[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More







A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Share tech news, updates, or what's on your mind.

Sign up to Post

I've setup a Server2016 test environment. Contains a VPN server, NPS Server and a DC. I connect to the VPN fine. Pulls an IP from the defined DHCP scope. I can ping any internal resource, but i cannot navigate to any shares. I've gone as far as completely shutting off the windows firewall on the  server and workstation(Win10) sides, still cannot navigate to a any shared folders on any of the 3 servers. Ive made sure the DNS entries are there. Any ideas as to why i cannot browse to the server by IP?

EX. from an external network connected to the VPN
ping - get 4 responses
ping testdomain (DC server name) - Could not find host testdomain
nslookup - Server: testdomain.test.local
I have a Netgear FVS318N, and it has worked great for our needs in a small business.
 Of  Course netgear is no longer  Supporting any utm or small business fire wall VPN routers.
What is a good alternative to this level of a fire wall with good VPN
IPsec or SSL VPN.
We really don't wanna spend $2000 or even a $1000 is there anything in that mid range? the netgear FVS318 and was only about $200.
 any suggestions thanks
Draytek to Cisco ASA IPSEC vpn issue
I am sure its just a mismatch but wondered if anyone with more knowledge can tell me what to change on draytek to get it to connect.

Draytek set to
Dial Out
Pre shared key entered
High (ESP)
AES (with encryption)
  Phase 1 proposal : auto
  Phase 2 Proposal : AES256_SHA256
Key 1 lifetime : 86400
Key 2 Lifetime : 3600
PFS : enable
Local ID blank

Here is the cisco config for VPN

crypto ipsec ikev1 transform-set ESP-AES256-SHA esp-aes-256 esp-sha-hmac

crypto ikev1 policy 5
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400

crypto map site-to-site 100 match address CCTV-TSI-VPN
crypto map site-to-site 100 set pfs
crypto map site-to-site 100 set peer 8x.xx.xx.xx
crypto map site-to-site 100 set ikev1 transform-set ESP-AES256-SHA
crypto map site-to-site 100 set security-association lifetime seconds 3600
crypto map site-to-site 100 set security-association lifetime kilobytes 4608000
Hi Experts, i created a route based site to site vpn with Azure with ASA 5506 9.8(2). I downloaded the config from Azure and apply it to ASA. However, once i apply the config my on-premise lost internet connection. Am missing some routing configuration?

Here's the show run:

ASA Version 9.8(2)
hostname TestASA
enable password xxxxxxxxxxxxx
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
xlate per-session deny tcp any6 any4
xlate per-session deny tcp any6 any6
xlate per-session deny udp any4 any4 eq domain
xlate per-session deny udp any4 any6 eq domain
xlate per-session deny udp any6 any4 eq domain
xlate per-session deny udp any6 any6 eq domain

interface GigabitEthernet1/1
 nameif outside
 security-level 0
 ip address xxx.xxx.xxx.xxx
interface GigabitEthernet1/2
 nameif inside
 security-level 100
 ip address
interface GigabitEthernet1/3
 no nameif
 no security-level
 no ip address
interface GigabitEthernet1/4
 no nameif
 no security-level
 no ip address
interface GigabitEthernet1/5
 no nameif
 no security-level
 no ip address
interface GigabitEthernet1/6
 no nameif
 no security-level
 no ip address
interface GigabitEthernet1/7
 no nameif
 no security-level
 no ip address
interface GigabitEthernet1/8
 no nameif
 no security-level
 no ip address
interface …
I am working to reassign a laptop from one user to another.
I ran through my typical setup tasks (including using windows recovery to rest the machine & installing windows updates) but when I tried to install Cisco AnyConnect VPN client, I got an error.
"Installer information. There is a problem with this windows installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor"

I have spent days trying to troubleshoot...what I know is that it isn't the installation file itself that is the issue because I was able to install it on another machine as part of my troubleshooting.
the only issue that I can find is that the vpnva display name in the registry is incorrect [@oem29.inf,%VPNVA64_Desc%;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64] . I am able to correct it but it reverts every time I try to reinstall cisco.

the machine is an Hewlett-Packard HP ENVY TS 15 Notebook PC running windows 10.

please let me know if there is any additional information that could be helpful.
I am beginner to Cisco , and I would like to pass through video stream multicast address 239.x.x.x. from one site to other site . I have created Site to Site VPN tunel. both sites are using Cisco ASA 5510. the Site to site VPN  tunneling is working properly...I can use remote desktop on the other site using the private ip adress. I would like to know what are the access rules or NAT  should be applied  in order to feed the  video stream to one site to other. and how can I check that the stream is working

Thank you

Yuor fast response is much appreciated
We use Skype for Business but we're currently unable to review the chat logs and receive mobile updates (for instance, updates to a group conversation) on our mobile devices.  At my last place of employment I was able to do both.  My question is, are there some changes to our environment we would would need to make in order to enable both features?  For instance, will these features ONLY work if there's some sort of VPN client running on the mobile device?  Does the customer have to host Skype internally?

If there's a URL that describes the requirements I'd be glad to review them.

Can a Windows 10 VPN access a Windows 2000 server network? If yes, what settings need to be made?
Thank you.

I'm having issues with Cisco Any connect VPN client not allowing remote connections, specifically ports 139-445.  Running port query is showing that there are some ports open but not ones for the IP address assigned to the virtual network adaptor.

We have the old Cisco vpn adaptor running and those ports are ok.


I have 2 sites connected via IPsec VPN but I cannot connect to services across this VPN.


The tunnel is active and I can send ICMP in either direction but I can't connect to any of the internal resources. This had been working previously for a while (years) without issue and just recently cropped up, no changes have been made to the networks.


Site A:
Using a Ubiquiti EdgeMax Router firmware 1.10.5

Site B:
Using a Cisco RV042


auto-firewall-nat-exclude is enabled, can ping across VPN, running latest firmware, rebooted device, rekeyed the tunnel, destination server firewall is allowing incoming traffic


Here is my tunnel sa and a ping showing that I can get across.



I can also ping from the remote site to


From Site A I can access a local website at Site B, but I cannot connect to local resources at Site A from Site B which is what we really need.
we have a domain controller that is also our file server, that I want to be able to access, actually a shared folder called shared.

I am trying to setup a windows vpn to allow access.

I have created the vpn connector on the server, picked out my user name, specified it to allocate IP's form a range that is free. On the router, I have set port forwarding for port 1723 to the local IP address of the required server, and created a client vpn connection to the public IP address of our server. Also, opened up the windows firewall on the server for port 1723.

When I try to connect the vpn from the client we get :-

screenshot of error
Not sure where the account name is being pulled from, as the user name is set correctly and that is my email address.

I have not setup a windows vpn before, but thought this would be a quick and easy way to provide access to some data that I need.

Can anyone advise where the problem may lie?

Any advice much appreciated.
I do tech work for small businesses and I barley dabble in VPN connections. I'm using a cisco VPN firewall. This one site I have a VPN tunnel is live, but for what ever reason when I use one to one NAT the device on that IP loses internet connection.
I need the one to one NAT for them to be able to ping the device. Any advice as to what I can do to avoid losing internet on this device? Is there another way? Remember I'm bit of a noobie when it comes to this stuff.
Thanks in advance.
We have a Windows 2012 R2 RDS server.  For the last 5 days, that box goes through periods of serveral hours where connectivity is very spotty.  RDP sessions won't connect or disconnect after just a few minutes.  Sometimes it won't even ping at all, or pings with very slow response times.  When it's not pinging or pinging slowly, we can't RDP or VNC into the box at all.  We have replaced the NIC, patch cable, switch port, and rebooted the switch it's plugged into.  Nothing helps.  It just gets better on it's own and then breaks on it's own.  Rebooting the server or rebooting the switch will sometimes get it going again, but RDP sessions will continue to disconnect after a few minutes until it just decides to get better.  We even hooked up a second NIC with a seperate IP address, and we get the same results with that NIC.  It affects both our local and VPN clients PCs, which are a mixture of Windows 7 and Windows 8.  I'm lookiing for any ideas here - I'm pulling my hair out.
I have a customer that travels to China and has a Google account he uses a lot.
Since all things Google are blocked over there ,I was going to set up a VPN  at the office for him to use.

Does China block unlisted public IP's for VPN  use?
I want to have a duplicate Lightroom setup on two computers in two different cities.
Macs at both ends.  High Sierra OS
Photos are divided into folders, based on the date of import
My base of operations is in New York City, and I have to spend some time away in Massachusetts
Lightroom has over 300,000 pictures, and the catalog is over 4.39 GB
I need my assistant to sync and review my collection, delete photos and add keywords, etc.
After the assistant does their changes, I will need the
In preparation, I did the following copying:
I duplicated all the LR files onto a removable drive  (CRU RTX)
I took the drive with me to the second city
I set up a VPN between the two locations.
NYC has a fast FIOS connection:  greater than 300 Mbps both download and upload.  Sometimes Speedtest will show >600 for each
MA has a cable connection - about 60Mbps Download and 20Mbps Upload
I connect from NYC to MA
Tunnelblick on NYC computer
Araknis Router in MA has OpenVPN
First Method of sync:
Mac File Sharing
"Beyond Compare" application to update from one direction to another
Too slow to compare files over a VPN
Connection would drop - I assume from the 'stress' of comparing too many files
Second Method of sync:
"Retrospect" application - Server in NYC, Client in MA.
The Client works locally on the MA computer to catalog changes,
Server in NYC compares MA catalog of files to NYC local catalog
Retrospect copies new and changed files
Rather than …
Sonicwall NSA 2600 intermediately blocking certain PCs from Internet Access.  Just started a couple days ago and nothing has changed on the Sonicwall.  Randomly 2 PCs (that I know of) will be blocked from Internet & site-to-site VPN access until the main Sonicwall is rebooted.  Then connectivity will be restored until the Sonicwall blocks them again.
Our LAN uses 192.168.1.x IP addresses.  One of our vendors has just required us to connect to their VPN, then RDP to one of their computers to conduct business.  Their network also uses 192.168.1.x IP addresses.  Our network is small, so the effects have been minimal, but only by luck it would seem.  Sometimes we are forced to re-login to our own file server, and this is cumbersome and inconvenient.  How can we adjust settings on our end to minimize/eliminate IP address conflicts?  Our networking equipment is SOHO.  One perhaps obvious solution would to change our entire subnet internally, but that just doesn't seem like the best way to proceed.  Advice please?
I was playing Fortnite BR recently and i got an error that kicked me out of the game and the error said "You were removed from the match due to internet lag, your IP or machine, VPN usage, or for cheating. We recommend not utilizing VPN or proxy services while attempting to play fortnite." I tried to get help from support about this bug but the support for epic games is absolute trash and did not provide me with any assistance, so i just turn off my computer and go to bed. The next day i try to log in to my epic games account and I get a message saying my account has been disabled. Which is very disconcerting to me i went to support again time after time after time only getting bot replys, then trying to call the number for epic games which tells me to go to there support center.  I really need some help here i cant play on any other accounts I'm assuming they machine banned me, but i was wrongfully banned. However i can't debate this issue with anybody because every time i go to support all i get is a bot reply. The reason why I'm coming here is because i saw a similar post about this and was hoping that someone could help me as well, after putting a lot of money into this game and time, and getting banned for no reason its absolutely stupid.
I'm trying to set up a VPN tunnel to the Google Cloud Instance I've created but have no idea how to do this.

I'm using a Draytek 2860n router on my local LAN
I've created a VPN at Google using Route Based

If there's anyone who can help with this I would so appreciate it. Completely stuck.

Many thanks
What are some good books that discuss how to set up and configure Direct Access within a Server 2016 network?

If there aren't any good books that deal solely with Direct Access then what are some Server 2016 books that go into the Direct Access subject in good detail?
I've got a fairly simple set up - with an RDS server (.1.11) a DC/DNS at 1.14 and a client at a remote office connected via VPN at .3.2

The problem is that when the client attempts to reach the RDS server via name, it's attempting to reach it at its public IP address.   When I do an nslookup it's returning the private .1.11 IP address.
We have a site-2-site VPN setup between onprem and Azure and able to access all Azure resources on our internal network without issue. One of the VM's is a DC which replicates with our onprem DC's. I have noticed sporatic RPC connection errors between the partner DC for replication. The onprem firewall and Azure NSG have all ports open for the VPN connection. When I ping between the onprem DC to Azure and reverse, the average ping times are ~13 - 15ms. It this ok for the site-2-site VPN link? When I run a continues ping for hours at a time and log the result to a files, I do not see any ping drops.
Dear Experts

We would like to restrict users from internet (though they have login for the application server)  our objective is  users who have application login access  should still be allowed based on their mac address,  first level at our firewall check mac id allow or reject then second level application level authenticate , we are completely okay to allow the users who work from remote office which has strong firewall but the same users from their home or internet then mac id to be checked and it is not from the accepted mac id then it should deny the access . application is webbased linux , apache and mysql .below are my doubts
  I have been as asked this to implement however I am not sure the users who access this application is from their office  behind the firewall and they will have to pass their firewall in this case will it be still possible to validate user mac addess and grant or reject access from our firewall,  is this possible ,  through vpn is fine but what if vpn details are known to others and if they access from their systems hence mac restriction is been asked, can you please suggest control based on mac is it good to go or is there better solutions , thanks in advance.
Set up L2TP VPN on Server Essentials 2016

PPTP is currently enabled. However, we need to change this to L2TP. As RRAS is now in legacy mode (which I have enabled via Powershell), Clients still can not connect via L2TP on a Windows 10 machine
A client of mine wants the Direct Access role to be installed within a Server 2016 Hyper-V virtual machine.

I have already found instructions for setting up Direct Access but these guides don't include any instructions on how to set up the Hyper-V networking to support installing Direct Access within a Server 2016 Hyper-V virtual machine.

Please provide me with the instructions for installing Direct Access including setting up the Hyper-V virtual machine networking that is necessary for installing Direct Access within a Hyper-V virtual machine.

Direct Access will be installed on a server that has 4 physical RJ network ports.






A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.