Solved

SBS 2011 VPN connection

Posted on 2011-09-15
15
1,715 Views
Last Modified: 2013-12-02
I have a newly installed SBS 2011 standard server, patched up, working fine. I have run the VPN config wizard and when my end users connect to the VPN, it does not give them an IP address. I have re-run the VPN wizard successfully, ran the FMNW, and checked that port 1723 is pointed to my server on my router. Router and Cable modem are the same as before, only changed from SBS 2003 to SBS 2011. All users were working ok with VPN untill the new server. Any help would really be appreciated.
0
Comment
Question by:terrontech
15 Comments
 
LVL 6

Expert Comment

by:jaredr80
ID: 36544847
Have you made sure in the SBS console under the User properties that under the 'Remote Access' tab if the user has 'User can access vpn' checked off?
0
 

Author Comment

by:terrontech
ID: 36546153
Yes, it's there. Connecting isn't the problem. Getting an IP address is. Thanks.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 36546157
SBS needs to be the DHCP server
You need to run the SBS wizard and not the RRAS wizard
Makes sure the router forwards 1723 to the IP of the new server and not the old
As jaredr80 stated you need to grant access under the user name in the SBS console, or add them to the VPN user group.

Can they connect from the LAN, using the LAN IP of the wizard, just as a test.
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 

Author Comment

by:terrontech
ID: 36546181
That's the Wizard I've run. Inside the SBS console under network, connectivity. I configured VPN from there it ran successfully. I also made sure under the user's properties that "user can access virtual private network" was enabled. I even vpn'd in as the network admin account and the behavior is the same. It let's me connect, but does not assign an IP address. Please help. Thanks again.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 36546210
As a test to see if it is a routing or VPN configuration issue try connecting from the same LAN as the server but use the server's LAN IP, not the public IP.
0
 

Author Comment

by:terrontech
ID: 36546227
Same behavior. I think it's DHCP related. I ran the fix my network wizard earlier and it found no issues. Here is the output of ipconfig/all for the PPP adapter: I replaced the company name w/ companyname.

PPP adapter Companyname VPN:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Companyname VPN
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 169.254.106.192(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . : 0.0.0.0
   DNS Servers . . . . . . . . . . . : 192.168.1.10
   NetBIOS over Tcpip. . . . . . . . : Enabled
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 36546300
If you open the DHCP server are there any leases available, and there should be a green dot on the server name. If there are any red or yeelow marks it may be related to the DHCP service itself.
0
 

Author Comment

by:terrontech
ID: 36546313
Green dots on both IPV4 and IPV6. Very strange.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 36546367
and there are leases available? i.e. the scope is large enough?
0
 

Author Comment

by:terrontech
ID: 36546376
Yes, plenty. I have less than 20 users
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 36546402
But the scope may have been reconfigured to 20 or less. Presumably not.

In the RRAS console if you right click on the server name and choose properties, under the IPv4 tab are enable IPv4 routing and Dynamic Host Protocol checked?
0
 

Author Comment

by:terrontech
ID: 36547197
Hi Robwill. I resolved the issue like this. I manually disabled RRAS in the RRAS console and re-ran the VPN wizard in the SBS wizard. Thank you for your help and quick response.
0
 

Author Closing Comment

by:terrontech
ID: 36547199
Thank you.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 36547207
Glad to hear you were able to resolve.
Thanks terrontech.
Cheers!
--Rob
0
 

Expert Comment

by:MissyTuttle
ID: 38407589
Great solutions guys.  Worked like a charm.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Upgrading from SBS2003 to Windows Server 2012r2 Essentials 13 58
DNS Server 7 59
Using MS Hello on a Domain Joined Surface Book 4 16
domian network access 5 21
The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question