Scenario: Two Windows Server 2003 machines running RRAS VPNs. The firewall port forwards 1723 to one of those machines for normal remote access. I'd like to find a way to connect to the second machine as well. Not because I need to but just because it's the sort of thing I reckon should be possible but can't figure out how to do.
Is it possible to have the Windows PPTP VPN client (on XP in this instance) connect on a port other than 1723? If so, I can simply port forward another port to the second server. I've done a fair bit of Googling over the last few days and have only found others asking the same question but no answers.
I have of course tried to add a port number in the host name or IP connection box, in various formats, but to no avail. While this might be possible with a third part client I'm really only interested in whether or not it can be done with the Windows built-in client and if so how?. Perhaps there's a registry hack I'm not aware of?
Best Answer
Basically no, you can't change it. The TCP port is only used to setup the initial connection. All traffic is sent over GRE, not TCP. I highly recommend requiring client certificates. PPTP as a protocol is plenty secure when you pair it with client certs, no need to upgrade to something like SSL VPN.
See this question from the other day for links on how to setup this up.