on 26-09-2021 19:34
Hi
Can anyone confirm if Virgin are blocking ports on the service, specifically 50, 1701 and 500 since I am unable to successfully get a VPN working into my network.. I'm using a SH3 in modem mode since 2 years or so, and I use a Zyxel USG60 firewall device . I am able to connect to my network on other services as required but am failing to set up the VPN, I'm getting a result as if its totally being blocked. It's not even hitting my firewall.
Just looking to be able to connect in on my laptop on iphone.
Or any one else successfully running IPSEC L2TP VPN on their VM connection ?
Thanks
on 26-09-2021 23:18
VM do NOT block those ports.
on 27-09-2021 07:56
My incoming VPN arrangement is different from yours but I do use L2TP.
In my case I have a VPN server running on an internal machine with port forwarding on my router (Hub3 in modem mode).
Firstly, the only ports required for L2TP are UDP 500 and 4500.
Secondly, how are you resolving your external IP address? I use no-ip.com.
Do you have any logs on your client devices that may indicate what is happening?
on 29-09-2021 08:44
Hi @jaffamuffin.
Thanks for your post 🙂
I'm sorry to hear you're having some issues getting your VPN working, I appreciate this is frustrating and we apologise for any inconvenience caused.
As advised by Tudor, we do not block these ports.
Please follow up on the questions asked by Eeeps so we can best advise you from here.
Thanks,
New around here? To find out more about the Community check out our Getting Started guide
on 30-09-2021 19:41
Hello thanks for the messages. I manged to figure out through enableing logs on firewall rules that I had a NAT rule in place that was catching the VPN attempts and diverting them to another system that was silently rejecting them. So I disabled that and was able to successfully mange to get a VPN working fine.
As for IP I am not yet resolving it dynamically just using IP for now. I'm aware it may change but it seems to have not changed for about a year so far.
Many thanks!
on 30-09-2021 20:33
@Jafffamuffin wrote:Hello thanks for the messages. I manged to figure out through enableing logs on firewall rules that I had a NAT rule in place that was catching the VPN attempts and diverting them to another system that was silently rejecting them. So I disabled that and was able to successfully mange to get a VPN working fine.
As for IP I am not yet resolving it dynamically just using IP for now. I'm aware it may change but it seems to have not changed for about a year so far.
Many thanks!
Glad you managed to sort it out, the key to many of these sorts of errors is to systematically work through what is happening to the connections and logging is key to this.
Don’t worry too much about the IP address, VM’s public addresses tend to be very sticky and sometimes don’t change for years. If and when the address does change and the tunnel falls over, make that the first thing you check.
on 30-09-2021 20:35
Incidentally 1701 is for PPTP which is about as secure now as a wet paper bag! Please tell me you aren’t using that protocol to connect!
on 30-09-2021 21:53
Hi
It's L2TP which uses that port, the firewall rule is configured to only pass the VPN encrypted traffic through otherwise it drops it
01-10-2021 00:05 - edited 01-10-2021 00:26
@Jafffamuffin wrote:Or any one else successfully running IPSEC L2TP VPN on their VM connection ?
I have a Zyxel VPN setup and you can do a test connect to it link below its likely you have not set it up right.
@Eeeps wrote:Firstly, the only ports required for L2TP are UDP 500 and 4500.
well protocol 50 and UDP 1701 if end to end has WAN IP and no NAT...😎
@jem101 wrote:Incidentally 1701 is for PPTP which is about as secure now as a wet paper bag! Please tell me you aren’t using that protocol to connect!
PPTP is 1723 and protocol 47
on 01-10-2021 09:08
@legacy1 wrote:
@Jafffamuffin wrote:Or any one else successfully running IPSEC L2TP VPN on their VM connection ?
I have a Zyxel VPN setup and you can do a test connect to it link below its likely you have not set it up right.
@Eeeps wrote:Firstly, the only ports required for L2TP are UDP 500 and 4500.
well protocol 50 and UDP 1701 if end to end has WAN IP and no NAT...😎
@jem101 wrote:Incidentally 1701 is for PPTP which is about as secure now as a wet paper bag! Please tell me you aren’t using that protocol to connect!
PPTP is 1723 and protocol 47
My bad, it was a long day!