No Internet on VPN (Windows Server 2012)
Recently I setted up RRAS on my Windows Server 2012 R2.
My server has an interface to the Internet (Ethernet), and second interface - not connected to anything (Ethernet 2).
From client, I can connect to the VPN Server, but I cannot view webpages and use Internet at all. I user L2TPIPSec with preshared key.
Server Firewall:
TCP (In, Out): 443, 1701, 1723.
UDP (In, Out): 500, 1701.
Here are the steps I did:
Here I select the first one - Ethernet and then click on Next.
Here I'm setting my IP pool for private network. When I leave it dynamic, I get error 720 while connecting from client.
After that I was asked to use RADIUS, but I pointed a tick on No.
Then I got this:
Now, under IPv4 I got strange IP: 192.168.192.128. Why 128? Also, do I need Broadcast name resolution?
So, at this point I can connect my client. But I don't have Internet.
So I went back to the server. In Internet I found some articles about DHCP, but I don't really know what I have to set up here:
Here are my NAT properties. As you can see, Ethernet receive something.
Setting this tick doesn't help in both cases: 192.168.0.0 and 192.168.192.169:
Ethernet, obviously, is public and NAT-enabled. Internal is private. Do I really need Internal here?
Also I tried to set up Address Pool, where public was my public IP and private is 192.168.192.169. Didn't help.
UPD 1
Well, after some research I made it work.
I started once again and selected Custom config, then selected VPN and NAT. Added static IP pool, Ethernet adapter as DNS, WINS and DHCP. In IPv4 I added NAT protocol and added Ethernet there. And I was able to connect to the internet from the client. BUT!
Just after I load webpage on the client, my Windows Server stopped to response, RDP is lost and VPN disconnected. Even VNC didn't work. I needed to restart my server, so it can work once again.
I can ping some sites, even load Google. But after Google is loaded, Windows Server stopped to respond...
Also I have this error in Event Log:
VPN IP Addressing monitor has gone from HEALTHY state to UNHEALTHY state on 6/3/2017 at 2:19 PM on WIN-344VU98D3R. The failure heuristic IDs for state change of VPN IP Addressing are 40030001.
What the hell is that?
networking vpn windows-server-2012-r2
asked Jun 3 '17 at 10:24
Vladislav KasianenkoVladislav Kasianenko
10113
add a comment |
Recently I setted up RRAS on my Windows Server 2012 R2.
My server has an interface to the Internet (Ethernet), and second interface - not connected to anything (Ethernet 2).
From client, I can connect to the VPN Server, but I cannot view webpages and use Internet at all. I user L2TPIPSec with preshared key.
Server Firewall:
TCP (In, Out): 443, 1701, 1723.
UDP (In, Out): 500, 1701.
Here are the steps I did:
Here I select the first one - Ethernet and then click on Next.
Here I'm setting my IP pool for private network. When I leave it dynamic, I get error 720 while connecting from client.
After that I was asked to use RADIUS, but I pointed a tick on No.
Then I got this:
Now, under IPv4 I got strange IP: 192.168.192.128. Why 128? Also, do I need Broadcast name resolution?
So, at this point I can connect my client. But I don't have Internet.
So I went back to the server. In Internet I found some articles about DHCP, but I don't really know what I have to set up here:
Here are my NAT properties. As you can see, Ethernet receive something.
Setting this tick doesn't help in both cases: 192.168.0.0 and 192.168.192.169:
Ethernet, obviously, is public and NAT-enabled. Internal is private. Do I really need Internal here?
Also I tried to set up Address Pool, where public was my public IP and private is 192.168.192.169. Didn't help.
UPD 1
Well, after some research I made it work.
I started once again and selected Custom config, then selected VPN and NAT. Added static IP pool, Ethernet adapter as DNS, WINS and DHCP. In IPv4 I added NAT protocol and added Ethernet there. And I was able to connect to the internet from the client. BUT!
Just after I load webpage on the client, my Windows Server stopped to response, RDP is lost and VPN disconnected. Even VNC didn't work. I needed to restart my server, so it can work once again.
I can ping some sites, even load Google. But after Google is loaded, Windows Server stopped to respond...
Also I have this error in Event Log:
VPN IP Addressing monitor has gone from HEALTHY state to UNHEALTHY state on 6/3/2017 at 2:19 PM on WIN-344VU98D3R. The failure heuristic IDs for state change of VPN IP Addressing are 40030001.
What the hell is that?
networking vpn windows-server-2012-r2
asked Jun 3 '17 at 10:24
Vladislav KasianenkoVladislav Kasianenko
10113
add a comment |
Recently I setted up RRAS on my Windows Server 2012 R2.
My server has an interface to the Internet (Ethernet), and second interface - not connected to anything (Ethernet 2).
From client, I can connect to the VPN Server, but I cannot view webpages and use Internet at all. I user L2TPIPSec with preshared key.
Server Firewall:
TCP (In, Out): 443, 1701, 1723.
UDP (In, Out): 500, 1701.
Here are the steps I did:
Here I select the first one - Ethernet and then click on Next.
Here I'm setting my IP pool for private network. When I leave it dynamic, I get error 720 while connecting from client.
After that I was asked to use RADIUS, but I pointed a tick on No.
Then I got this:
Now, under IPv4 I got strange IP: 192.168.192.128. Why 128? Also, do I need Broadcast name resolution?
So, at this point I can connect my client. But I don't have Internet.
So I went back to the server. In Internet I found some articles about DHCP, but I don't really know what I have to set up here:
Here are my NAT properties. As you can see, Ethernet receive something.
Setting this tick doesn't help in both cases: 192.168.0.0 and 192.168.192.169:
Ethernet, obviously, is public and NAT-enabled. Internal is private. Do I really need Internal here?
Also I tried to set up Address Pool, where public was my public IP and private is 192.168.192.169. Didn't help.
UPD 1
Well, after some research I made it work.
I started once again and selected Custom config, then selected VPN and NAT. Added static IP pool, Ethernet adapter as DNS, WINS and DHCP. In IPv4 I added NAT protocol and added Ethernet there. And I was able to connect to the internet from the client. BUT!
Just after I load webpage on the client, my Windows Server stopped to response, RDP is lost and VPN disconnected. Even VNC didn't work. I needed to restart my server, so it can work once again.
I can ping some sites, even load Google. But after Google is loaded, Windows Server stopped to respond...
Also I have this error in Event Log:
VPN IP Addressing monitor has gone from HEALTHY state to UNHEALTHY state on 6/3/2017 at 2:19 PM on WIN-344VU98D3R. The failure heuristic IDs for state change of VPN IP Addressing are 40030001.
What the hell is that?
networking vpn windows-server-2012-r2
asked Jun 3 '17 at 10:24
Vladislav KasianenkoVladislav Kasianenko
10113
Recently I setted up RRAS on my Windows Server 2012 R2.
My server has an interface to the Internet (Ethernet), and second interface - not connected to anything (Ethernet 2).
From client, I can connect to the VPN Server, but I cannot view webpages and use Internet at all. I user L2TPIPSec with preshared key.
Server Firewall:
TCP (In, Out): 443, 1701, 1723.
UDP (In, Out): 500, 1701.
Here are the steps I did:
Here I select the first one - Ethernet and then click on Next.
Here I'm setting my IP pool for private network. When I leave it dynamic, I get error 720 while connecting from client.
After that I was asked to use RADIUS, but I pointed a tick on No.
Then I got this:
Now, under IPv4 I got strange IP: 192.168.192.128. Why 128? Also, do I need Broadcast name resolution?
So, at this point I can connect my client. But I don't have Internet.
So I went back to the server. In Internet I found some articles about DHCP, but I don't really know what I have to set up here:
Here are my NAT properties. As you can see, Ethernet receive something.
Setting this tick doesn't help in both cases: 192.168.0.0 and 192.168.192.169:
Ethernet, obviously, is public and NAT-enabled. Internal is private. Do I really need Internal here?
Also I tried to set up Address Pool, where public was my public IP and private is 192.168.192.169. Didn't help.
UPD 1
Well, after some research I made it work.
I started once again and selected Custom config, then selected VPN and NAT. Added static IP pool, Ethernet adapter as DNS, WINS and DHCP. In IPv4 I added NAT protocol and added Ethernet there. And I was able to connect to the internet from the client. BUT!
Just after I load webpage on the client, my Windows Server stopped to response, RDP is lost and VPN disconnected. Even VNC didn't work. I needed to restart my server, so it can work once again.
I can ping some sites, even load Google. But after Google is loaded, Windows Server stopped to respond...
Also I have this error in Event Log:
VPN IP Addressing monitor has gone from HEALTHY state to UNHEALTHY state on 6/3/2017 at 2:19 PM on WIN-344VU98D3R. The failure heuristic IDs for state change of VPN IP Addressing are 40030001.
What the hell is that?
networking vpn windows-server-2012-r2
networking vpn windows-server-2012-r2
asked Jun 3 '17 at 10:24
Vladislav KasianenkoVladislav Kasianenko
10113
asked Jun 3 '17 at 10:24
Vladislav KasianenkoVladislav Kasianenko
10113
edited Jun 3 '17 at 16:43
Vladislav Kasianenko
asked Jun 3 '17 at 10:24
Vladislav KasianenkoVladislav Kasianenko
10113
asked Jun 3 '17 at 10:24
Vladislav KasianenkoVladislav Kasianenko
10113
asked Jun 3 '17 at 10:24
Vladislav KasianenkoVladislav Kasianenko
10113
10113
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
You probably forgot to install the NAT (Routing) when installing the VPN role at the beginning of the instruction...
edited Nov 16 '17 at 17:11
Scott
15.9k113990
answered Nov 16 '17 at 15:18
LeopoldLeopold
1
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1215641%2fno-internet-on-vpn-windows-server-2012%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
You probably forgot to install the NAT (Routing) when installing the VPN role at the beginning of the instruction...
edited Nov 16 '17 at 17:11
Scott
15.9k113990
answered Nov 16 '17 at 15:18
LeopoldLeopold
1
add a comment |
You probably forgot to install the NAT (Routing) when installing the VPN role at the beginning of the instruction...
edited Nov 16 '17 at 17:11
Scott
15.9k113990
answered Nov 16 '17 at 15:18
LeopoldLeopold
1
add a comment |
You probably forgot to install the NAT (Routing) when installing the VPN role at the beginning of the instruction...
edited Nov 16 '17 at 17:11
Scott
15.9k113990
answered Nov 16 '17 at 15:18
LeopoldLeopold
1
You probably forgot to install the NAT (Routing) when installing the VPN role at the beginning of the instruction...
edited Nov 16 '17 at 17:11
Scott
15.9k113990
answered Nov 16 '17 at 15:18
LeopoldLeopold
1
edited Nov 16 '17 at 17:11
Scott
15.9k113990
edited Nov 16 '17 at 17:11
Scott
15.9k113990
edited Nov 16 '17 at 17:11
Scott
15.9k113990
15.9k113990
answered Nov 16 '17 at 15:18
LeopoldLeopold
1
answered Nov 16 '17 at 15:18
LeopoldLeopold
1
answered Nov 16 '17 at 15:18
LeopoldLeopold
1
1
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1215641%2fno-internet-on-vpn-windows-server-2012%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
