Site 1: VPN Server with 2 NICs NIC 1: 192.168.1.1/255.255.255.0 (labelled LAN and connected to LAN) NIC 2: 192.168.11.2/255.255.255.0 (labelled netgear and connected to ADSL/Modem router) ADSL/Modem router: 192.168.11.1/255.255.255.0 RRAS installed through wizard acting as NAT and VPN allowing LAN on NIC 1 access to the internet using NIC 2 On the RRAS Properties screen, the following has been set: [General] IPv4 Router with LAN and demand-dial routing IPv4 Remote access server [Security] Windows Authentication with EAP and MS-CHAP v2 [IPv4] Enable IPv4 Forwarding Static address pool from 192.168.1.81 To 192.168.1.100 for 20 addresses Enable broadcast name resolution Adapter for DHCP, DNS and WINs: LAN NPS configured to allow a group called Routers with 1 AD account allowed to dial-in Network Interfaces Demand-dial interface named "site2" with host address Persistent connection with 3 redial attempts Security PPTP VPN type with "Require encryption" and Allow these protocols set to MS-CHAP v2) Networking with only Internet Protocol Version 4, File and Printer Sharing and Client for MS Networks enabled. Static Routes in IPv4 One static route with destination 192.168.2.0/255.255.255.0 on interface "site2" with a metric of 5 Site 2: Identical to site 1 except using the following: NIC 1: 192.168.2.1/255.255.255.0 (labelled LAN) NIC 2: 192.168.12.2/255.255.255.0 (labelled netgear) ADSL/Modem router: 192.168.12.1/255.255.255.0 Demand-dial interface named "site1" Static route with destination 192.168.1.0/255.255.255.0 on interface "site1" with a metric of 5 The problem is that I can only have one connection at a time. If site 1 has successfully established a conenction to site 2, site 2 can't establish to site 1 and vice-versa. Any ideas why that is? Also, I'm getting these errors on the VPN that cannot successfully connect: Event Id: 20227 The user SYSTEM dialed a connection named PLouis which has failed. The error code returned on failure is 638, 718, 806, 807 etc... Event Id: 20209 A connection between the VPN server and the VPN client x.x.x.x has been established, but the VPN connection cannot be completed. The most common cause for this is that a firewall or router between the VPN server and the VPN client is not configured to allow Generic Routing Encapsulation (GRE) packets (protocol 47). I'm using a Netgear DG834G and have allowed VPN-PPTP which is a factory listed rule. I've checked and it should be allowing GRE packets. I need this to work correctly as I have more sites that I have to link that way. I've tried using demand-dial's own "Add a user account so a remote router can dial in" but it's not been working too, forcing me to do things manually by creating a demand-dial only at both sites.

Hi, Thank you for your post here. Do you mean the issue when clients in two site attempt to establish bidirectional site-to-site VPN connection to each other? First of all, from your description that site 1 can established a connection to site 2 and vice-versa it seems that the VPN traffic can reach other from a site and there is no problems in the firewall rules which permit PPTP VPN. It is really a weird issue. According to the error ID, it much seems like the routers act as the gateway for each other may be the culprit. Is Netgear DG834G router capable of traffic logging? If yes, please dig the log and check whether there is any blocked VPN traffic. 638 The request has timed out. 718 PPP timeout. 806 A connection between your computer and the VPN server has been started, but the VPN connection cannot be completed. The most common cause for this is that at least one Internet device (for example, a firewall or a router) between your computer and the VPN server is not configured to allow Generic Routing Encapsulation (GRE) protocol packets. If the problem persists, contact your network administrator or Internet service provider. 807 The network connection between your computer and the VPN server was interrupted. This can be caused by a problem in the VPN transmission and is commonly the result of internet latency or simply that your VPN server has reached capacity. Please try to reconnect to the VPN server. If this problem persists, contact the VPN administrator and analyze quality of network connectivity.

Well I'm actually trying to have the two VPN servers running Windows Server 2008 R2 to connect to each other. Like I said, I've tried doing this when configuring a demand-dial interface and adding a user account for a remote router to log in but it was not working. Hence I've tried doing it the old fashion which involves create a demand-dial at each site with the appropriate static route for the remote location. I can't seem to be able to find anywhere on the Netgear router which would allow traffic logging.