Re: VPN Connecting Problems

praveensrijana · ‎06-30-2005

Hi,

We have a Cisco 2500 series router supplied by our Internet Service Provider for use with the leased line for internet connectivity. In that NAT was enabled to connect it to our local network. Now when we are trying to connect to our client in another remote location through VPN we are unable to connect and getting the error as 721: The Remote computer did not respond.

Whne i did a google search for this error it says that TCP Port 1723 and IP Protocol 47 should be opened. Router PPTP should be enabled. When i contacted my Service provider regarding the same he says that all the port and protocol are opened and nothing was blocked on the router. He says that iam unable to connect to VPN because of NAT and if he removes we can connect.

The Same connection is established whne tried on a broadband connection.

Is there any way that we will be able to connect to the VPN without removing NAT as it is required for us.

Please help me in this matter.

Thanks in Advance

Praveen

thisisshanky · ‎06-30-2005

You should bypass the traffic going between your lan side network and the VPN client (pool of addresses) from NAT. I see you are using PPTP. Is the router terminating the VPN sessions or another device on the lan behind this router ? Either ways, use an access-list in the NAT configuration and deny the traffic specified above.

ip nat inside source list 100 int s0 overload

access-list 100 deny ip

access-list 100 deny gre

access-list 100 permit any any

This will bypass the specified traffic (VPN traffic).

x.x.x.x is the lan side network behind the router. y.y.y.y is the vpn client pool network.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus