How to configure Windows CE .NET Firewall to enable PPTP VPN server on CE?

Discussion:

(too old to reply)

Yvan

2005-05-30 16:23:19 UTC

After many trials, I cannot manage to setup Windows CE .NET firewall rules
for PPTP VPN server on the CE platform.

Our Windows CE .NET based device runs both the native PPTP VPN server and
Firewall.

TCP port 1723 is opened for both inbound and outbound, but GRE protocol Id
47 is not listed as a supported protocol by the Windows CE .NET firewall.
Therefore, nothing is configured specifically for protocol 47.

Does this means that it is impossible to activage the Windows CE VPN PPTP
server when the firewall is also activaged !?

I hope not !

Any suggestion on how to configure the firewall ?

Thanks,
Yvan.

Yvan

2005-05-30 17:03:14 UTC

Permalink

I finally managed to connect to the VPN server by allowing protocol 47, even
if Microsoft documents this protocol as not being supported !

But I still have a problem; DCOM servers do not work... and of course I do
not want to open any DCOM port and ranges of ports.

any idea ?

I tough that the PPTP tunnel would give access to DCOM ports throught the
firewall....

Yvan.

Post by Yvan
After many trials, I cannot manage to setup Windows CE .NET firewall rules
for PPTP VPN server on the CE platform.
Our Windows CE .NET based device runs both the native PPTP VPN server and
Firewall.
TCP port 1723 is opened for both inbound and outbound, but GRE protocol Id
47 is not listed as a supported protocol by the Windows CE .NET firewall.
Therefore, nothing is configured specifically for protocol 47.
Does this means that it is impossible to activage the Windows CE VPN PPTP
server when the firewall is also activaged !?
I hope not !
Any suggestion on how to configure the firewall ?
Thanks,
Yvan.

Yvan

2005-05-30 19:26:02 UTC

Permalink

Ok, I found the solution.

This does the job upon initiating the Firewall in order to disable the
firewall on the VPN interfaces.
Yvan.

::FirewallSetInterface(L"RAS VPN Line 0", FALSE, TRUE);
::FirewallSetInterface(L"RAS VPN Line 1", FALSE, TRUE);
::FirewallSetInterface(L"RAS VPN Line 2", FALSE, TRUE);
::FirewallSetInterface(L"RAS VPN Line 3", FALSE, TRUE);
::FirewallSetInterface(L"RAS VPN Line 4", FALSE, TRUE);

vishva29

2005-06-29 12:07:03 UTC

Permalink

I am facing a problem related to RAS server (incoming). I have made all the
registry settings like global
server settings,Per line settings and user credential information
but my windowsCE device doent answer.Have you added like ATA in registry ? i
am using the application given in winCE420 root directory.But it didnt
work...I have written hayes compatible on COM1 as device name and RASDT_Modem
as device name instead of "serial cable on com1" $ RASDT_Direct. what about
you?

Can you please help me?it will be better if we can talk on phone.can u give
ur phone number?
My landline is +91-22-55916426
mobile +919820435412

regards
Vishvajeet

Post by Yvan
Ok, I found the solution.
This does the job upon initiating the Firewall in order to disable the
firewall on the VPN interfaces.
Yvan.
::FirewallSetInterface(L"RAS VPN Line 0", FALSE, TRUE);
::FirewallSetInterface(L"RAS VPN Line 1", FALSE, TRUE);
::FirewallSetInterface(L"RAS VPN Line 2", FALSE, TRUE);
::FirewallSetInterface(L"RAS VPN Line 3", FALSE, TRUE);
::FirewallSetInterface(L"RAS VPN Line 4", FALSE, TRUE);