asked on
Need help properly configuring RRAS on Server 2012R2. It won't route!
Hello Experts!
Thank you for your kind assistance.
I am trying to deploy a Windows 2012R2 server with RRAS VPN and am having a bit of trouble and cannot figure out what is wrong. I searched the threads and I see others that had similar issues, but the solutions did not work for me.
(https://www.experts-exchange.com/questions/28480617/LAN-Routing-over-RRAS-VPN.html)
(https://www.experts-exchange.com/questions/26798399/RRAS-VPN-Routing-Problem.html)
The server is running and everything installed fine. The VPN client can connect, but it will not route anywhere in the same LAN as the Windows RRAS server. Through VPN, I can ping and RDP to the RRAS server via its private IP, but I cannot access any other servers in the same destination network.
My server installation has two NIC’s in two subnets and is running RRAS/VPN and DNS. I also tried with just one NIC and one subnet, another time using two NIC’s and one subnet, and now two NIC’s and two subnets. All unsuccessful.
Here is what I have so far…
Server Public IP: 10.1.0.100/24
Server Private IP: 10.1.1.100/24
Public Subnet: 10.1.0.0/24
Private Subnet: 10.1.1.0/24
Main Network: 10.1.0.0/16
DNS IP: 10.1.1.100/24 (DNS also listening on 10.1.0.100/24)
RRAS Server External IP: 10.1.0.100/24
RRAS Server Internal IP: 10.1.1.100/24
IPv4 address assignment using RRAS static pool: 10.1.1.101 – 10.1.1.120
IPv4 forwarding is enabled
Lan and Demand Dial routing is enabled
I can connect fine via VPN and I get an IP address, but I am unable to reach anything in the 10.1.1.x or 10.1.0.x network except the RRAS/VPN host itself.
Here are the results from the ipconfig on the client VPN adapter
PPP adapter vpn:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : vpn
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.1.1.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.1.0.100
NetBIOS over Tcpip. . . . . . . . : Enabled
Here is the result from a tracert to the Public and Private NIC’s on the RRAS server itself:
>tracert 10.1.1.100
Tracing route to VPN [10.1.1.100] over a maximum of 30 hops:
1 86 ms 88 ms 84 ms VPN [10.1.1.101]
2 87 ms 90 ms 91 ms VPN [10.1.1.100]
>tracert 10.1.0.100
Tracing route to VPN [10.1.0.100] over a maximum of 30 hops:
1 101 ms * 89 ms VPN [10.1.1.101]
2 98 ms 97 ms 86 ms VPN [10.1.0.100]
I found it curious that my first hop was to the IP 10.1.1.101. Is this normal, or should it be configured somewhere?
Here is the result from a tracert to an IP in the subnet
>tracert 10.1.0.10
Tracing route to 10.1.0.10 over a maximum of 30 hops
1 92 ms * 90 ms VPN [10.1.1.101]
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
Can someone please advise what I am missing, or what I should check? Thank you!!!
Thank you for your kind assistance.
I am trying to deploy a Windows 2012R2 server with RRAS VPN and am having a bit of trouble and cannot figure out what is wrong. I searched the threads and I see others that had similar issues, but the solutions did not work for me.
(https://www.experts-exchange.com/questions/28480617/LAN-Routing-over-RRAS-VPN.html)
(https://www.experts-exchange.com/questions/26798399/RRAS-VPN-Routing-Problem.html)
The server is running and everything installed fine. The VPN client can connect, but it will not route anywhere in the same LAN as the Windows RRAS server. Through VPN, I can ping and RDP to the RRAS server via its private IP, but I cannot access any other servers in the same destination network.
My server installation has two NIC’s in two subnets and is running RRAS/VPN and DNS. I also tried with just one NIC and one subnet, another time using two NIC’s and one subnet, and now two NIC’s and two subnets. All unsuccessful.
Here is what I have so far…
Server Public IP: 10.1.0.100/24
Server Private IP: 10.1.1.100/24
Public Subnet: 10.1.0.0/24
Private Subnet: 10.1.1.0/24
Main Network: 10.1.0.0/16
DNS IP: 10.1.1.100/24 (DNS also listening on 10.1.0.100/24)
RRAS Server External IP: 10.1.0.100/24
RRAS Server Internal IP: 10.1.1.100/24
IPv4 address assignment using RRAS static pool: 10.1.1.101 – 10.1.1.120
IPv4 forwarding is enabled
Lan and Demand Dial routing is enabled
I can connect fine via VPN and I get an IP address, but I am unable to reach anything in the 10.1.1.x or 10.1.0.x network except the RRAS/VPN host itself.
Here are the results from the ipconfig on the client VPN adapter
PPP adapter vpn:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : vpn
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.1.1.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.1.0.100
NetBIOS over Tcpip. . . . . . . . : Enabled
Here is the result from a tracert to the Public and Private NIC’s on the RRAS server itself:
>tracert 10.1.1.100
Tracing route to VPN [10.1.1.100] over a maximum of 30 hops:
1 86 ms 88 ms 84 ms VPN [10.1.1.101]
2 87 ms 90 ms 91 ms VPN [10.1.1.100]
>tracert 10.1.0.100
Tracing route to VPN [10.1.0.100] over a maximum of 30 hops:
1 101 ms * 89 ms VPN [10.1.1.101]
2 98 ms 97 ms 86 ms VPN [10.1.0.100]
I found it curious that my first hop was to the IP 10.1.1.101. Is this normal, or should it be configured somewhere?
Here is the result from a tracert to an IP in the subnet
>tracert 10.1.0.10
Tracing route to 10.1.0.10 over a maximum of 30 hops
1 92 ms * 90 ms VPN [10.1.1.101]
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
Can someone please advise what I am missing, or what I should check? Thank you!!!
VPNWindows Server 2012Windows NetworkingNetworkingTCP/IP
Last Comment
JOE-BULLITT