So I’ve set up a VPN server at work. Great for connecting from home to access the network. I’m using just the built in VPN server in Windows Server 2003 and creating a VPN connection from Windows Network and Sharing Centre. It’s a piece of cake to set up.
The only extra thing you need to do is open the ports in the firewall to allow the connection. Windows VPN by default uses PPTP, which uses port 1723. We have a Juniper firewall which comes set up with lots of predefined services so you can quickly and easily open all the right ports for the application you are using. Great. So I allowed the PPTP service for the mapped IP address the server uses. Done. Or so I thought.
It just wouldn’t connect. I turned off the firewall, tried it again, and it worked straight away. So why wasn’t it working?! After a quick search on the internet I read that you also need to pass GRE. Quick check on the Juniper, GRE was listed on predefined services, added that to the policy for the VPN server. Bingo, it works!
Not sure if that applies to other firewalls. I’ve set this up before and never encountered this problem. Maybe it’s just on the Junipers?
If your firewall doesn’t have predefined services, for GRE you need to open protocol 47 on any port, or ports 0-65535 (all ports).