PPTP over TMG (Network Steve Forum)

PPTP over TMG

Hello

I am trying to deploy a VPN connection on PPTP. I have TMG as Edge, performing redundancy. My TMG Server is also DHCP and DNS Server [lack of financial resource], with following IP Schemes

Internal = 10.0.0.1
WAN1 = 192.168.2.2
WAN2 = 192.168.5.2

First, I am using Workgroup, and all users are SecureNat. There is no AD, no mspclient either.

I configured TMG, for VPN. For that I created a Local User "VPN" and added it to "VPN USERS" group, under Local Users and Group, in my TMG Server, and Allowed its access for Dial In configuration.

I Assigned Static Route "192.168.0.50 to 192.168.0.55", [and DHCP as well]
Then added VPN Users groups in VPN Client Properties.
Enabled PPTP under Protocols
Created a Firewall Policy allowing traffic from VPN Clients to internal network and Local Host.

Enabled the VPN Client.

I have forwarded the port 1723 in my both Modems. Now when the client tries to connect to the VPN Server, Message appears, "VERIFYING USER NAME AND PASSWORD" and after about 10 - 15 seconds, a dialogue appears with Error code 806 [Screenshot Attached].

I even tried DMZ option available in ADSL Modems, but nothing seemed to work at all.

I m receiving LIVE IP from my ISP.

While TMG logs shows

"The connection was successfully initiated." = Initiated Connection

then after a few seconds

"The connection was closed after the peer sent an RST Packet". = Connection Closed

then

" A non-SYNC packet was dropped because it was sent by a source that does not have an established connection with the Forefront TMG Conputer". = Denied Connection

I then tried "VPN after TMG" scenario. I made one of clients [Win7] VPN Server, and tried to connect remotely after publishing a Non-Web Server in TMG, Allowing traffic from external to my VPN Server [10.0.0.12], with PPTP protocol. And it returned the same error.

On the other hand, when I tried, Win7 [VPN Server], directly connected to internet and tried the client connection, it worked just fine.

Which leads me to the conclusion, that "THERE HAS TO BE SOMETHING MISSING IN TMG CONFIGURATION". But the question is WHAT?

Any help is appreciated.

Thanks.

April 10th, 2015 9:06am

Hi,

Please check the step-by-step blog below to see if you missed anything.

Configuring a PPTP Site to Site VPN with Microsoft Forefront TMG

Note: Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

Best Regards,

Joyce

Free Windows Admin Tool Kit Click here and download it now

April 13th, 2015 2:58am

This topic is archived. No further replies will be accepted.