cancel
Showing results for 
Search instead for 
Did you mean: 

Setting up a VPN connection

N/A

Setting up a VPN connection

Hi all,

I'm attempting to set up a Virtual Private Network connection to access my university's library resources from my computer at home. However after I've set up the internet connection, entered all network details, started connecting, an error message popped up saying "Error 619: A connection to the remote computer could not be established, so the port used for this connection was closed".

I then checked the university's help desk which said two possible reasons for this were either firewall from the local network or the ISP required extra charge for connecting to network outside their own.

As I'm using wireless internet, my first guess was the firewall, so I reconfigured it as recommended: Open up TCP the port 1723 and IP packet type 47 (or UDP port 47. However the same message came up again.

So am I required to pay extra to get connected to a network using VPN? Would greatly appreciate any advice.
6 REPLIES
Community Veteran
Posts: 14,469
Registered: 30-07-2007

Setting up a VPN connection

PlusNet do not block VPN and you don't have to pay extra for it.

I still suspect it's either a local issue with your firewall OR PC, or possibly the university may be blocking the connection from your IP for some reason.

What firewall are you referring to, the one in your router or your windows/3rd party software firewall on your PC?

If its your router firewall, you only need to open 1723 and 47 if you want to connect to your PC from the internet. Outgoing connections on port 1723 will go through without problems (or should do) as that is how router firewalls are designed to work, they block incoming connections, not outgoing.

If its the software firewall, which one are you using?

What kind of system are you connecting too, Windows (which version), Unix?

Finally, what OS and version are you using?

Finally, finally... Are you sure your username & password are correct AND the remote system has been setup to allow the username/password to be used remately. On SBS 2003, you need to be added to a remote access profile before authentication will be allowed from a remote/vpn connection.
N/A

Setting up a VPN connection

Thank you for your reply. In my Netgear firewall settings, I created a new rule for the Inbound Services:

For Service, I choose VPN-PPTP (tcp: 1723). Action: allow always.

But the connections is still refused. Is there something missing here?
ceridwen
Grafter
Posts: 937
Registered: 14-10-2007

Setting up a VPN connection

What router are you using? If it is the netgear DG834 series it doesn't allow you to setup a rule to allow GRE (IP packet type 47) as it only allows you to set up rules for TCP ports and UDP ports (UDP port 47 is not the same as IP packet type 47).

The error message you are getting is typically of GRE (IP packet type 47) not getting through.

What I do is rather than have the default rule to block everything, I add two rules at the bottom of the priority to block all TCP traffic and all UDP traffic (this isn't quite as safe but is the easiest workaround for the Netgear).

Matthew
Community Veteran
Posts: 14,469
Registered: 30-07-2007

Setting up a VPN connection

Quote
Thank you for your reply. In my Netgear firewall settings, I created a new rule for the Inbound Services:

You are not using an inbound connection, you are establishing the VPN connection so its outbound so not affected by the firewall.

What system are you connecting to? Windows 2003 by any chance?

Also what firewall are you using on your PC?

ALso see this article where a similar problem was seen and it turned out to be a configuration problem on the server, not he firewall or local PC. Maybe tell your support people about it.

FYI I VPN to my work Windows 2003 server frequently using my netgear DG834 without ANY special firewall settings.
N/A

Setting up a VPN connection

Most of my users with remote access to my network use DG834's (various flavours) again, without any configuration needed. (Other than login stuff to get web connection, and wireless security where appropriate)

Similar to Peter's suggestion, to gain access to our systems, each user has to have a box checked on their profile, in order to allow remote authentication. (MS Server 2000)

Two things to check:

Do you have the latest firmware on your router? (IIRC on an older version of firmware I had to create a rule to send PPP traffic to the relevant internal IP - could be wrong though, my brain is getting pretty addled these days :lol: )

Second, assuming that the latest firmware is in place/doesn't help - check back with your sysadmin and ask them to make sure that external access is activated on your account. (I suspect that as a default, Uni accounts will have it enabled, but its not unknown for somebody to have dropped a clanger at some stage. Wink )
N/A

Setting up a VPN connection

Thanks everyone for your kind help. I've just tried to open the tcp-udp port (47) and somehow I can connect. I don't know why, but the problem is mysteriously solved.

Best,