• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 285
  • Last Modified:

2008 R2 RRAS IPSec demand dial connection not connecting

I've been tasked with setting up a persistent IPSec VPN connection from a single Widnows Server 2008 R2 server directly connected to the internet to another network. I've been provided the remote IP, preshared key, user name, and password. I do not know what the remote endpoint is at this time.

Needing a persistent connection, my first thought was Routing and Remote Access. I added the Network Policy and Access Services role, selecting Remote Access Service role. I ran the RRAS configuration wizard, selecting "Secure connection between two private networks". I then added a new demand dial interface with the wizard set to L2TP and checked properties to change it to use preshared key and connection type to persistent connection. At this point, I tried to connect and get this message:

An error occurred during connection of the interface. A Demand Dial Router attempted to connect over a port that was reserved for Remote Access Clients only.

I looked this message up and found this article that says I need to setup a certificate:
http://jamescook.me/2010/09/rras-2008-and-l2tp-wan-miniport-issues/#comment-3104

This is where I am stuck. Can anyone provide some help on how to generate the certificate and where to configure in RRAS?

I installed CA service as a standalone root CA, but when I go to generate a certificate request in Certificates MMC, there are no certificate enrollment policies.
0
ByteCafeSupport
Asked:
ByteCafeSupport
1 Solution
 
ByteCafeSupportAuthor Commented:
I figured out the certificate request by going to All Tasks > Advanced Operations > Create Custom Request in the certificates MMC and was able to submit request and get certificate.
0
 
Seth SimmonsSr. Systems AdministratorCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now