none
Connecting iPad / iPhone to Windows RRAS VPN

    Question

  • Hello All - 

    Until recently, I've always forwarded ports in my home firewall to RDP to my servers and such.  To add a layer of security as well as functionality, I'm going to remove those ports and start using RRAS.  I set up the server end of it and successfully tested it with a Windows 7 laptop from an outside network.  Unfortunatly, I am unable to connect with my iPad which I do much of my RDP from.  I set the iPad's VPN connection up as PPTP (which I think would be the one to use given my basic server config), but also tried L2TP with no luck.

    Attempted L2TP

    I've tried setting up L2TP as well using the steps in this interesting article, but haven't had any success. I followed the steps to add the Shared Secret, Add the Policy, restarted the service, and verified the correct ports were open, but still cannot connect with an iPad.  Note:  I did not test the configuration in the article above with any other device - just an iPad using native VPN.

    I hear that the iPad (same iOS as iPhone/iPod) supports higher encryption.  Honestly, though, I am not concerned about having the best encryption as anything would be better that leaving 3389 open.  I tried to find apps that I could also test connecting with, but all VPN ones seem to either be for Cisco gear or private browsing.

    My Config

    I'm currently using Windows Server 2011 SBS.  My router has the following ports pointed to the server and open during testing:  

    TCP: 1723, 50, 51

    UDP: 500, 4500 

    Error Message (PPTP)

    When I try to connect from my iPad via PPTP when connected to internal wireless, it works.  However, when connected to external internet, it displays "Connecting" for a couple of seconds, "Starting" for about 30 seconds, then fails with the pop up error "A connection could not be established to the PPP server..." 

    Any suggestions or links that can tell me what I'm doing wrong?  Thanks!


    Ben K.






    Tuesday, April 17, 2012 6:40 PM

Answers

  • Hi Ben,

    Thanks for posting here.

    > When I try to connect from my iPad via PPTP when connected to internal wireless, it works.  However, when connected to external internet, it displays "Connecting" for a couple of seconds, "Starting" for about 30 seconds, then fails with the pop up error "A connection could not be established to the PPP server..."

    It seems incorrect settings on edge router device cause this issue but VPN service itself. Just FYI, If we are running SBS 2011 then we should first enable UPnP on router device (if that is supported )and leave system to configure port forwarding settings by its built-in wizard.

    Actually GRE (value 47) should also be configured to forward in order to establish PPTP VPN tunnel form outside . Like I mentioned these settings are better to be automatically configured by SBS built-in wizard if we are running SBS server.  

    Which ports to unblock for VPN traffic to pass-through?

    http://blogs.technet.com/b/rrasblog/archive/2006/06/14/which-ports-to-unblock-for-vpn-traffic-to-pass-through.aspx

    Verify your router setup

    http://technet.microsoft.com/en-us/library/gg637864.aspx

    Regards,

    Tiger Li

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact  tnmff@microsoft.com.


    Tiger Li

    TechNet Community Support

    • Proposed as answer by Tiger Li Friday, April 20, 2012 9:03 AM
    • Marked as answer by Tiger Li Monday, April 23, 2012 10:03 AM
    Wednesday, April 18, 2012 5:31 AM

All replies

  • Hi Ben,

    Thanks for posting here.

    > When I try to connect from my iPad via PPTP when connected to internal wireless, it works.  However, when connected to external internet, it displays "Connecting" for a couple of seconds, "Starting" for about 30 seconds, then fails with the pop up error "A connection could not be established to the PPP server..."

    It seems incorrect settings on edge router device cause this issue but VPN service itself. Just FYI, If we are running SBS 2011 then we should first enable UPnP on router device (if that is supported )and leave system to configure port forwarding settings by its built-in wizard.

    Actually GRE (value 47) should also be configured to forward in order to establish PPTP VPN tunnel form outside . Like I mentioned these settings are better to be automatically configured by SBS built-in wizard if we are running SBS server.  

    Which ports to unblock for VPN traffic to pass-through?

    http://blogs.technet.com/b/rrasblog/archive/2006/06/14/which-ports-to-unblock-for-vpn-traffic-to-pass-through.aspx

    Verify your router setup

    http://technet.microsoft.com/en-us/library/gg637864.aspx

    Regards,

    Tiger Li

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact  tnmff@microsoft.com.


    Tiger Li

    TechNet Community Support

    • Proposed as answer by Tiger Li Friday, April 20, 2012 9:03 AM
    • Marked as answer by Tiger Li Monday, April 23, 2012 10:03 AM
    Wednesday, April 18, 2012 5:31 AM
  • Hi Ben,

    Please feel free to let us know if the information was helpful to you.

    Regards,

    Tiger Li

    TechNet Subscriber Support in forum
    If you have any feedback on our support, please contact  tnmff@microsoft.com.


    Tiger Li

    TechNet Community Support

    Thursday, April 19, 2012 10:31 AM