VPN

24K

Solutions

23K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have setup a L2TP/IPSec VPN connection on a Zyxel VPN router.  I have setup the VPN connection on several Windows 7 and Windows 10 PCs and they connect without a problem.  I am on the last PC and it will not connect.  I get the request for the username and password (which I have verified) and after a brief try I get an error message:

Can't connect to VPN
A connection to the remote computer could not be established, so the port used for this connection was closed.

Apparently the IPSec is working due to the request for a username and password.
This particular PC is behind a Comcast/Xfinity Modem/Router.   I am not too sure what the others were behind.  At this point I cannot log into the router (do not know the password).

I have shut off the Firewall and reloaded the OS.  Same results.
0
I have a Fortigate 80D firewall, with FortiOS version 6.2.0, lately upgraded. The user remote access was configured using IPsec VPN, and handled by Forticlient. In previous versions, it was working without any problem. But now, users can connect, but can no more access network resources.
The only thing that was performed, was enabling IPv4 Split Tunnel.
I wonder what i can do to re-establish a correct connection using FortiClient
Thanks for help
0
I was using VPN for some services however VPN may not be available in some countries. Are there any good VPN alternative out there which can be used on iPhone effectively? Paid or subscription is fine to me.
0
I have a simple setup... I have enabled the draytek L2TP with IPsec VPN which works fine.

I have a server on site which i access using \\IP-MAINSERVER
The issue is that when I am off site and I VPN in, I cant access the server using \\IP-MAINSERVER, I have to use the IP address.

Why is this?
0
I have a server running Windows Server 2012 R2 Essentials and Access Anywhere VPN is setup and WAS working. Now everyone who attempts to access this server remotely using the VPN gets the following symptoms. The VPN connects (apparently) but all access to the Internet goes down at the same time. Disconnecting the VPN restores Internet access. I have tried unchecking the tick box to 'use remote network default gateway'. This restores connectivity locally but I cannot access anything on the remote end of the VPN - the whole point of the VPN! I have other servers setup similarly and they are working fine, but I cannot determine what is causing this VPN connection to fail. I have also tried adding a route to the remote server in my routing table but that also doesn't work. How should I troubleshoot this. I have been looking for differences in RRAS / VPN setup between a server that works and the one that fails but cannot determine anything different. I can access the server via RDC and I can get the Remote web access website up using the external address (same as VPN uses. Ports are forwarded same as working system. VPN using same SSL certificate as default website in IIS. VPN is SSTP.  Some users report it stopping nearly 3 weeks ago (maybe?) . Can anyone help?
0
I am using a Netgear R8000 router, I understand that it has a VPN feature that can be connected via Open VPN client. However, does it come with a feature of VPN via L2TP/IPSEC? If yes, how to configure it on my router and make my router beocme a L2TP/IPSEC VPN server? Thanks.
0
Have a computer outside of the netowork that uses Sonicwall Global VPN client to connect to network.  There is an excel file they edit that is on a file server in the office they are connecting to.  The internet service is 15MB down and 1.5MB UP.  When saving changes on the excel file (not locally but on the remote sever) would the terrible upload speed affect the time it takes to save after many changes are made?
0
One of our clients vendors setup a VPN on one of the machines internally at the location.   It was a windows pptp connection.   The vendor setup all the correct settings and added the preshared key.   When connecting the connection makes it to a UN and PW prompt and then after entering the credentials it just says connecting to (Shows external IP) and just hangs and disconnects.  

The vendor that set this up had no idea why it wouldn't connect so now they are asking us to fix it.  

The unit is Windows 10 Pro.   If a PPTP makes it to a UN and PW prompt my guess is that its hitting the firewall just fine and could it be as simple as they are not putting in the domain\UN and just the UN and PW which is preventing the connection from completing?   I have no idea what firewall they have and we have no access to it as its managed by the vendor but they are telling us their end is fine.   Any assistance would be appreciated.
0
I have users getting a 404 when attempting to access an internal website while not on the network.
The internal site is hosted on IIS.

For example they are at home and need to be on the vpn to make it work.
In this example they click the link, they are not on the vpn, thus they get a 404.

Due to the fact a user may not realize that they need to be on the vpn....

is there a way to handle messaging to the end user such as a customer error message or some other messaging letting them know to connect to the vpn.  I dont think a redirect works here since they are not on the domain.

Please offer some best practices.


Thanks,
0
I am using the following setup:
1. VPN Server reachable at public IP with SoftEther VPN-Server installed on Debian (listening on port 443)
2. BIND9 and DHCP server installed on Debian
3. Client
  - OS: Windows 10 1803
  - Ethernet NIC with guest internet (allowing ports 80 and 443 outgoing)
    . gets through DHCP an internal IP address 192.168.2.149 by the connected Fritz!box at 192.168.2.1
    . the Fritz!box WAN IP is 87.123.236.76 which resolves in i577bec4c.versanet.de
  - The certificate exported from above server has been imported into Local Computer under Root Certificates
  - Configured Windows SSTP VPN-Client
  - host name is "MyClient"

Issue:
- I can successfully connect the SSTP VPN-Client to the VPN-Server
- The VPN adapter is in connected state with properly assigned IP, netmask, gateway and DNS (like intended by the backend)
- the only issue is, that the DNS registration of my host is NOT the expected "MyClient.psv.local" (as it correctly does with L2TP connection)
- instead it registers the WAN IP 87.123.236.76 (or sometimes its resolved FQDN i577bec4c.versanet.de ) of the ethernet adapter
- I disabled IPv6 on both LAN and VPN adapters, checked "register IP address in DNS" on VPN adapter

I really need the SSTP to work properly, since it is the only way of connecting over TCP 443.
Cannot use SoftEther Client or OpenVPN,because they conflict with the Qbik Wingate soft I installed for internet connection sharing.

Any help would be greatly…
0
Windows 10
Cisco AnyConnect: The VPN connection failed due to unsuccessful domain name resolution.
Why do I get this message?
0
Hi Guys,

We have recently setup a 3 way VPN. one HQ and 2 Branches. 2 sites are configured with NBN and fibre 400. One site is with ADSL2+. IPsec VPN between NBN site and Fibre400 is working fine. But, the ADSL2+ site is showing that the VPN is configured and online but, not able to ping any IP either way. Any idea why?

Regards,

Ajoy
0
TL;DR DFS Namespace does not recognise the AD Site (appear as site <unknown> in mmc) that the servers reside in, so clients can get connected to the wrong site file server via drive mapping to namespace occasionally which is not ideal as it's the remote site is over VPN link and slow



Having some issues with Windows AD DFS, hope someone can help, otherwise I'm going to have to call in one of those Microsoft Incident Support and eat the cost as my customer is starting to get a little annoyed.



Have a small network with 2AD sites linked by VPN (OpenVPN via the gateway device)

2 DC in main site, 1 fileserver (2016) all Hyper V

1 DC in branch office, 1 fileserver (2012 R2) all Hyper V



The AD Sites have been created, DC's put in correct ones and subnets set up for each site

I have verified where AD thinks the servers are by nltest successfully



I have successfully set up the DSR Namespace and Replication between the two servers which is working away merrily, but I have a strange issue. The clients have mapped drives to \\mydomain.local\files\relevant share but if I check the DFS on the properties of the drive sometimes they are using the remote fileserver and not the local one, which they should get connected to because of the site they are local to via the subnet as far as I am aware.



I noticed that in the DFS mmc the two file servers are in site <unknown> I think this is where the problem lies. I tried creating a new namespace but the …
0
Getting a TLS error on a particular web site when connecting via a Fortinet VPN connection. Error is "Can't connect securely to this page. This might be because the site uses outdated or unsafe TLS security settings".

The site works fine when connecting from the local LAN.
0
Hi Guys,

We've setup a site-to-site VPN with a SonicWALL TZ400 on both sides.
We would like to use the same IP range and subnet on both sides.

Is it possible to split the subnet to accommodate this scenario?
0
I just got a new Cisco ASA 5506-X firewall with FirePower licensing.
We want to set up SSL AnyConnect client for notebook and mobile phones to access internal servers(10.10.30.2/24) and access the internet via the remote gateway.
I am a newbie to ASA, could I have some examples?  Thanks a lot.
Remote server subnet: 10.10.30.0/24
VPN Pool: 192.168.10.0/24

I tried three examples for the Cisco website, but all of them can only fulfill part of my requirements.
https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/100918-asa-sslvpn-00.html#anc7
0
Hi,

I have a question regarding remote users and security.

Which one is better or the standard way?

1. VPN and RDP to a inside computer
2. VPN without RDP, but more restrictions through ACLs.

What is the way to go? PS: We have extremely sensitive PII information.

Thank you in advance!

Bernhard
0
Hello

We are to deploy Sales force Cloud to users.  From initial testing 2FA looks to work well using the authenticator app, however we are now proposing to block access by corporate IP ranges i.e. our firewall WAN IPs, rather than 2FA.  This will mean VPN for remote users will be required not only for SF but other current and future apps.  
Unfortunately the subscription/evaluation has expired and SF wont extend the trial, i have to pay a years fee to continue.

We are also looking at SF inbox, marketing cloud, SF inbox and other 3rd party tools to help integrate SF with exchange.

So, if w ego the route of IP blocking can anyone confirm if this can be setup in Sales Cloud globally for Inbox, marketing and sales cloud?  I only see option to white-list SF IPs.

Thanks
0
Ubiquiti Edge Router X - VPN setup

I have setup the Edge Router X with what I think is the proper commands to establish a VPN connection and I have put this router in the Comcast DMZ to ensure it is actually getting to the router (I had configured some port forwarding but wanted to eliminate that potential issue).

However, using either the built-in VPN connections in Windows 7 or the ShrewSoft VPN client, I am unable to create a tunnel.

Watching the firewall logs through SSH I see some packets coming in, but I am unable to connect.  Thoughts?  Thanks.

=========================
name WAN_LOCAL {
     default-action drop
     description "WAN to router"
     rule 10 {
         action accept
         description "Allow established/related"
         state {
             established enable
             related enable
         }
     }
     rule 30 {
         action accept
         description ike
         destination {
             port 500
         }
         log disable
         protocol udp
     }
     rule 40 {
         action accept
         description esp
         log disable
         protocol esp
     }
     rule 50 {
         action accept
         description nat-t
         destination {
             port 4500
         }
         log disable
:
         protocol udp
     }
     rule 60 {
         action …
0
I need to setup a Site-to-Site VPN between a SmoothWall v3.1 and a SonicWall TZ.    I have tried to configure the connection on both ends but so far have been unable to get any kind of a connection between the two.  

I have played with the IKE and IPSEC proposals on the SonicWall but have not found a combination which works. I do not see anywhere I can set these on the SmoothWall  Has anyone managed to accomplish this?
SmoothWall.jpg
SonicWall1.jpg
SonicWall2.jpg
0
AnyConnet VPN client can access the internet via the remote gateway, but cannot internal servers.

I followed the instructions from (first example, with tunnel all configuration)

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/100918-asa-sslvpn-00.html#anc7


I can not ping or access the 10.10.30.99(Internal server) or 10.10.30.2 (ASA internal LAN) after connected VPN.

Could I please have some advice? Many thanks.
ASA-show-run.txt
0
What are some reasons why Windows 10 would be slow to open applications , when connected to VPN?
VPN client: Cisco AnyConnect
Windows 10 enterprise
0
Hello
We have a problem with our remote clients that are terminating across the cisco anyconnect VPN.  Currently we are unable to browse to the \\unc path of the said remote client, but not all machines.   The problem has been intermittent for a over a year now.  It has gotten worse since 1809 update to Win10.

We can browse from remote client to the LAN and UNC paths.
We can ping both ways i.e. 172 (local LAN) to the remote vpn client IP 10.255.255.*.
DNS is registering the 10.255.255.* IP in reversse lookup.
DNS is also registering local IPs on the forward lookup zone domain.local - this seems to be what is being resolved.

Im thinking its DNS wrongly configured but hesitant to make changes...

Any ideas?

Thanks
0
Hello Experts
I was recently appointed as IT Manager at one of the companies.
This company is using microsoft CRM.
The former Director of Information Technology used traditional VPN technology from Internet service providers to connect all the company's branches around the country. Which cost the company a lot of money per month.
While this VPN is only used to run that program in these branches.
What I think if I can develop or modify this system to use cloud technology or any thing else To reduce costs and also to develop the company
0
Dear Experts,
We just installed Cisco ASA 5506X and are using Cisco AnyConnect Secure Mobility Client.
What I am having trouble is, in order to get to the server drive, the user is always prompted for credential, and I can only use NetworkAdmin credential to get in.
Mapped drives do not work once in VPN, so I started to use specific file path. (\\FileServer\Shared Folder\Documents)

I am not sure why the mapped drive stopped working, but more importantly, isn't there a way to remove this authentication at the server level?  None of the users have to put in the credential when they are in the office.
The server OS is Windows Server 2016 Essential.    
Please advise.
0

VPN

24K

Solutions

23K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.