VPN

24K

Solutions

23K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have an SBS 2011 which runs exchange/DNS/DHCP/VPN but I had to remove the DHCP from it and use the routers DHCP for reasons that I cannot explain. Everything works fine but I cannot find anything online that says that VPN will work with an external DHCP.

I've just had my first remote user complain that she cannot connect so I rerun the fix my network and setup the vpn again and she appears to be connected fine. Is there anything else I need to check/do on the server or the router to ensure proper operation of the VPN?
0
Price Your IT Services for Profit
Price Your IT Services for Profit

Managed service contracts are great - when they're making you money. Yes, you’re getting paid monthly, but is it actually profitable? Learn to calculate your hourly overhead burden so you can master your IT services pricing strategy.

MAC computer (macOS 10.14 Mojave) is able to successfully connect to corporate network via Anyconnect mobile vpn client. But when attempting to map a shared network drive to a windows server share it hangs and finally times out after 2 minutes or so and wont map the drive. Yet there are 6 other MAC's with macOS 10.14 Mojave that do not have this problem.

Tried pinging the windows server from the MAC after successfully connected to the VPN and it will continuously times out but there is a reply to ping every 15th ping request for about 2 pings and then go back to not responding to ping for another 15 pings.

When pinging MAC from the windows server it will ping successfully continuously!

I already plan on performing apple diagnostic on the MAC next but I am not too familiar with Macs and want to see if there are any other suggestions from the community!

Appreciate any other ideas....
1
Hi

Ive got my Azure Server setup so it can only be accessed from our office so they is no static IP address on the Azure server. We connect to the server in Azure Cloud via our Draytek Vigor 2925N Router which is setup with a VPN into Azure Cloud. We want all internet request from the Azure Server to come back down the VPN and out to the internet via our office connection. Currently they go out via Azure network. I have set the route back into my Draytek router on the Azure side so just need to know what needs setting on the Draytek Router to send the request out to the internet. Currently when I do a tracert to an internet address, it gets back to the draytek router then it gets dropped.

Anyone got this type of config setup already?

Thanks
SycamoreIT
0
Does anyone have any configuration example on how to configure Cisco Anyconnect with Yubikey Hardware Token?
0
Hello All,

I have a user that is having issue when connected to the server via VPN.  All works fine until the machine goes to sleep.  When she wakes the system and tries to access mapped drives she gets the message "An error occurred while reconnecting P: to \\xxx.xx.x.x\folder name.  Microsoft Windows Network: The local device name is already in use.  This connection has not been restored"  This only happens after it goes to sleep and when it wakes up she can reconnect to VPN since it disconnected when it went to sleep.  But if she goes to file explorer and types in the ip of the server in the address bar it can reconnect and see all of the shares.  Her mapped drives point to those shares.  I noticed that the power settings on the network card were turned on to allow Windows to turn off the card when necessary.  I changed that setting but she has not yet tested it.  I also set her system not to sleep when on power.  But I have never seen this happen before.  The system is fully patched with Windows 10 Pro.  Any thoughts?

Regards,

Rob
0
User has two locations where they work on their photo library using Adobe LightRoom on Mac.  They are 8 months at first location, then 4 months at the second for the summer.

Can I have a Synology NAS at each location to synchronize their work?

Internet connection in NYC is FIOS, which currently is 600+ mbps using Speedtest both Download and Upload
Internet connection in MA (Massachusetts) is Xfinity which measures 30 Download and 6 Upload

They have about 5 TB of photos on a RAID directly attached to their computer.
I can use software to sync the RAID files to and from the Synology


I will do the initial synchronization of  the Synology units in NYC, and have them bring one to MA

Once in MA
User adds 1 to 2 GB of photos every few days, which will be synchronized to the NAS

At the end of the 4 months, when the user returns to NYC, I would like their photo library and LightRoom catalogs to be a mirror of what they were working on in MA, and ready to use.



Is this a good method?
Any steps missing?


Thanks
0
my ipv6 ebgp neighbor adjacency has come down; this is the error on the customer edge side

 %BGP_SESSION-5-ADJCHANGE: neighbor 2010:20:20:1::2 IPv4 Unicast topology base removed from session  BGP Notification received
*Mar 15 10:46:02.315: %BGP-3-NOTIFICATION: received from neighbor 2010:20:20:1::2 active 2/8 (no supported AFI/SAFI) 3 bytes 000101 (timer expired)$moved from session  BGP Notification received



...and this is the error on the Provider Edge side

*Mar 14 14:24:07.151: %BGP-5-ADJCHANGE: neighbor 2010:20:20:1::1 vpn vrf drumco-ipv6 Up
PE-LA-R2-dj(config-if)#int s0/1/0
*Mar 14 14:24:18.407: %BGP-3-NOTIFICATION: sent to neighbor 2010:20:20:1::1 passive 2/8 (no supported AFI/SAFI) 3 bytes 000101
PE-LA-R2-dj(config-if)#do show bgp neighors


so, it comes up, finds an error and then drops connection

here is some output from the debug bgp ipv6
*Mar 14 14:32:05.207: BGP: topo global:IPv4 Unicast:base Scanning routing tables
*Mar 14 14:32:05.207: BGP: topo global:IPv6 Unicast:base Scanning routing tables
*Mar 14 14:32:05.207: BGP: topo global:VPNv4 Unicast:base Scanning routing tables
*Mar 14 14:32:05.207: BGP: topo drumco-ipv6:VPNv4 Unicast:base Scanning routing tables
*Mar 14 14:32:05.207: BGP: topo global:VPNv6 Unicast:base Scanning routing tables
*Mar 14 14:32:05.207: BGP: topo drumco-ipv6:VPNv6 Unicast:base Scanning routing tables
*Mar 14 14:32:05.207: BGP: topo global:IPv4 Multicast:base Scanning routing tables
 
although it doesn't …
0
Running into an odd issues, I have a user that connects thru our Meraki VPN and when she try's to RDP to a server is getting the error "the system cannot contact a domain controller to service  the authentication request" but the issues doesn't happen all the time. When the issue does happen this user is still able to ping the server so they are still connected to the network via the VPN. Originally they kept telling me they were locked out and after a few weeks of telling them the account is not locked I finally received a screen shot of the real error, when this is happening they are a loss unable to login to VMware.

I am at a bit of a loss on what to look for, the servers are older versions of Windows Server OS (2008R2) but they never have the issue when on site. Any thoughts or ideas would be greatly appriciated
0
We have a new Server 2016 Stnd server with the Essentials role installed.  Set up Anywhere Access with a GoDaddy certificate.  All is good with regards to accessing the RWW but we have an issue with the remote domain join via the connector and ongoing VPN connectivity.

Some machines it works perfectly, some connect OK (takes a few goes to get the VPN connected) but then have ongoing issues connecting to the VPN, some will not run the connector at all.

We get a variety of errors but the main ones are 809 and 743.  Nothing useful in the event logs of either client or server other than you can see the client trying to connect on both the client and the server.

I've double checked settings, ruled out AV, firewall and router.  I've taken the Essentials role off and re-added.  The PC's in question have all updates done and are all Windows 10 pro.  The main issues seem to be with the 1809 version machines.

I'm pretty sure its a client issue rather than server as some machines work absolutely fine but I've run out of ideas as to what to check or try to get this working in a stable manner.

Anyone have any ideas??
0
Currently we have a Cisco ASA 5512-x and we have split tunneling for VPN. Due to issues it's causing for many of our devs at home (they need to vpn into our network then route over to aws), we want to remove split tunneling.

  1. How do I go about removing split tunneling?
  2. Are there any got chas that I need to look out for? Will this potentially break routing anywhere else?

I don't have a deep understanding of networking, but I am comfortable getting into the Cisco ASA and making configuration changes.
0
5 Ways Acronis Skyrockets Your Data Protection
5 Ways Acronis Skyrockets Your Data Protection

Risks to data security are risks to business continuity. Businesses need to know what these risks look like – and where they can turn for help.
Check our newest E-Book and learn how you can differentiate your data protection business with advanced cloud solutions Acronis delivers

I am using FortiClient 6.04.0182 and I am finding the connection drops throughout the day.  I am usually not even aware until I try to save something...and I am told the drive cannot be found.  I then reconnect and sometimes I can continue the save and sometimes I have to save it as another name, etc.  Prob happens 2-3 times in 6 hours I am guessing.

I have read others have had success with the following 'command line Interface'
config system interface
 edit <name>
    set preserve-session-route enable
  next
end

Open in new window


But I dont understand where to apply that.  I do know it does not work in the command window!!  :)  

Can anyone help me with some step-by-steps? I would really be grateful.
0
Using pFsense at our main site and at a remote site. They both work on phase 1 and phase two over IPsec. Added a second IPsec phase 1 and phase 2 connection between a second remote site and only phase 1 tunnel connects, I cannot access any ips on the main site from my new remote site.

Is there an issue with trying to have two remote sites using the same remote IP subnet at the main site?
Main_Site_01_IPsec_Tunnels.png
Main_Site_01_IPsec_Status.png
Working_Remote_Site_01_IPsec_Tunnel.png
Working_Remote_Site_01_IPsec_Status.png
Failing_Remote_Site_02_IPsec_Tunnel.png
Failing_Remote_Site_02_IPsec_Status.png
0
Hey Guys,

My client have a SonicWALL TZ 300,  We have setup and configured SSL VPN to communicate to AD over LDAP.  I have enabled TLS over LDAP on the SonicWALL and it's using port 636.  Question, do I need to do something on the server 2012 end?  See pic attached.
0
What the heck, trying to set a VPN connection on a new MacBook Pro 7th gen. and VPN into a Linksys LRT224
On the Mac I go to network and create a VPN L2TP and use the following settings
Configuration: default
Server Address: (I use my ip address)
Account name: (I use the VPN account I set up on the Linksys)

Authentication Settings:
User Authentication: (I use the VPN account password I set up on the Linksys)
Machine Authentication:
Shared Secret: (Not sure about this so I just used the VPN account password)

Advance settings:
I tried "Send all traffic over VPN connection"

I get e message that the VPN server cannot be reached

I set this up on a Windows 10 and 7 PC and it works just fine
0
i have an azure vpn client ( point to site ) and i want it to auto-connect once i logged into windows.
0
Remote Access Connection Manager service not working.

Windows Server 2016 Essentials.

The remote access wizard comes back with zero errors and the Web side is working.  VPN is not working

When I try to start the service it comes back with terminated with the following service-specific error:
{TDI Event Pending} The TDI indication has entered the pending state.

Anybody got any ideas?

Thanks for help
0
hi Experts,

I have a SonicWALL Firewall 2600 and i need to configure MPLS and Internet so that my remote branch can access internet from HQ SITE on branch site. I use Cisco Router 1900 series, how can i achieve that configuration with SonicWALL firewall 2600.
0
I had this question after viewing. https://www.experts-exchange.com/questions/24304663/VPN-Connection-Problem-Authentication-protocol-is-not-permitted-on-the-remote-server.html

I did everything in the theard and still get the same message, in the server log also.  Windows Server 2016 Essentials.  Access anywhere checks out fine in configuration.

I can confirm that I've have checked the network policy to ensure that it supports MS-CHAPv2 authentication.
0
Hello Experts, I need to setup SQL 2016 mirroring and Exchange DAG 2016 Disaster Recovery servers for one of our clients and the plan is to setup remote servers over VPN

Before deploying the DR server I want to do some testing but I am having issues getting SQL Mirroring and Exchange DAG working over VPN.

I am using a Cisco 891F for both sites and I am able ping all servers with each other between both sites and when I do a port scan at both ends the following ports show as open 53, 88, 135, 139, ,389, 445, 464, 593, 636, 3268, 3269, 3389, 5985, 9389, 49666-49668 and 52124
Both sites have a fibre connection and I can access any shares between the servers and when I do a speed test on both sites I get an average of 40Mbps download and 20Mbps upload

The problems that I am having are...

I can setup SQL mirroring with or without a witness server over the VPN and setup finishes successfully and Mirroring Site / Witness connection is stable, however when one of the servers reboots the connection does not seem to recover unless I remove the mirroring and set it up again, and sometimes I have to try several attempts before it works but a slight disruption in the network stops it from working.

I was able to setup 2nd Exchange server over VPN after several attempts but unable to get the DAG working? the servers are able to ping each other and access shares but unable to see each other trough the DAG setup, the databases show status unknown and Bad Copy Count = 1, …
0
Busting 5 common myths about IT jobs.
Busting 5 common myths about IT jobs.

Ignore popular stereotypes about what it’s like to work in IT. It’s a tech-driven world, and tech-based jobs are among the most diverse, and rewarding as you can get. Think you’ll be holed up in a basement, staring at a computer while outsourcing threatens your job security?

I recently began doing contract work for a small company with offices at 2 locations.  Their server (Windows Server 2012 r2) is at one location and contains their QuickBooks Desktop Enterprise company files.  The remote location accesses the server data via VPN through their firewalls.  QuickBooks is extremely slow over VPN.  Their solution was to use Teamviewer and have each person connect to a computer at the local location to work on QuickBooks.  They have 4 remote QuickBooks users, so 4 computers are tied up.

They recently tried using a hosted environment and everyone would do a remote desktop session to it and work.  The local users didn't like that since it added steps to their process.  The remote users loved it.

Why can't I create a "hosted environment" on their server?  4 virtual desktops they could connect to simultaneously.  Does anyone have any other ideas, suggestions, and instructions on doing something like this?  They all have windows computers and are all on one workgroup.  They do not have PRO software.
0
I have a ubiquiti Edge Router PoE unit. I have a VPN tunnel setup from the remote office to the main office.

Remote Office : 192.168.29.0/24
Main office: 192.168.1.0/24

When I ping 192.168.1.1 it responds ok
When I ping 192.168.1.2 or .4 they also respond.
But if I try to ping a router on the main office LAN from the .29.0 network, the router does not respond.

The secondary router has a internal IP of 192.168.1.10

If I am on the Main network lan, 192.168.1.0, I can ping the 1.10 host just fine (router)
On the other end of the router, is a network range of 10.0.1.0/24

The host I need to talk to from the 192.168,29.0 network is 10.0.1.125.

If I RDP to our terminal server on the local 192.168.1.0 network, I can see the 10.0.1.125 host just fine and I can remote in.
If I try to RDP directly to 10.0.1.125, I get no response.

ping is not blocked over the VPN.
Again, ping works from the main office lan to the 1.10 appliance. it's only coming in over the VPN that won't respond.

Main office Router : Netgear FVS336G
Remote office Router: Ubiquiti EdgeRouter PoE

I have firmware 1.10.8
is the issue on the remote office end or the main office end do you think? Any tips for how I can be able to ping over the Tunnel and have the traffic actually go over the tunnel?

I don't see a force all traffic over the VPN option.
0
I"m trying to set up a vpn tunnel from an ASA 5500 to a Sonic Wall.  I'm getting the following error. Deny inbound icmp inside x.x.x.x dest inside:external (internal address) type 8, code 0)  Is this them or me?  I've checked, rechecked and checked again and I can't find a reason for this. The user on the other end can access my site without a problem.  I just can't access his side.
0
We have 4 locations, each with a Sonicwall.
3 of the locations are connected with an MPLS network, the 4th tiny office (Site D) is connected to our main site (Site A) via a site to site VPN.

Site's A (Main), B (Remote 1) and C (Remote 2) communicate over MPLS reliably as expected, Site A & D communicate perfectly over the site to site VPN, however, I have so far been unable to get Site D to communicate with sites B or C and, Sites B & C are unable to communicate with Site D.

I've been bashing my head against a wall on this for a couple of days now - Could someone with Sonicwall experience please help me figure this out.

Thank You very much in advance.
0
I create a VPN Server my company using Algo VPN

The VPN works for MacOS/iOS devices and Android devices, but when attempting to connect via Windows, it will say connected, but no internet.

What could be the issue?


https://github.com/trailofbits/algo
0
I have recently upgraded to a server 2016 machine from a server 2008 machine. The cutover is complete almost everything if good. Both servers are running as workgroup servers.

Two locations are involved. The server is at location a. The systems at location b access practice management software using RDP via a VPN
 
Terminal services is up and working with 12 remote users. (The full office).

The practice management software uses system variable letters for licensing. Should a remote user restart their PC or dump the terminal services session without closing the app the app does not know they did that and that letter is hung and cannot reconnect.

In server 2008, I could go into RDP session manager and close the session. I do not see that functionality in server 2016.

My questions are - Is there a way to do this in server 2026? and Is there something I can add on to get this working? Thank you
0

VPN

24K

Solutions

23K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.