Need to adjust the rule
Hi, How to adjust the following netsh advfirewall firewall add rule name="FTP1" dir=in action=allow protocol=TCP localport=20 to add new range to firewall rule below?
High availability for AD CS
We have a two tier PKI (both VM) what is the best solution for HA. In case the servers goes down?
remote user domain integration - DirectAccess vs Always On VPN
We use a 3rd-party security vendor vpn client & server which the users sign into with current domain credentials after signing into their Windows 10 desktops with cached domain credentials. With this solution remote domain-joined computers that…
![](https://techprofile.blob.core.windows.net/images/Lk9Z6O_Zg0W6xBUdS3lUsg.png?8D8286)
drawbacks of having too many domain controllers?
We have 3 regions, region A has 4 sites with 2 DCs each. Each of the sites are in different subnets. Region B and C has 3 sites (region B has 2 sites, region C has 1) and region B has 2 domain controllers. The 3 sites in region B and C are in the same…
Winows 2016 are disappeared time to time from neighborhood while Network discovery (WSD) browsing. Why ?
I have 2 Windows 2016 servers. One is AD DC and other is standalone one. Also there are some Windows 7 clients. Network discovery is tuned on as services: Dns client, Function Discovery Resource Publication, SSDP Discovery, UPnP Device Host,…
![](https://techprofile.blob.core.windows.net/images/9babca87cafd4a779105c52780f41048.jpg)
Lost my phone with authenticator app on that device.
Lost my phone with authenticator app on that device. My automatic safe password in my browser was on that device, changed it multiple times because of receiving a lot of spam,I have the code for my authenticator app but when I download authenticator app…
Change ip of adapter connected to the internal network in Direct Access
I have manually configured ipv6 address on internal NIC of Direct Access Server. Instead of using that ip Direct Access uses auto config ipv6 address. So Adapter connected to the internal network is using wrong ipv6 address. How can I change it to use…
![](https://techprofile.blob.core.windows.net/images/rQwmzX_7aESqjkbR4Td1OA.png?8D84AF)
How to assign static IPv6 address to RRAS VPN client
Hi, Community. How to assign static IPv6 address to MS Windows RRAS VPN client? There is a Windows Server 2019 instance with RRAS role configured. RAS/VPN server is configured well - clients can connect. IPv6 prefix for RRAS is fd8f:: Then I would…
User Authentication issue.
Hi Experts, I have recently deployed Fortigate Firewall 60e on my premises although all rules and web filter seems to be working fine we are having an issue with the user who authenticates with Microsoft Active Directory Domain controller below is our…
RasClient (Always On VPN) returning error code 5
One of our vpn clients (which was working successfully with Always On VPN) reported that vpn is connecting anymore. No one else is reporting the same issue. Event Viewer on client shows: CoId={3BE59FC6-9EED-0001-2712-E73BED9ED601}: The user…
![](https://techprofile.blob.core.windows.net/images/rQwmzX_7aESqjkbR4Td1OA.png?8D84AF)
Unable to generate reports from DirectAccess
Hi, I'm trying to generate a report from DirectAccess containing all the information in the Remote Access Reporting page of the Remote Access Mgmt Console but I can't seem to find a good way of doing this. I've used Get-RemoteAccessUserActivity and…
Can i assign 127.127.0.10 IP to an eth interace
HI, As I understand 127.0.0.1 is a loopback IP which is reserved to talk to localhost. However for one of my experiments, i want to assign 127.127.x.x IP to one of the eth interfaces in the system. When i tried to assign the IP thru powershell cmdlet…
![](https://techprofile.blob.core.windows.net/images/9babca87cafd4a779105c52780f41048.jpg)
Get group assignments for the user via the specified VSA
Hello, I want to get the group assignments for the logged in user via the specified VSA in the Radius Response. Can someone help me how to configure NPS policies to achieve this ?
![](https://techprofile.blob.core.windows.net/images/rQwmzX_7aESqjkbR4Td1OA.png?8D84AF)
Always On VPN Gateway server - client IP pools and default route
Hello all, we are in the process of creating the infrastructure for Always On VPN and I have a couple of questions but I'll just detail our setup first: 3 x Windows Server 2019 Network Policy (RADIUS) servers 3 x Windows Server 2019 RRAS VPN Gateway…
![](https://techprofile.blob.core.windows.net/images/Lk9Z6O_Zg0W6xBUdS3lUsg.png?8D8286)
NPS server renewed machine certificate, broke AlwaysOn VPN Clients. Client can no longer validate Server.
A while back, I set up Always-On VPN has been working amazingly, up until October 7th, when the NPS server renewed it's machine certificate. Because the Windows 10 VPN clients are set up to verify the server, the new id it is presenting is different, so…
AOVPN Client IP assignment through DHCP Server
Hi, We are trying to configure IP allocation to AOVPN client through DHCP Server, somehow its not working. There are 2 NIC in VPN servers. ( 1 internal NIC facing towards internal Network and 1 External facing towards internet) Enabled DHCP…
DNS across multiple forests
Hi, We've been experiencing odd DNS behaviour for years and it's time to fix it up :) Could you please advise what you would change in regards to primary & secondary DNS and DNS forwarders, as below? The current config is: Domain A (has…
AlwaysON VPN EventID 4652 - Negotiation Timed Out
I am having a number of users recieve Error 809 intermittently when using AOVPN User & Device tunnel. The problem is intermittent and seems resolve itself after some time. I cannot see an issue in my network trace other that it just does not…
![](https://techprofile.blob.core.windows.net/images/Lk9Z6O_Zg0W6xBUdS3lUsg.png?8D8286)
Windows Server 2016 - VPN clients can't talk to server on normal IP address
Hello everyone! I have Server 2016 setup to do VPN. I used to run it as SSTP but switched over to L2TP because of security issues with Macs. Anyway up until a few weeks ago, the server would give out addresses to VPN clients via DHCP and those clients…
![](https://techprofile.blob.core.windows.net/images/Lk9Z6O_Zg0W6xBUdS3lUsg.png?8D8286)
Remotely manage Windows domain joined machine connected to VPN
Hello, Can Windows domain joined machine connected to VPN be remotely managed (via RDP) by IT/Network administrators located at internal corporate network just like DirectAccess? Please answer specifically with reference article.