XP to 2003 RRAS VPN Fails Curiously

Discussion in 'Windows Networking' started by Rob, Sep 30, 2004.

  1. Rob

    Rob Guest

    I have a Win XP SP2 client that is external to our LAN. When I try to
    connect via VPN to a member server joined to the AD domain running Win 2003
    & RRAS, I get "verifying username and password" on the client machine, and
    then finally it disconnects with error code "721 (Remote computer did not
    respond)". If I try to connect again, it just sits at the "connecting to
    <IP address>" screen and then fails. (I'm in the VPN_Users group as well as
    am a domain admin.)

    Looking in the Win2003 event logs, I see Event ID 20049: "The user connected
    to port VPN4-127 has been disconnected because the authentication process
    did not complete within the required amount of time."

    I followed the MS tutorial on configuring the VPN Server. The Internal NIC
    has Client for MS Networks, a static IP address of, no gateway,
    and points to our DNS server at, points to our WINS server at and has NetBIOS enabled. The External NIC *isn't* using Client
    for MS Networks, has a static IP address of 24.123.130.x, a gateway of
    24.123.130.y (as assigned by our ISP), points to the ISP provided external
    DNS servers, and has NetBIOS disabled. I selected the External NIC as the
    one which connects to the Internet on the Win2003 Server during the initial
    configuration of RRAS.

    I've authorized the Win2003 to be a valid RRAS server for the domain from
    the DC. I have only 1 Remote Access Policy: to grant access if the NAS Port
    Type = VPN and if the user is a member of the domain\VPN_Users group.

    Any ideas???

    Rob, Sep 30, 2004
    1. Advertisements

  2. it could be IP Protocol 47 (GRE) issue. quoted from

    Error 721: Remote PPP peer or computer is not responding. If you have tried
    many thing other people suggest like rebooting, reloading hardware and
    re-installing the VPN or dial in connection, you still get the same problem.
    I will suggest to check the router settings and make sure TCP Port 1723, IP
    Protocol 47 (GRE) are opened. Also make sure that the router has the PPTP
    enabled and not firewall block the traffic. On the RAS server, check the
    DHCP settings.

    For more and other information, go to http://www.ChicagoTech.net

    Don't send e-mail or reply to me except you need consulting services.
    Posting on MS newsgroup will benefit all readers and you may get more help.

    Robert Lin, MS-MVP, MCSE & CNE
    Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on
    This posting is provided "AS IS" with no warranties.
    Robert L [MS-MVP], Sep 30, 2004
    1. Advertisements

  3. Rob

    Rob Guest

    There is no router to block TCP port 1723 or IP Protocol 47. It's just my
    Win2003 server with 2 NICs. Do I need to make any changes to it? I'm not
    doing DHCP on the RAS, I'm trying to use the relay for another DHCP server
    on my LAN.

    Losing my mind,
    Rob, Sep 30, 2004
  4. Rob

    Rob Guest

    Nevermind, I fixed it.

    Rob, Oct 1, 2004
  5. Rob


    May 31, 2010
    Likes Received:
    Dear Rob,

    I'm facing the same exact ptoblem can you please tell me what you did to fix the problem?


    kdebono, May 31, 2010
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.