Question : VPN cannot be established outbound from workstations on our SBS 2003 network - Error 800. VPN outbound from our SBS Server is successful.

We are running Microsoft SBS 2003. Service Pack 1. Netcomm NB5 Plus 4 ADSL Modem router. Trend CSM Email, Internet, RWW to our server and to other SBS networks all work fine. I need to be able to VPN to external computers. I can successfully VPN from our SBS server to other external networks but when attempting to create a VPN from any of our SBS workstations, the VPN fails with Error 800. I have enabled and disabled the firewall client on the workstations but this has no impact. Have rerun the internet connection wizard, rerun the VPN wizard on the workstations, checked port forwarding on the router. Port 1723 can be seen via canyouseeme when accessed from the workstation. The user has administrative rights on the network and the workstation. I can connect to the exchange server of the network that I am trying to establish a VPN - via OWA (from our server and our workstations). I cannot ping (from the workstation on our network) the IP of the VPN that I am trying to establish but I can ping the same IP from our server. Any suggestions as to what is causing the lack of VPN communication from the workstations on our network? Wth thank in advance.

Answer : VPN cannot be established outbound from workstations on our SBS 2003 network - Error 800. VPN outbound from our SBS Server is successful.

Geoff,

Thanks for the comments... funny that I had the exact same issue last week when trying to rejoin a workstation to the domain and had made a note that I needed to update the documentation. I was actually planning on recreating the scenario so I could grab a screenshot of the error message. It was the first time I had experienced the error because it's rather unusual to have a mapped drive from a local user account... but well worth noting since it took me about 15 minutes to figure out what the darn connection was!

You're right that the clue was that the SBS could establish the VPN and not the workstations... which is why I focused on a workstation-based firewall. I wasn't thinking about ISA since you didn't mention it... and honestly, I've stopped using it and have uninstalled it from all networks I currently manage. ISA won't be included in the next version of SBS --- which will only support a single NIC configuration in favor of a separate hardware-based firewall. So, I figured, why keep fighting it and have moved everyone over to SonicWall TZ-170's.

Glad you got it working though!

Jeff
TechSoEasy

Random Solutions

Environment variables of a process : Linux

Move Outlook profile to new computer

Dynamic To Static ip VPN with TWO PIX 501

Exchange 2003 will not use local 2008 DC for GC/DC

cfml SQL MSSQL question

AS3: Can you apply a style sheet to a textfiled in a movieclip?

Unable to load client print protocol

Rails site down - deprecated with 2.1.1 upgrade

Moving ForEach onto the universe

IIS6 FTP User Isolation Modes / Win2k3