connections so that's what I would assume would be the best term to use). So I set up my desktop at home with a VPN connection, forwarded all of the ports that I figured I'd need, and gave it a test. I couldn't connect from my laptop.

So I went looking around and found a few tips for which ports to forward. So far I've tried 500,50,51,1701,1723 TCP and UDP. I also have PPTP Passthrough, L2TP Passthrough, and IPSEC Passthrough enabled on my router. However I still can't get through. The reason that I know it's my port forwarding causing the problem is that I was able to connect when I DMZ'd my desktop. So it has to be the port forwarding (at least I can't think of any other logical problem). So my question is: Can anybody tell me what I'm doing wrong and which ports I should be forwarding?

Link to comment
Share on other sites

Opening up everything has no real use.

If you don't use certificates, opening up IPSec can only cause you more problems than solutions. Specially if you turn IPSec on on your VPN incoming connections. (I guess you are using the Routing and Remote Access service on XP to use the Incoming connections module). If you want to use IPSecm you also have to create certificates and i believe since Windows XP2, using the IPSec services on the local VPN server option has been bashed out of the options by Microsoft. (It is still there, but you have to use some hackwork to get it going). IPSEc on Windows XP (The native one in the Pro edition then) (by Microsoft nature) has security issues and therefore removed leaving only PPTP VPN tunneling option.

By default almost every router or switch i know, allow connections through ports 443. Connecting to your VPN server usually requires only one port to be routed to your PC through NAT.

Yet if you have the Windows Fire-wall turned on as well, you might have to toggle the HTTPS service in the Advanced tab (click on the settings button for the selected network adapter in the list on the left) and add the VPN port to it as well. (Add, name it VPN, add port 1723 and 1701 into the list).

Or if you trust your other LAN users that they don't pull in crap and virusses, turn off your Windows firewall and trust your router to do all the filtering. (usually turning off your firewall and test again is a good way to figure out if your XP firewall is the culprit as well)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...