After a month with Windows 7 Professional, I still can't access my office computer. I think the hardware, firmware, and software are okay. I think it's a configuration problem. What follows is a description of the configuration, with as much detail as I can muster (changing certain information to protect the innocent). I can get a tunnel enabled, but I can't get a remote desktop connection. Three points go the genius who can solve this puzzle:
Home Computer
OS
Windows 7 Professional (64-bit)
Remote Assistance allowed
Remote control allowed
Remote Desktop Connections Allowed from any version
Sharing Options
Network discovery on
File and printer sharing on
Public folder sharing on
Media streaming on
40- or 56-bit encryption enabled
Password protected sharing off
Use user accounts and passwords to connect
Firewall
Norton 360
Program Rules
Remote Desktop Connection allowed
Traffic Rules
Port 1723 allowed - all remote (TCP and UDP)
Port 1723 allowed - all local (TCP and UDP)
Port 443 allowed - all remote (TCP and UDP)
Port 443 allowed - all local (TCP and UDP)
Port 500 allowed - all remote (TCP and UDP)
Port 500 allowed - all local (TCP and UDP)
Port 4500 - all local (TCP and UDP)
Port 60443 - all local (TCP and UDP)
Shrew Soft VPN Access Manager
Remote Host 123.456.789.123
Port 500
Auto Config - disabled
Local Host
MTU - 1380
Address - 192.168.30.0
Netmask - 255.255.255.0
Client
Firewall Options
NAT Traversal - enabled
NAT Traversal Port - 4500
Keep-alive packet rate - 15 secs
IKE Frag - enabled
Other Options
Dead Peer Detection - enabled
ISAKMP Failure Notification - enabled
Client Login Banner - disabled
Name Resolution
WINS - disabled
DNS - enabled
DNS Server Address - 192.168.0.4
Split DNS - enabled
Authentication
Method - Mutual PSK
Local Identity
FQDN
shrew.net
Remote Identity
IP Address
Use discovered remote host address
Credentials PSK - FakePSK
Phase 1
Exchange Type - aggressive
DH - group 2
Cipher - aes
Key Length - 256
Hash Algorithm - sha1
Key Life Time Limit - 28800
Data Limit - 0
Phase 2
Trans Algorithm - esp-aes
Trans Key Length - 256
HMAC - sha1
PFS Exchange - group 2
Compress - disabled
Key Life Time Limit - 3600
Key Life Data Limit - 0
Policy
Maintain Persistent Security Associations
Include Address - 192.168.0.0
Netmask - 255.255.255.0
Remote Desktop Connection
Computer - 99.88.77.100:33333
WAN Speed - 10Mbps or higher
Server Authentication - warn me
Automatically detect RD Gateway server settings
DSL Modem - Bridged
Router
Model - Linksys RV042
Firmware - 1.3.12.19-tm (Feb 13 2009 13:03:21)
Configuration
LAN IP - 99.88.77.1
Subnet Mask - 255.255.255.0
WAN1 IP - 123.456.789.123
PPPoE
[email protected]
password
connect on demand
MTU - auto
WAN2 - obtain an IP automatically
MTU - auto
Mode - Gateway
RIP - disabled
DNS (WAN1) - 444.222.6.88
DDNS - off
DMZ Host - disabled
Private IP Address - 99.88.77.0
Port Range Forwarding
TCP 33333~33334 to 99.88.77.100
UDP 33333~33334 to 99.88.77.100
UPnP Function - no
One-to-One NAT - disabled
DHCP Server - enabled
My Office Computer - 99.88.77.100
Printer-Host - 99.88.77.102
Partner 1 Computer - 99.88.77.104
Partner 2 Computer - 99.88.77.106
SNMP enabled
Diagnostic - ping
Firewall - enabled
SPI - enabled
DoS - enabled
Block WAN Request - enabled
Remote Management - Port 80
HTTPS - enabled
Multicast Pass Through - enabled
Ports 33333~33334 allowed to 99.88.77.100 (TCP)
Ports 33333~33334 allowed to 99.88.77.100 (UDP)
VPN Tunnel Group No. 1
WAN1
Local Security Group Type - subnet
IP Address - 192.168.1.0
Subnet Mask - 255.255.255.0
Remote Client - shrew.net
IPSec Setup
IKE with Preshared key
Phase 1
Group 2
AES-256
SHA1
28800
Perfect Forward Secrecy
Phase 2
Group 2
AES-256
SHA1
3600
Preshared Key - FakePSK
Aggressive Mode - yes
Compress - no
Keep-Alive - yes
AH Hash Algorith MD5 - no
NetBIOS broadcast - yes
NAT Traversal - yes
VPN Client Access
My-VPN - active
VPN Pass Through
IPSec Pass Through - enabled
PPTP Pass Through - enabled
L2TP Pass Through - enabled
PPTP Server - enabled
Range Start - 99.88.77.200
Range End - 99.88.77.204
User - MyPPTP (MyFakePassword)
Switch
Office Computer
System Configuration
Port Number fakefake (33333)
OS
Windows 7 Professional (64-bit)
Remote Assistance allowed
Remote control allowed
Remote Desktop Connections Allowed from any version
Sharing Options
Network discovery on
File and printer sharing on
Public folder sharing on
Media streaming on
40- or 56-bit encryption enabled
Password protected sharing off
Use user accounts and passwords to connect
Firewall
Norton 360
Program Rules
Remote Desktop Connection allowed
Traffic Rules
Port 33333 allowed - all remote (TCP and UDP)
Port 33333 allowed - all local (TCP and UDP)
Port 1723 allowed - all remote (TCP and UDP)
Port 1723 allowed - all local (TCP and UDP)
Port 443 allowed - all remote (TCP and UDP)
Port 443 allowed - all local (TCP and UDP)
Port 500 allowed - all remote (TCP and UDP)
Port 500 allowed - all local (TCP and UDP)
Port 4500 - all local (TCP and UDP)
Port 60443 - all local (TCP and UDP)
Home Computer
OS
Windows 7 Professional (64-bit)
Remote Assistance allowed
Remote control allowed
Remote Desktop Connections Allowed from any version
Sharing Options
Network discovery on
File and printer sharing on
Public folder sharing on
Media streaming on
40- or 56-bit encryption enabled
Password protected sharing off
Use user accounts and passwords to connect
Firewall
Norton 360
Program Rules
Remote Desktop Connection allowed
Traffic Rules
Port 1723 allowed - all remote (TCP and UDP)
Port 1723 allowed - all local (TCP and UDP)
Port 443 allowed - all remote (TCP and UDP)
Port 443 allowed - all local (TCP and UDP)
Port 500 allowed - all remote (TCP and UDP)
Port 500 allowed - all local (TCP and UDP)
Port 4500 - all local (TCP and UDP)
Port 60443 - all local (TCP and UDP)
Shrew Soft VPN Access Manager
Remote Host 123.456.789.123
Port 500
Auto Config - disabled
Local Host
MTU - 1380
Address - 192.168.30.0
Netmask - 255.255.255.0
Client
Firewall Options
NAT Traversal - enabled
NAT Traversal Port - 4500
Keep-alive packet rate - 15 secs
IKE Frag - enabled
Other Options
Dead Peer Detection - enabled
ISAKMP Failure Notification - enabled
Client Login Banner - disabled
Name Resolution
WINS - disabled
DNS - enabled
DNS Server Address - 192.168.0.4
Split DNS - enabled
Authentication
Method - Mutual PSK
Local Identity
FQDN
shrew.net
Remote Identity
IP Address
Use discovered remote host address
Credentials PSK - FakePSK
Phase 1
Exchange Type - aggressive
DH - group 2
Cipher - aes
Key Length - 256
Hash Algorithm - sha1
Key Life Time Limit - 28800
Data Limit - 0
Phase 2
Trans Algorithm - esp-aes
Trans Key Length - 256
HMAC - sha1
PFS Exchange - group 2
Compress - disabled
Key Life Time Limit - 3600
Key Life Data Limit - 0
Policy
Maintain Persistent Security Associations
Include Address - 192.168.0.0
Netmask - 255.255.255.0
Remote Desktop Connection
Computer - 99.88.77.100:33333
WAN Speed - 10Mbps or higher
Server Authentication - warn me
Automatically detect RD Gateway server settings
DSL Modem - Bridged
Router
Model - Linksys RV042
Firmware - 1.3.12.19-tm (Feb 13 2009 13:03:21)
Configuration
LAN IP - 99.88.77.1
Subnet Mask - 255.255.255.0
WAN1 IP - 123.456.789.123
PPPoE
[email protected]
password
connect on demand
MTU - auto
WAN2 - obtain an IP automatically
MTU - auto
Mode - Gateway
RIP - disabled
DNS (WAN1) - 444.222.6.88
DDNS - off
DMZ Host - disabled
Private IP Address - 99.88.77.0
Port Range Forwarding
TCP 33333~33334 to 99.88.77.100
UDP 33333~33334 to 99.88.77.100
UPnP Function - no
One-to-One NAT - disabled
DHCP Server - enabled
My Office Computer - 99.88.77.100
Printer-Host - 99.88.77.102
Partner 1 Computer - 99.88.77.104
Partner 2 Computer - 99.88.77.106
SNMP enabled
Diagnostic - ping
Firewall - enabled
SPI - enabled
DoS - enabled
Block WAN Request - enabled
Remote Management - Port 80
HTTPS - enabled
Multicast Pass Through - enabled
Ports 33333~33334 allowed to 99.88.77.100 (TCP)
Ports 33333~33334 allowed to 99.88.77.100 (UDP)
VPN Tunnel Group No. 1
WAN1
Local Security Group Type - subnet
IP Address - 192.168.1.0
Subnet Mask - 255.255.255.0
Remote Client - shrew.net
IPSec Setup
IKE with Preshared key
Phase 1
Group 2
AES-256
SHA1
28800
Perfect Forward Secrecy
Phase 2
Group 2
AES-256
SHA1
3600
Preshared Key - FakePSK
Aggressive Mode - yes
Compress - no
Keep-Alive - yes
AH Hash Algorith MD5 - no
NetBIOS broadcast - yes
NAT Traversal - yes
VPN Client Access
My-VPN - active
VPN Pass Through
IPSec Pass Through - enabled
PPTP Pass Through - enabled
L2TP Pass Through - enabled
PPTP Server - enabled
Range Start - 99.88.77.200
Range End - 99.88.77.204
User - MyPPTP (MyFakePassword)
Switch
Office Computer
System Configuration
Port Number fakefake (33333)
OS
Windows 7 Professional (64-bit)
Remote Assistance allowed
Remote control allowed
Remote Desktop Connections Allowed from any version
Sharing Options
Network discovery on
File and printer sharing on
Public folder sharing on
Media streaming on
40- or 56-bit encryption enabled
Password protected sharing off
Use user accounts and passwords to connect
Firewall
Norton 360
Program Rules
Remote Desktop Connection allowed
Traffic Rules
Port 33333 allowed - all remote (TCP and UDP)
Port 33333 allowed - all local (TCP and UDP)
Port 1723 allowed - all remote (TCP and UDP)
Port 1723 allowed - all local (TCP and UDP)
Port 443 allowed - all remote (TCP and UDP)
Port 443 allowed - all local (TCP and UDP)
Port 500 allowed - all remote (TCP and UDP)
Port 500 allowed - all local (TCP and UDP)
Port 4500 - all local (TCP and UDP)
Port 60443 - all local (TCP and UDP)
My Computer
- Computer Manufacturer/Model Number
- Hewlett-Packard Compaq Presario/CQ5218F
- OS
- Windows 7
- CPU
- AMD Athlon(tm) II x2 215
- Memory
- 3.00 GB (2.75 GB usable)
- Other Info
- 64-bit Operating System
