Site to site VPN connection problem

Question

Hi
I have a problem connecting two Microsoft servers (both inside the LAN) via demand-dial connection, I use a port forwarder on both routers for the PPTP connection. when side A is connected I can't connect side B and vice versa. at the same time, just one side is connected. I get an error that I share with you.
This error occurs when I connect side A and try to connect side B or vise versa.

On Both servers, RRAS is installed. LAN routing, Demand-dial connections, and VPN access are installed. all firewall is turned off.

for VPN server A in demand-dial connection, I set public IP address router B and with port forwarder on the router B give it to VPN server B and for server B demand-dial connection set public IP address router A and with port forwarder Router A give it to server A.

I hope to share enough information. any ideas or help is most welcome.
kind regards

Answer 1

GRE is not a port. It's an IP Protocol Number. If the user interface for your router doesn't mention GRE protocol forwarding anywhere, try making your VPN server the "DMZ host" A home router DMZ host is a host on the internal network that has all UDP and TCP ports open and exposed, except those ports otherwise forwarded.

It basically lets you specify one machine on the private LAN side of your router to which your router will forward all new incoming traffic that the router doesn't know what to do with (that is, that it doesn't already have a static or dynamic mapping for).

Note that GRE is used for PPTP style VPNs, so see if any of your router's PPTP VPN gateway/pass through features/settings can help you.
https://learn.microsoft.com/en-us/troubleshoot/windows-client/networking/error-when-establishing-vpn-connection

--please don't forget to upvote and Accept as answer if the reply is helpful--