Solved

Problem configure VPN server on Server 2012 R2

Posted on 2013-11-20
5
4,403 Views
Last Modified: 2013-12-01
I have a fresh installation with Server 2012 R2. It's configured with AD, DNS etc.
I have added the Remote Access role because I want to connect to it over PPTP VPN (didn't activate direct connect as I dont want that).

It's no problem to add the role, but when I'm doing the last step it's hanging as the picture show.

I have reinstalled the role several times and made restarts after each reinstall.

I have to force it to close. After that I actually can see the "RAS tree", but if I configure anything like what Ip addresses the clients should get, I can't click apply or OK. Nothing happens.

In log I found this info:

18: The Secure Socket Tunneling Protocol service either could not read the SHA256 certificate hash from the registry or the data is invalid. To be valid, the SHA256 certificate hash must be of type REG_BINARY and 32 bytes in length. SSTP might not be able to retrieve the value from the registry due to some other system failure. The detailed error message is provided below. SSTP connections will not be accepted on this server. Correct the problem and try again.

The system cannot find the file specified.

20063: Remote Access Connection Manager failed to start because the Protocol engine [IKEv2] failed to initialize. The call timed out while waiting to acquire the transaction lock.

20192: A certificate could not be found. Connections that use the L2TP protocol over IPsec  require the installation of a machine certificate, also known as a computer  certificate. No L2TP calls will be accepted.

20171: Failed to apply IP Security on port VPN0-9 because of error: A certificate could not be found.  Connections that use the L2TP protocol over IPSec require the installation of a machine certificate, also known as a computer certificate..  No calls will be accepted to this port.
screenshot.png
0
Comment
Question by:henriklundin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
5 Comments
 

Author Comment

by:henriklundin
ID: 39665580
hoho!
0
 
LVL 11

Expert Comment

by:hecgomrec
ID: 39666138
I hope this is not your only Server you have in your organization because you need to remove all services related with Remote Access Role and reboot your Server.

Check if all your updates are in place and restart the role installation again once you have a valid certificate for the server.

During the installation check your events and Services for any error or warnings there might be a service (Windows Internal Database)that needs to change credentials or you should give more rights to user MSSQL$MICROSOFT###WID as you might have a GPO preventing this user from starting services as a security measure.

I had this issue and as soon I as solved the GPO issue I was able to finish the installation of my RAS.
0
 

Author Comment

by:henriklundin
ID: 39666155
Thanksa lot for update. I removed all roles related to Remote Access Role and rebooted...done that several times without luck. Also updated Everything.

MSSQL$MICROSOFT###WID, isn't that only related to SQL databases? Does it really have something to do with this?
0
 

Accepted Solution

by:
henriklundin earned 0 total points
ID: 39678057
Solved the problem by configuring VPN directly in the hardware firewall
0
 

Author Closing Comment

by:henriklundin
ID: 39687893
Cause I din't get any solution from any member and that I found Another solution
0

Featured Post

Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question