Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Server 2012 Remote Access - RRAS

Posted on 2014-10-06
5
Medium Priority
?
324 Views
Last Modified: 2014-10-28
Hello,
I am setting up a new Server 2012R2 to runVPN via RAS.  I have not set one of these guys up since server 2003, so it's been a long time.  

Anyway, I'm 99% the way there.  But I am trying to achieve split-tunneling while not loosing access to all my other subnets (including remote office subnets) .  

SO, since I have both IPv4 and IPv6 setup for the RRAS server,  I have turned on IP forwarding, but turned off "Enable Default Route Advertisement" on the IPv6 interface.  On the IPv4 interface, I have defined my other subnets and the relevant gateways.  

When I connect via client, I still only get routes to my subnet that the server lives in.  Any attempt to ping/traceroute the other subnets go out my normal gateway (not on the VPN).

Again it's been a long time sine I've set this up, and Ipv6 wasn't part of it.  

Suggestions?
0
Comment
Question by:JamesonJendreas
  • 3
5 Comments
 
LVL 17

Expert Comment

by:pjam
ID: 40364701
I believe 2012 R2 is going to need IPv6.  Perhaps encapsulated into IPv4.
I have not set this up yet, other than in class.  But I believe that you need to set up NAP Enforcement, IPSEC enforcement, GPO, HRA Server, Certificates, Tunnel type (L2TP, SSTP, and PPTP)Enable Routing and Remote Access,
Windows Firewall with Advanced Security to allow connection.
You have probably done most of this and then again, something may be missing.  My 2012R2 is in shipment, so will be tackling it soon myself.
0
 
LVL 2

Expert Comment

by:GRGrayban
ID: 40364703
Have you set up Routes or are you using RIP?
0
 
LVL 1

Accepted Solution

by:
JamesonJendreas earned 0 total points
ID: 40364830
Yeah - I'll double back through that list, but that all seems correct.  Not too sure if I was just missing this step or not -  I ended up using classless routes (option 121)  on my DHCP server to build/push routes.  

Not positive, but in the past (2003 server) I think I may have just made either a VB or batch script that manually built the routes for me.
0
 
LVL 1

Author Comment

by:JamesonJendreas
ID: 40364839
All basic static routes - pretty straight forward.
0
 
LVL 1

Author Closing Comment

by:JamesonJendreas
ID: 40407956
Resolved issue by using classless routes via DHCP
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
In this article I will be showing you how to subnet the easiest way possible for IPv4 (Internet Protocol version 4). This article does not cover IPv6. Keep in mind that subnetting requires lots of practice and time.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question