Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SA520W-K9 VPN SBS 2003 R2

I have enabled the passthrough. I have also set up IPv4 rules for IPSEC-UDP-ENCAP and IKE to go to my server.  At home I get a 720 error code every time I try to connect. Any suggestions will be apreciated.

Everyone's tags (2)
3 REPLIES
New Member

Re: SA520W-K9 VPN SBS 2003 R2

Hi,

Can you please provide us the configuration file and also explain the network setup. Please remove password sensitive information from the configuration file. You can send a private message if you don't want to post it to the community.

Thanks,

Nitin.

New Member

Re: SA520W-K9 VPN SBS 2003 R2

From further investigation, I can not ger port 1701 to open on the SA. I made the rule but the scan show the port is not open.

Cisco Employee

Re: SA520W-K9 VPN SBS 2003 R2

Hi Guy,

Error code 720 means that a connection to the remote server could not be establised.  Microsoft's Support pages for PPTP and L2TP hint that there may be a misconfiguration of protocols between the Server and Client machine.  Please see following troubleshooting articles.

http://support.microsoft.com/kb/314076

http://support.microsoft.com/kb/314869/

To setup the SA 500 series device to allow PPTP  connections to pass through, you have to have PPTP passthrough enabled (checked) on the VPN ->IPSec  ->Passthrough web page of the SA 500 Security Appliance Configuration Utility.  Also, you must create a firewall rule to allow PPTP service to be forwarded from the WAN to the IP address of your 2003 server.

For the case of L2TP, you have to have  IPSec and L2TP passthrough enabled (checked) on the VPN  ->IPSec  ->Passthrough web page of the SA 500 Security Appliance Configuration  Utility.  Also, you must create firewall rules to allow IKE and IPSEC-UDP-ENCAP services  to be forwarded from the WAN to the IP address of your 2003 server.

I hope this helps you on your way to configuring your remote access.

Cheers,

Julio

981
Views
0
Helpful
3
Replies