VPN

23K

Solutions

23K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Share tech news, updates, or what's on your mind.

Sign up to Post

We are looking to setup Server 2016 Remote access VPN. I see that the Always on VPN only supports Windows 10 clients. Im assuming that is just for as it states, the always on feature. If i set up the Windows VPN server with the always on configuration, can i still use Windows 8.1 machines with this VPN setup? And just connect the Win 8 machines manually?
0
How do you know if your security is working?
LVL 1
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

I have a remote Draytek 2860 router and I would like to configure a reasonably secure vpn connection from my Windows 10 Home PC when I wander round the country.
I've configured a PPTP connection and that works fine. I also tried a PPTP Tunnelling connection and that too works OK. I'm not sure either are particularly secure though.
Keeping it relatively simple, what should I configure given the tools I have are a Draytek 2860 and built in Windows 10 VPN client?
0
Is there anything I can do to increase our VPN speed?  We use the built in VPN Microsoft has in Win7Po and SBS 2008. The SBS 2008 is at a data center with 100/100 speed and the Win7Pro machines have 100/10 connection speed.  However the VPN speed tests at 18/5 speed.  If I disconnect from VPN and speed test again, the speed is 65/9 roughly.  When I VPN connect again, speed tests at 18/5 again. So, why is VPN so slow and how can I increase the speed?

Another point is this: not long ago the Win7Pro machines where on a connection speed of 50/5 and when we VPN"d to the SBS 2008 that is on the 100/100 speed network, the speed was still roughly 18/5.

So, seems like the internet connection speed is not causing the limitation.  What should I look at?
0
Ok got an interesting problem going on with one Windows 7 workstations and Remote Desktop.  I am able to RDP into the pc from any pc on the network using any domain account just fine.  However, if I try to connect via the SonicWall VPN I get a username / password is incorrect error.  RDP connects but will not let me log in with any domain user account, the only account that works is the local admin account.

Their old server died and we are now running a new 2016 STD server and new user profiles.  After some googling I did find several people mention that when you change user names the user folder under C:\User does not change and RDP has issues with that and the solution was to use the old user name when remoting in.  This does not work, nor does using domain\username, or username@domain.

I have disabled our Symantec AV / Firewall software and still same issue.

I am able to remote into the domain controller via VPN just fine and then RDP into the user pc.  I am currently at a loss for what is causing this issue since no domain accounts work when trying to connect directly via the VPN
0
I have 3 building that are using DHCP on my sonic wall.  I wanted to setup a dedicated DHCP server in the network 192.168.0.5.  I have gotten it to work great for the 192.168.0.X range.
I have a connection going to another building that is using IP address's of 192.168.30.X.  When I use the DHCP on the Sonic wall it works (I did not setup the sonic wall)  I setup a new scope on my DHCP server for 192.168.0 and 192.168.30, I disabled the DHCP on the SONICWALL and thought it would be able find the DHCP server in the subnet of 192.168.30, but none of those devices are seeing it.  That mean I missed a setting on the Sonic wall that routes DHCP to thew subnet for 192.168.0.  If possible can I get some assistance in this configuration?
0
Has anyone got the CIsco Packet tracer, ver 7.1.1,  to work setting up a Ikev1 VPN tunnel site-to-site using 2 Cisco ASA 5505 with the default IOS of 8.4(2) . If so, I sure would like to see a sample config.
The debug command is not built into the ASA for 7.1.1, which makes things tougher to correct the issue.
The 2 firewalls are pingable to each other on the outside, but no SA's even when I try to ping inside either host

Here is my sample with the other ASA being mirrored other than IP's and reversed access lists.
PA-ASA#show run
: Saved
:
ASA Version 8.4(2)
!
hostname PA-ASA
names
!
interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 10.0.0.1 255.255.255.0
!
interface Vlan2
 nameif outside
 security-level 0
 ip address 96.93.17.170 255.255.255.240
!
object network MD_Network
 subnet 10.0.2.0 255.255.255.0
object network PA_Network
 subnet 10.0.0.0 255.255.255.0
!
route outside 0.0.0.0 0.0.0.0 96.93.17.169 1
!
access-list MD_Traffic extended permit tcp object PA_Network object MD_Network
access-list MD_Traffic extended permit icmp object PA_Network object MD_Network
access-list Enterprise_Traffic extended permit tcp object MD_Network object PA_Network
access-list Enterprise_Traffic extended permit …
0
Hello,

 

 

I have a Cisco ASA 5510 Version 9.1(7)9 with multiple tunnels, (2) of which have duplicate hosts. These 2 tunnels are completely separate no communication between the two. The Chicago tunnel was just added and appears to be having issues with 105.180.90.16 passing traffic.

 

Can I have duplicate hosts like this  ? dev1 and Chicago-local share a local IP too 192.168.68.58

 

nat (INSIDE,OUTSIDE) source static dev1 dev1-Global destination static kansas kansas

 

object-group network kansas
network-object 105.180.90.16 255.255.255.255

 

object-group network Chicago-remote
network-object 105.180.90.16 255.255.255.255


nat (INSIDE,OUTSIDE) source static Chicago-local Chicago-local destination static Chicago-remote Chicago-remote no-proxy-arp route-lookup
0
Our users keep leaving the VPN connections on their laptops active. This means when they arrive at work and connect to the network DHCP completely breaks and goes into a death-spiral of assigning bad addresses.

Any ideas on how I could prevent this from happening in the future? (We are using Sonicwall's GlobalVPN client).
0
I have two locations. Both locations currently have DSL connection from the ISP to a Zyxel VMG4325-B10A.  My project is to allow VPN connection between the two locations.  I have ZyXel USG20W-VPN for both locations.  
Question 1: The ZyXel VMG4325-B10a on allows connections for RJ11 connection.  Thus, to make the configuration work the ZyXwl VMG4325-B10A will need to be configured in Bridge Mode.  I need some direction on the steps to configure the VMG4325-B10A in Bridge Mode (right now, I cannot ping the ZyXel USG20W when it is connected inside the network, I am thinking ICMP is not activated)
Question 2: Does anyone know how I can accomplish this task without shutting down the network?  
Question 3: Has anyone had experience setting up the ZyXel USG20W-VPN with Microsoft Active Directory?
I totally understand the best situation would be to have the ISP drop off a fiber connection with an SFP or RJ45 interface.  However, working with our ISP is a difficult task.
If anyone can send me links or help in this situation I would appreciate it.
FireCon--1-.pdf
0
Hi,

I have five locations that have Sonicwalls and all five locations are connected by VPN.  The contract is up with the five Sonicwalls and the contract is up for renewal.  The owner wants to consider installing a different VPN firewall at each location.  He's has not been very happy with the Sonicwalls and doesn't want to renew the contracts for the Sonicwalls.  I've used Sonicwallls in the past and don't have any problem with them but the boss wants a change.  Each location has 4-5 Windows 7 or Windows 10 computers.  The owner wants to know if the Ubiquiti Edgerouter would be a secure solution using site-to-site VPN.  I've used the Edgerouter before but never in a situation like this so I don't know if it would be a good solution.  I was thinking about looking at a Fortinet VPN router to replace the Sonicwalls but I want to see what your suggestions are.  Why or why not would you recommend going with a Edgerouter for a site-to-site VPN between 5 locations?  Would Fortinet or Ubiquiti be a better (better value--same level of security) solution as a Sonicwall replacement?  Is there a better (better value) solution?  Thanks in advance for your help!
0
On-Demand: Securing Your Wi-Fi for Summer Travel
LVL 1
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

I have a Desktop Windows 10b64 it machine that I configured to be a PPTP VPN server. I also have a Laptop Windows 10 64bit machine that I configured to be a VPN client. The machines connected via VPN and functioned well. I installed Norton Security on both machines. I could no longer connect the machines via VPN. I uninstalled Norton Security from the VPN Server machine.  Still could not connect the machines via VPN. My Questions: First, How do I configure Norton Security on the VPN client machine so I can connect to the VPN Serer machine. Second, assuming I re-install Norton Security on the VPN Server machine, how do I configure Norton Security on the VPN Server machine to allow VPN client machines to connect?

Follow-up Information: I uninstalled Norton Security from both machines. I reconfigured both machines for VPN. One as a VPN server, one as a VPN client. They connected via VPN and functioned correctly. I reinstalled Norton Security on the VPN Client machine. The machines connected via VPN and functioned correctly. ( I did NO settings work on the reinstall of Norton Security.) I reinstalled Norton Security on the VPN Server machine (again with NO settings changes on the reinstall). The machines still connect via VPN and function correctly.. I have NO idea what I "fixed" along the way but I'm happy (at the moment) with the result!
0
Goal:
Connect to shared drive's and browse through server shares over SSL VPN
----------------------------------------
Setup:
Sophos XG 125 UTM Firewall
Windows Server 2008 R2
-----------------------------------------
Issue:
We have configured our Sophos XG 125 UTM Firewall for SSL VPN.  This will allow our clients to connect into their workplace so they can safely either RDP into their computer OR use the server shared drives.
I've configured this for many of our other clients and have had no issues.  Have also contacted and worked with Sophos Support to confirm it's not a Sophos config issue or VPN issue.  

Our SSL VPN connection is successfully established.  I am able to ping all server IP's as well as their FQDN and get a response.  I am also able to RDP to the required computers.  
I simply cannot browse to the server thrgouh UNC.

I've compared this to our other client's setup's that have the same SSL VPN setup and we have no trouble browsing UNC.  

I also performed a TCP Dump on the Firewall at the time I try to UNC and it shows the requests going to the server but the server does not respond to the request.

I feel that I've ruled out the SSL VPN and Sophos Setup, DNS, Network Discovery, NTFS and File Sharing Permissions.  Any idea's?
0
I have setup a site to site Fortigate to Cisco VPN using the wizard.  I have 3 local subnets included in the P2.  Two of those subnets overlap with subnets on the Cisco end.  We have agreed on available subnets that can be used for VIP.  I have setup each subnet as a separate P2.  If I use the actual subnets in the P2s, only the nonconflicting subnet comes up.  If I replace the subnets with the VIP subnets, then all 3 subnets come up.  
After the VPN is brought up, I attempt to ping the Cisco end.  The ping fails.  No traffic is passing through the VPN.  I'm thinking the problem is with the policies on the VPN.  Perhaps the VIPs need to be included in the addresses.
I have searched the internet and the Fortinet site and have failed to find documentation that addresses this type of configuration.  The site to site Fortinet with overlapping subnets documents do not work.  Can you provide some guidance on how to troubleshoot this problem?
0
I am running Server 2008 R2 and I am using the Active Directory Home Holder to set each user a Private Folder that only they can access, it also contains their Documents, Music and Pictures which all sync okay, but one user on a Windows 10 laptop is unable to Access the Private Folder within the Home Folder when she logs on through VPN, this is just a standard folder with permissions for only that user, It all works in the office but not remote on VPN, she can see the folder but it wont open

If I copy the folder to my Home Folder I can access it without issue via vpn, when the user clicks on the folder they get an error "Location is not available - This file is currently not available for use on this computer"

Also manually mapped drives do not appear on VPN but work okay in the office

I have enabled slow connection via GPO as I thought this was a slow connection problem and it was using offline mode but this hasn't worked either

The VPN is also setup on GPO and works for other users and myself

The user vpn logon is set to use Windows logon, so automatically connects them when the select vpn access, shared drives are accessible, one other user reported that when they open the shared drive the folders are empty?

I am based remote from the office so physically seeing the laptop in question is not easy

How can I trace the problem, it seems that it is something to do with slow connection, but I am at a loss to how to solve it
0
Hi,

I`m using a windows 10 pro computer with an internal vpn IPSEC/L2TP connection. When I try connecting to my iphone through shared internet, the VPN will not connect.My iphone X has the latest ios 11.4.

If I use my home network the VPN connection has no problem to connect.

I know that the pptp service has been closed down on iphone, but thought that L2TP would work.

Anyone have a workaround ?
0
Every morning we come in and our connection to a hosted application is unavailable.  After a few hours of being in, the connection is some how restored automatically.  This connection is restored at the same time every day.....

I ran a timestamped ping test to the remote LAN IP over the VPN tunnel from a computer to determine when it goes down and when it comes up. The ping replies with "No resources" right at 11pm and then the connection is restored right at 9am.  You can find the ping file attached.

I don't think this is a physical connection issue on the local end because internet remains up the entire time and this only happens on this one VPN tunnel.  This seems like there might be a timed rule on the remote VPN side to terminate or block connectivity for that time but I could be wrong?

Any thoughts?
0
After installing Cisco Anyconnect VPN client we can no-longer ping servers/ PC's over DNS ONLY IP address when connected with a standard windows VPN.

To give more background, we have this issue on 2 computers, both on a domain. PC's without the cisco anyconnect client work fine on any VPN, the ones with it does not work on any VPN.

We have removed the Cisco VPN client, same issues - PC's outside of the domain are also fine without the client installed.
0
Office:
I have an small office that has one windows 2012 R2 Standard server (which is a Domain controller too .) with several other workstations and all seems to works fine.
The office use Sonic wall TZ300w Firewall.

Home Office:
I have an home office with windows 7 Pro that was joined with the Domain prior to be moved and relocated to Home office.
The Home Office use Sonicwall TZ100

The Sonicwall GVC (VPN Client) is used to connect the windows 7 Pro to the Office. Upon established connection, I can ping the server or any other computer by IP and also by Name, in addition I can Map the resources of the shared folder on the server.

The above statement will be true from the office and I can connect to the windows 7 shared folder (MAP) and can ping by IP and by name. However after a while everything stay the same except the map driver to windows 7 will break and is not available. I still can ping the the remote windows 7 by name and IP but \\192.168.168.5 or \\homebackup will fail.
Can someone please assist where the problem might be (TZ100, TZ300, GVC, Server)?
BackupChart.pdf
0
Hi
We are having issues with pushing out applications (using PDQ by admin arsenal) to remote vpn clients (win10).  

Overview:
Currently we have three sites, two using on premise Cisco ASA firewalls that provided VPN access via the old Cisco VPN client and another site that is an MPLS core (which the other two sites will link to in the coming months).  The MPLS core is a Cisco 5512 and thats using Cisco anyconnect VPN.

All three sites are on 10.255.255.0, 10.255.254.0 and 10.255.253.0 ranges.  
On prem DNS has revers lookup zones added for the three 10. ranges.

I think the issue has arisen since migrating one of the sites from on premise configuration to MPLS, but this could just be coincidence.

The remote VPN clients can browse the PDQ servers bu UNC but the server cannot connect the other way.

We can nslookup, tracert and ping fine from the server.

If the remote machines connect to either of the corporate LANs (some are connected over site to site VPN) PDQ can deploy fine (we can UNC to the client also).

We suspect this if firewall related but the management company cannot find a fix.

Ideas?
0
Cloud Class® Course: Microsoft Azure 2017
LVL 12
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

Hi
Were experiencing issues with the Shoretel VoIP breaking up.
This is occurring predominately at one of our remote sites, however the main site is being affect, if slightly less.
Internal calls from the remote site to head office along with external calls are frequently causing problems.

Each site has 100/100mb link,
Shoretel switch at both sites.
Director and E1k and Ingate at main site,

Diffserve 467 enabled on HP POE switches
dedicated vlan for voice in place across the sites
sites connected by site to site VPN

Ideas?

Thanks
0
We are unable to disable outlook anywhere for a particular user using the below commands.

Get-Mailbox –Identity "user1" | Set-CASMailbox -MAPIBlockOutlookRpcHttp:$true

set-CASMailbox -Identity <MailboxIdParameter> -mapiblockoutlookrpchttp $true

We are able to access the account from external network without VPN even after disabling Outlookanywere.

All helps will be highly appreciated !!!
0
I am trying to setup a VPN connection between a Vigor Draytek 2862 and a Fortinet 60D router. I am failing to get a connection. Is there anything I need to look out for?
0
RDS - encryption error...

Getting this on a laptop frequently this morning, connected over remote VPN.  

Also get it a few occasions when the user worked on a different machine over site to site VPN tunnel.

Server 2016.
Clients Win10 1803.
Site to site VPN - Cisco ASA 5505
remote VPN Cisco client and more recently cisco anyconnect.

Ideas?
0
Some of our users have started to loose access to network shares on Server 2016 whilst others continue to access.  The only fix i can find is to reboot the server (not ideal).  When the shares stop working the effected computers can still ping the server and access the server internal IIS web page.

They access the shares over a VPN in an Azure hybrid cloud environment.  I have a pfsense to AzureVPN gateway VPN setup and working.  Everything has been working for months up until the last few days.  

The strange thing is I have a similar setup for another customer (lan/azure hybrid network) and this environment is having the same issues on a completely separate network and separate Azure Tennant and this is with Server 2012.

Any advice to help troubleshoot / identify the problem would be appreciated.  I have raised a ticket with Azure support but think it may take a while to get anywhere.
0
I have a Draytek Vigor 3900 device that I have set up a VPN service to allow staff to connect when they're not in the office.
After something of a battle, I managed to get LDAP authentication working, so that the VPN checks that a user is in a particular security group and that controls their access.

I've hit an issue at the last though, that I simply cannot fix.

Some users can log in and some cannot - the Draytek error logs reveal quite clearly that those who cannot log in are not being issued an IP address so the tunnel is dropping.

I cannot understand why they're not getting an address though, when other users are

For the avoidance of doubt, I'm changing nothing except the username and password when I'm doing this, so there are no other variables and the Draytek is logging

Vigor: pppd[16900]: DHCPC: Ignoring XID ab9059ed (our xid is 125a6928)

According to Draytek the XID should be the same, but they don't know why it wouldn't be.

We're a Server 2012 environment, with 2 x DCs in failover mode (that is working as far as I can tell - I paused the services on each one in turn and tried to login - got the same error.

I'm really stuck now, any thoughts or advice welcomed.
0

VPN

23K

Solutions

23K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.