Solved

VPN Server (Windows Server 2008 R2)  using  “Network Policy and Access Services”

Posted on 2015-01-15
3
77 Views
Last Modified: 2015-01-29
I'm attempting to set up a VPN server on a virtual machine.

I followed the steps here:
http://www.thomasmaurer.ch/2010/10/how-to-install-vpn-on-windows-server-2008-r2/

Right now this is only with ONE NIC on the VM, where I have a static pool of private IPs.  Basically I followed this guide:
http://www.thomasmaurer.ch/2010/10/how-to-install-vpn-on-windows-server-2008-r2/


I am able to connect to the VPN, and I can ping 10.10.10.1 for example.

The issue is that I cannot connect out to the Internet through the VPN.


I'm assuming I probably need add a 2nd NIC but I'm not sure how to modify the configuration exactly.


The end result is when I'm on the VPN from say, my iPad or laptop... I want my public IP (ie - whatismyip.com) to show up as the IP of the VM.


I do have the capability to add another NIC and even to add another public IP to the VM if needed.


Just need some guidance in the rest of the setup, based on what I did so far (article above).


Thank you
0
Comment
Question by:Vas
  • 2
3 Comments
 
LVL 1

Author Comment

by:Vas
ID: 40552523
UPDATE:

I am able to get this working if I add a two public IPs to the NIC, and then set the range of static IPs to the range of the two public IPs.

The 2nd IP is assigned to my iPad when testing.


So I guess my question is... is there anyway to do this with the VM having only one Public IP,  or is it necessary to have multiple public IPs to make this work?
0
 
LVL 2

Accepted Solution

by:
lasfra earned 500 total points
ID: 40553020
The normal idea with a VPN server is that you should be able to reach your internal network from internet.
So what do you mean with:

“I am able to connect to the VPN, and I can ping 10.10.10.1 for example
The issue is that I cannot connect out to the Internet through the VPN.”

The VPN server should have 2 NICs, one NIC facing the outside and on NIC facing your internal network. This is true both for VMs and for physical hosts.
If you install a VM as a VPN server the VM should have 2 NICs. If your physical server has a NIC facing internet, each machine using this NIC has to have a unique IP address. So the VM and the physical server can not share the same IP address, but the can share the NIC.
0
 
LVL 1

Author Comment

by:Vas
ID: 40562675
I was able to make it work with one NIC,  what I had to do was set the scope of the IPs to assign by the VPN service to additional public IPs.   I can connect to the VPN now and my public IP is shown as the public IP assigned by the VPN server.

What I haven't been able to do is set up an additional VPN user.  For testing right now, the current VPN user is the Administrator account, with granted "dial-up" privileges.

I created a second user, and even added it to the administrators group, gave it the same "dial-up" privilege (so right now there's really nothing different about this 2nd user in how it's configured as the administrator user)

The Administrator user can connect, but the new user can't.  No error, nothing in any logs, it just disconnects right away when trying to connect.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SYSVOL corrupted 12 80
SBS2008 and windows updates 2 21
Clone Hype V Machine with ISCSI SAn storge 3 34
How to do SFTP in Windows to another server. 3 13
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question