Solved

Hyper-V 2012 and VPN on 2012 R2 breaking virtual switch

Posted on 2016-11-14
9
56 Views
Last Modified: 2016-11-15
Good Afternoon,

I have a client that uses VPN on a 2012 R2 server which is a VM running on a Hyper-V 2012 R2 server.  For some reason it will randomly stop working and basically time out while connecting to VPN and the only fix is to completely remove the External Virtual Switch and then Create a new one from scratch which basically means I need to be onsite to do it since it disconnects my remote session when I remove the virtual switch.

The bigger problem is that we now have a client that wants VPN setup with the same 2012 R2 Hyper-V and 2012 R2 server setup but they aren't local, so I need a fix for this before I set them up with VPN since I won't be able to get onsite.

If any of you have advice on the matter that would be great!

Thanks,
Adam
0
Comment
Question by:blue92lx
  • 5
  • 4
9 Comments
 
LVL 38

Expert Comment

by:Philip Elder
ID: 41886600
Where is RRAS installed?
0
 

Author Comment

by:blue92lx
ID: 41886792
It's on a Server that is being used for files, PC Law, and Printers and is a Virtual Machine.  No roles have been installed on the server, however, except RRAS
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 41886804
So RRAS is installed in a VM.

Does the host have Broadcom physical NIC ports? If yes, has VMQ been disabled in the driver for all ports? If not, do so and that should help with the network issues.
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 

Author Comment

by:blue92lx
ID: 41886815
It has HP Ethernet 1Gb 2-port 332i Adapter installed on the host server.  In the physical LAN drivers VMQ is turned off, on the Hyper-V team the VMQ is turned on.  I'm guessing the Hyper-V Team "NIC" it should be turned off as well correct?  Or does it only matter on the physical hardware drivers.
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 41886853
VMQ needs to be turned off in the adapter's properties (driver). The 332i is a Broadcom chip. The OS settings do not need to be touched.
0
 

Author Comment

by:blue92lx
ID: 41886862
OK then yeah it's turned off for both 332i units in the driver properties.
0
 
LVL 38

Accepted Solution

by:
Philip Elder earned 500 total points
ID: 41886874
Most edge devices have a one or two user freebie license for SSL VPN included. Maybe that would be a better way?
0
 

Author Comment

by:blue92lx
ID: 41887113
Yeah we use Ubiquiti routers so I'll give that a shot.  It's still a bit concerning that this doesn't work through the server due to the NiC's in some way, or due to Hyper-V.  Whichever is the issue.   I feel like using the router as the solution for VPN is not actually fixing the real issue.  It bugs me but I suppose if that works then it works.
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 41887138
We've not used RRAS for VPN connections for at least ten years. PPTP and L2TP are a pain to use at the best of times and have huge overhead.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If your vDisk VHD file gets deleted from the image store accidentally or on purpose, you won't be able to remove the vDisk from the PVS console. There is a known workaround that is solid.
This is an issue that we can get adding / removing permissions in the vCSA 6.0. We can also have issues searching for users / groups in the AD (using your identify sources). This is how one of the ways to handle this issues and fix it.
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question