win7 VPN with ipv6 and error 800

  • Thread starter Roland Schweiger
  • Start date
R

Roland Schweiger

Knowing that there are many situations that can develop where VPNs
simply will not work, here is my situation.

In brief: the VPN between 2 computers works fine with ipv4 addresses,
it does not work with ipv6 addresses although they are reachable.

In detail:
2 machines (both win7, vpn-server-side 64bit, client-side 32bit), each
machine uses a fritzbox as adsl-modem router, the machines are in 2
cities, both have dynamic ipv4 (with dyndns) and static ipv6+subnet
with sixxs tunnelbroker.

On the vpn-server-side, i created a "new incoming connection",
allowing ipv4 and ipv6 protocols.
On the client side, i created a new "connection to a workplace" (a vpn
client connection).

On the fritzbox of the vpn server, i created two port-forward rules,
allowing all incoming tcp und udp packets on port 1723to be forwarded
to the server, i.e. using the protocol 41.
On the ipv6 side, all machines connected to the fritzbox have their
proper ipv6 address that has no firewall, i.e. all packets on all
ports are forwarded.

On the vpn-client side, when i type in the ipv4 address of the vpn
server (using dynamic dns), all works.
When i type in the ipv6 address, the logon process takes a while and
then yields to error 800.

Does anyone know why? Is Windows7 vpn not working properly with ipv6
or soes someone know what i might be doing wrong, before examining the
long and weery event log.

greetings

Roland Schweiger
 
R

R. C. White

Hi, Roland.

"fritzbox"?

I know a dozen or two German words (not nearly enough to carry on a
conversation, written or verbal) but that's a new one for me. Could you
translate, please?

RC
--
R. C. White, CPA
San Marcos, TX
(e-mail address removed)
Microsoft Windows MVP (2002-2010)
Windows Live Mail 2011 (Build 15.4.3538.0513) in Win7 Ultimate x64 SP1


"Roland Schweiger" wrote in message
Knowing that there are many situations that can develop where VPNs
simply will not work, here is my situation.

In brief: the VPN between 2 computers works fine with ipv4 addresses,
it does not work with ipv6 addresses although they are reachable.

In detail:
2 machines (both win7, vpn-server-side 64bit, client-side 32bit), each
machine uses a fritzbox as adsl-modem router, the machines are in 2
cities, both have dynamic ipv4 (with dyndns) and static ipv6+subnet
with sixxs tunnelbroker.

On the vpn-server-side, i created a "new incoming connection",
allowing ipv4 and ipv6 protocols.
On the client side, i created a new "connection to a workplace" (a vpn
client connection).

On the fritzbox of the vpn server, i created two port-forward rules,
allowing all incoming tcp und udp packets on port 1723to be forwarded
to the server, i.e. using the protocol 41.
On the ipv6 side, all machines connected to the fritzbox have their
proper ipv6 address that has no firewall, i.e. all packets on all
ports are forwarded.

On the vpn-client side, when i type in the ipv4 address of the vpn
server (using dynamic dns), all works.
When i type in the ipv6 address, the logon process takes a while and
then yields to error 800.

Does anyone know why? Is Windows7 vpn not working properly with ipv6
or soes someone know what i might be doing wrong, before examining the
long and weery event log.

greetings

Roland Schweiger
 
R

R. C. White

Hi, Jeff.

Thanks! I never would have guessed that one. ;^}

RC
--
R. C. White, CPA
San Marcos, TX
(e-mail address removed)
Microsoft Windows MVP (2002-2010)
Windows Live Mail 2011 (Build 15.4.3538.0513) in Win7 Ultimate x64 SP1


"Jeff Layman" wrote in message
Hi, Roland.

"fritzbox"?
Click to expand...
http://www.fritzbox.eu/en/index.php
 
M

meagain

Roland said:
Knowing that there are many situations that can develop where VPNs simply will not
work, here is my situation.

In brief: the VPN between 2 computers works fine with ipv4 addresses, it does not
work with ipv6 addresses although they are reachable.

In detail:
2 machines (both win7, vpn-server-side 64bit, client-side 32bit), each machine uses a
fritzbox as adsl-modem router, the machines are in 2 cities, both have dynamic ipv4
(with dyndns) and static ipv6+subnet with sixxs tunnelbroker.

On the vpn-server-side, i created a "new incoming connection", allowing ipv4 and ipv6
protocols.
On the client side, i created a new "connection to a workplace" (a vpn client
connection).

On the fritzbox of the vpn server, i created two port-forward rules, allowing all
incoming tcp und udp packets on port 1723to be forwarded to the server, i.e. using
the protocol 41.
On the ipv6 side, all machines connected to the fritzbox have their proper ipv6
address that has no firewall, i.e. all packets on all ports are forwarded.

On the vpn-client side, when i type in the ipv4 address of the vpn server (using
dynamic dns), all works.
When i type in the ipv6 address, the logon process takes a while and then yields to
error 800.

Does anyone know why? Is Windows7 vpn not working properly with ipv6 or soes someone
know what i might be doing wrong, before examining the long and weery event log.
Click to expand...
Your port forwarding needs to be expanded (probably) to include
IKE: 50
NTP: 123
isakmp: 500
MSTSC (for remote desktop)
NAT-Traversal 4500
and maybe 10010 ...
 
R

Roland Schweiger

"R. C. White"
"fritzbox"?
Click to expand...
Sorry. FritzBox is the brand name for a series of
ADSL-modem-router-devices made by German company AvM.
The model i use (FritzBox 7390) is a combination device of ADSL modem
+ router + accesspoint + DECT base-station.
The model is capable of handling native ipv4 and ipv6 addressing, or
as in my case, ipv6 is provided by the tunnel-broker SIXXS but the
FritzBox handles it as if it were native.
As Sixxs offers ipv6-subnets, any computer connected to the fritzbox
has its own proper ipv6 address that is reachable from outside.

greetings

Rolnd Schweiger
 
R

Roland Schweiger

"meagain"
Your port forwarding needs to be expanded (probably) to include
IKE: 50
NTP: 123
isakmp: 500
MSTSC (for remote desktop)
NAT-Traversal 4500
and maybe 10010 ...

Hm. On the ipv4 side, the vpn works, and i only forwarded tcp/udp that
reach the adslmodemrouter incoming, to the vpn-server-machine.

On the ipv6 side however, i have no forwarding at all because the
vpn-server-machine has its own public ipv6 address that derives from
the ipv6 subnt that is provided by the sixxs tunnelbroker.
So i only told my fritzbox (the adsl modem router device) to
completely deactivate the "firewall" for ipv6, so the vpn machine is
reachable on all ports for all protocols.
It is also ping-able (i know that PING alone if it works, does not
mean that everything works).

greeting

Roland Scweiger
 
R

R. C. White

Hi, Roland.

Thank you. As I told Jeff, I never would have guessed that one.

RC
--
R. C. White, CPA
San Marcos, TX
(e-mail address removed)
Microsoft Windows MVP (2002-2010)
Windows Live Mail 2011 (Build 15.4.3538.0513) in Win7 Ultimate x64 SP1


"Roland Schweiger" wrote in message
"R. C. White"
"fritzbox"?
Click to expand...
Sorry. FritzBox is the brand name for a series of
ADSL-modem-router-devices made by German company AvM.
The model i use (FritzBox 7390) is a combination device of ADSL modem
+ router + accesspoint + DECT base-station.
The model is capable of handling native ipv4 and ipv6 addressing, or
as in my case, ipv6 is provided by the tunnel-broker SIXXS but the
FritzBox handles it as if it were native.
As Sixxs offers ipv6-subnets, any computer connected to the fritzbox
has its own proper ipv6 address that is reachable from outside.

greetings

Rolnd Schweiger
 
M

meagain

Roland said:
"meagain"

Your port forwarding needs to be expanded (probably) to include
IKE: 50
NTP: 123
isakmp: 500
MSTSC (for remote desktop)
NAT-Traversal 4500
and maybe 10010 ...


Hm. On the ipv4 side, the vpn works, and i only forwarded tcp/udp that reach the
adslmodemrouter incoming, to the vpn-server-machine.

On the ipv6 side however, i have no forwarding at all because the vpn-server-machine
has its own public ipv6 address that derives from the ipv6 subnt that is provided by
the sixxs tunnelbroker.
Click to expand...
But the 'modemrouter' has to clone that 'IPV6 subnt' in order to present it to the
outside world, doesn't it?
 
R

Roland Schweiger

"meagain"
On the ipv6 side however, i have no forwarding at all because the
vpn-server-machine
has its own public ipv6 address that derives from the ipv6 subnt
that is provided by
the sixxs tunnelbroker.
Click to expand...
But the 'modemrouter' has to clone that 'IPV6 subnt' in order to
present it to the
outside world, doesn't it?

Well, i use the same principle to access the machine via remote
desktop protocol, on the client side i type in the ipv6 address of the
"server", this works,
so i assume(d) that vpn server should work just the same ... but
something is wrong however.

greetings

Roland Schweiger
 
You must log in or register to reply here.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Upgrading vista to win7 using a 7 full install dvd 8
WIN7 retail activation codes 3
Are there legacy boot options on all pre-installed Win7 computers? 0
I need to download a Win7 Recovery disk for my Toshiba Satellite laptop please 2
SOLVED Win7 desktop wallpaper 2
SOLVED Win7 or PC Component Failure 5
Configure server in win7 ultimate 64bit? 0
VPN connection works on Mac but not Win7 0

Top