Hi all,
I've mostly setup a W2012 Server R2 machine. Now I'm into setting up the VPN.
I've followed the (somewhat) simple tasks of adding the role etc. But I get the feeling that
is not a complete effort. I'm new to building/setting up a VPN. Sorry for my (gross?) ignorance.
If anyone has a (simple?) (concise?) link that describes the entire process of setting up and proving
a VPN please lay it on me. Something like: I. add the vpn role II. add the users to the VPN
III setup domain(?? required?) IV open ports on x equipment. V. install x software on wkstation. VI. login with vpn user info using x software on wkstn.
That would be (I suppose) ideal.
A few months ago I tried to setup a VPN on a W2003 server (hahaha). It had never been a "domain" machine.
The effort gave it a name of "<theservername>.<theorganizationname>.local" where as (for the last, ohhh, 13 years)
the previous url had just been <theservername>. It had always been only available via IIS on a lan.
The result was a debacle in down-time. Recovery successful, but very painful even with Carbonite backups.
otw and anyway:
My last few steps from a "instructional" found on-line for "installing a VPN on W2012" were:
12. Click on the Open Getting Started Wizard to complete the VPN configuration.
13. Select Deploy VPN Only
14. This opens the MMC for Routing and Remote Access
15. Right click the server and select Configure and Enable Routing and Remote Access
16. This launches the Setup Wizard
17. Since their is only one network interface you will need to choose Custom Configuration.
Next
18. Check VPN Access. Next
19. Finish the Wizard.
Those instructs weren't exactly what i saw as i progressed but I do believe I got to every
where I needed to go. One difference above is this server has 2 nics -- nic1 is dedicated to a VM. Nic2 will be the VPN
and other server user's in/out access.
When i try to access the VPNserver via W7 wkstn I followed the task of estblshing a new cx:
"Set connecton to workplace". That cx is in place. Repeated attempts to connect with
different properties/parameters etc. yields only failure.
I've been attempting to use the only login available on the server at this point:
\win2012VPNmachine\administrator
the vpn type had been Automatic. I also tried via the (local) ip (192.168.1.75).
And I tried all of the specific vpn types. None worked and depending on the attempt gen'd 800, 807, 810 or 0x800b0109 errors. PPTP seems like the type-of-choice from the posts/links I've read.
I don't know if the topology matters:
Ultimately this server will be in an office where: ISP is Charter/TimeWarner. The modem is theirs.
The server will sit connected to a Dell Managed Switch (ours) which in turn connects to the modem.
My current, test, environment: both machines are on a LAN behind an ISP modem/router, no switch.
Is this the kind of situation where cisco anyconnect could be/is useful?
I tried using Anyconnect but got nothing but rejects.
Finally, I turned off the firewalls on wkstn and server, attempted using w2012 admin/pw and got an
812 ("< prevented policy conflict on your rasvpn server. auth method...>").
from reading other links on this forum. It seems like I need to setup policies, open port(s) and/or users
but where/how?
At this point I'm not going crazy fancy. Just the minimum baby steps to get a VPN in the office
available simply, securely, outside the office.
Thanks for any pointers.
source link: https://social.technet.microsoft.com/Forums/windowsserver/en-US/2945c426-076c-4a70-a130-cfc3b8e29b4d/vpn-ninoa?forum=winserver8setup