Solved

Server 2012 Remote Access - RRAS

Posted on 2014-10-06
5
302 Views
Last Modified: 2014-10-28
Hello,
I am setting up a new Server 2012R2 to runVPN via RAS.  I have not set one of these guys up since server 2003, so it's been a long time.  

Anyway, I'm 99% the way there.  But I am trying to achieve split-tunneling while not loosing access to all my other subnets (including remote office subnets) .  

SO, since I have both IPv4 and IPv6 setup for the RRAS server,  I have turned on IP forwarding, but turned off "Enable Default Route Advertisement" on the IPv6 interface.  On the IPv4 interface, I have defined my other subnets and the relevant gateways.  

When I connect via client, I still only get routes to my subnet that the server lives in.  Any attempt to ping/traceroute the other subnets go out my normal gateway (not on the VPN).

Again it's been a long time sine I've set this up, and Ipv6 wasn't part of it.  

Suggestions?
0
Comment
Question by:JamesonJendreas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 17

Expert Comment

by:pjam
ID: 40364701
I believe 2012 R2 is going to need IPv6.  Perhaps encapsulated into IPv4.
I have not set this up yet, other than in class.  But I believe that you need to set up NAP Enforcement, IPSEC enforcement, GPO, HRA Server, Certificates, Tunnel type (L2TP, SSTP, and PPTP)Enable Routing and Remote Access,
Windows Firewall with Advanced Security to allow connection.
You have probably done most of this and then again, something may be missing.  My 2012R2 is in shipment, so will be tackling it soon myself.
0
 
LVL 2

Expert Comment

by:GRGrayban
ID: 40364703
Have you set up Routes or are you using RIP?
0
 
LVL 1

Accepted Solution

by:
JamesonJendreas earned 0 total points
ID: 40364830
Yeah - I'll double back through that list, but that all seems correct.  Not too sure if I was just missing this step or not -  I ended up using classless routes (option 121)  on my DHCP server to build/push routes.  

Not positive, but in the past (2003 server) I think I may have just made either a VB or batch script that manually built the routes for me.
0
 
LVL 1

Author Comment

by:JamesonJendreas
ID: 40364839
All basic static routes - pretty straight forward.
0
 
LVL 1

Author Closing Comment

by:JamesonJendreas
ID: 40407956
Resolved issue by using classless routes via DHCP
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question