JamesonJendreas
asked on
Server 2012 Remote Access - RRAS
Hello,
I am setting up a new Server 2012R2 to runVPN via RAS. I have not set one of these guys up since server 2003, so it's been a long time.
Anyway, I'm 99% the way there. But I am trying to achieve split-tunneling while not loosing access to all my other subnets (including remote office subnets) .
SO, since I have both IPv4 and IPv6 setup for the RRAS server, I have turned on IP forwarding, but turned off "Enable Default Route Advertisement" on the IPv6 interface. On the IPv4 interface, I have defined my other subnets and the relevant gateways.
When I connect via client, I still only get routes to my subnet that the server lives in. Any attempt to ping/traceroute the other subnets go out my normal gateway (not on the VPN).
Again it's been a long time sine I've set this up, and Ipv6 wasn't part of it.
Suggestions?
I am setting up a new Server 2012R2 to runVPN via RAS. I have not set one of these guys up since server 2003, so it's been a long time.
Anyway, I'm 99% the way there. But I am trying to achieve split-tunneling while not loosing access to all my other subnets (including remote office subnets) .
SO, since I have both IPv4 and IPv6 setup for the RRAS server, I have turned on IP forwarding, but turned off "Enable Default Route Advertisement" on the IPv6 interface. On the IPv4 interface, I have defined my other subnets and the relevant gateways.
When I connect via client, I still only get routes to my subnet that the server lives in. Any attempt to ping/traceroute the other subnets go out my normal gateway (not on the VPN).
Again it's been a long time sine I've set this up, and Ipv6 wasn't part of it.
Suggestions?
Have you set up Routes or are you using RIP?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
All basic static routes - pretty straight forward.
ASKER
Resolved issue by using classless routes via DHCP
I have not set this up yet, other than in class. But I believe that you need to set up NAP Enforcement, IPSEC enforcement, GPO, HRA Server, Certificates, Tunnel type (L2TP, SSTP, and PPTP)Enable Routing and Remote Access,
Windows Firewall with Advanced Security to allow connection.
You have probably done most of this and then again, something may be missing. My 2012R2 is in shipment, so will be tackling it soon myself.