Routing and Remote Access VPN DHCP error

Similar Messages

• Server 2003 routing and remote access not passing VPN traffic

  I've inherited a network that has two IP scopes that are routed through a Windows 2003 server with Routing and Remote Access.  I can ping both sides (we'll call them HQ and Plant) internally.  My firewall has an IP from the HQ IP scope and when
  I connect via VPN, I can see all the devices on the HQ network including the network card that is in the routing server for that "side".  However, if I'm connected via VPN, I cannot get to any of the IPs on the Plant side, not even the card
  in the routing server.  The buck stops on the server.
  I should mention, that the firewall assigns IP addresses that are on the HQ scope, so all VPN connections will have an address from that side.
  I'm lost on how to get this set up so my VPN traffic coming in from the HQ side can be routed to the Plant devices. 

  Hi,
  To be honest, your statement confused me a bit.
  VPN is used for external client get access to internal resource. When we setup VPN server, we usually have two NICs. We need choose a NIC that will be used when client initiate
  a connection request. I prefer to call it external NIC card. The internal one will work as DHCP relay agent. So this is a single way connection. You cannot dial from internal to external.
  If I misunderstood you, please elaborate what you are trying to do.
  Hope this helps.

• Error 1053 when starting the Routing And Remote Access service

  Hi all,
  When I tried to start the "Routing And Remote Access" service on Windows 8.1 I got an error message as follow.
  Could some one help me please.
  Than's.

  Hi MRAB,
  Please check if all dependences are enabled first.
  Then set the start type to Automatic.
  Does this issue still occur after a restart?
  Alex Zhao
  TechNet Community Support

• Routing And Remote Access Service: Error 1068: The dependency service or group failed to start

  Hi,
  I tried to establish a PPP connection between my windows 8.1 PC and another kind of machine using an USB cable. So, as usual on Windows XP and Windows 7,
  I configured the COM in the modem list and I tried to start the
  "Routing And Remote Access" service and then
  I got this message.
  So any idea why is failing?
  Please help!
  Thanks thaks thanks

  Hi,
  Was your issue resolved?
  If no, please reply and tell us the current situation in order to provide further help.
  Karen Hu
  TechNet Community Support

• Win 7 Pro 64 occasionally fails to connect using IKEV2 to Win2008R2 Routing and Remote Access server

  I'm a networking guy and having this troubling VPM issue that I can't find.
  I have a number of VPN connections from my Win7Pro 64 PC to various customers.  Their end points are all Windows Routing and Remote Access on Windows 2008R2 STD servers.
  Every once and a while I will hang at Verifying User ID and Password and eventually get  ERROR 809. Change the security type on my VPN connection from IKEV2 to PPTP - never an issue, connects in right away.
  I can also try from another PC (at the same or alternate location) to get into that same server using the same credentials and access - no issue using either IKEV2 or PPTP.
  This has happened at various times to various customers. Here is what I know it is not:
  - Not the local or remote routers or Firewalls since I can always get in from other PC's going through the same network. Even so, tried rebooting all several times
  - Not an ISP issue at either end since I can always get into other IKEV2 servers from the same PC and from other PC's to the server I can't from my PC.
  This leads to the only logical conclusion.  It is something to do with my Win7Pro 64 PC but for the life of my I can not find it.
  I have obviously tried rebooting the Win7Pro PC. I have also tried recreating the VPN connection several times. Nothing.
  Help!

  Hi,
  I know that you've mentioned that it is not a issue about firewall or router settings, but this error usually comes when some firewall between client and server is blocking the ports used by VPN tunnel.
  so to allow IKEv2 traffic, please make sure to configure the network firewall to open UDP ports 500 and 4500, and to allow IP protocol 50.
  If that is not possible, deploy SSTP based VPN tunnel on both VPN server and VPN client – that allows VPN connection across firewalls, web proxies and NAT
  You can refer to this blog
  http://blogs.technet.com/b/rrasblog/archive/2006/06/14/which-ports-to-unblock-for-vpn-traffic-to-pass-through.aspx
  Regards
  Yolanda
  TechNet Community Support

• Routing and Remote Access Logs (Windows Server 2008 R2)

  Hi,
  I have a Windows 2008 R2 server running Routing and Remote access and users are using PPTP VPN's to connect to our network.
  I have been asked to find logs for the following for connections in to our server
  Username used for connection
  Computer Name
  IP Address used by computer connecting
  Start/End time of VPN session
  Date
  Encryption used
  I found an article stating to enable RRAS logs you need to run the following command
  To enable RAS logs run command “netsh ras set tracing * enabled” and found a series of logs created in this location C:\Windows\tracing
  None appear to contain the information I am looking for and was wondering if I was doing this correctly and if not how I am meant to extract this information?
  If you require any more details just let me know.
  Kind Regards
  David

  Hi,
  I can’t sure which article you have read, but fur the 2008R2 the RAS to enable the log and the debug log in the KB is descried like this, I recommend you to try the KB
  mentioned method.
  To configure RRAS to enable logging
  1. Start Server Manager. Click Start, click Administrative Tools, and then click Server Manager.
  2. In the navigation tree, expand Roles, and then expand Network Policy and Access Services.
  3. Right-click Routing and Remote Access, and then click Properties.
  4. On the Logging tab, select Log errors only, Log errors and warnings, or Log all events, depending on how much information you want to capture.
  5. Click OK to save your changes.
  The related KB:
  RRAS: Logging should be enabled on the RRAS server
  http://technet.microsoft.com/zh-cn/library/ee922651(v=ws.10).aspx
  Hope this helps.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Routing and Remote Access Server 2012 r2 Help

  Hi all, I just setup a new 2012 R2 server with DHCP, DNS and Routing and Remote Access. When a user logs in to the VPN the DHCP is assigning the wrong IP address. My DHCP Scope is 10.0.10.100 to 10.0.10.199 but it's setting it to 169.254.X.X.
  How do I fix this.

  169.254.x.x are APIPA addresses which are allocated when the guest cannot see the DHCP server/allocator. Basically there is something wrong with your RRAS setup.
    You should never run a remote access server on a DC. It will give you all sorts of name resolution problems. As soon as a client connects, the server acquires an additional IP for the VPN connection and the DC is multihomed. That has been a problem
  since NT days and still is.
  Bill

• Routing and Remote Access fails to install

  Hello, I recently installed Windows Server 2008 beta 3 onto my new computer, which went smothly. I have ADDS, DHCP, DNS, IIS, Terminal Services, and Network Policy and Access Service installed and they all work perfectly. However, I recently tried to install Routing and Remote Access, but I got the following error message when I finished the configuration wizard: "Installation of the Routing and Remote Access Service failed because: Class not registered (80040154). Whats causing this, and how do I fix this?

  I also have this trouble of an error when installing Routing and Remote Access "class not registered..."
  It is a Windows Server 2008 RTM clean install.
  Added machine to our Windows 2003 domain and then after reboot added Windows Powershell.
  Logged in as domain admin and then when tried to add routing and remote access got the message described by everyone else.
  Like others I need to know how to get over this problem.

• Active directory domain services stopped after removing routing and remote access role

  Hello everyone;;
  I am in deep trouble.. I did install routing and remote access and then  lost connection to the server remotely. Then I connected a monitor to the server and removed the role... then it asked me to restart the server . After logging back in I found
  all my active directory service has gone... I can see red cross on active directory domain services.. Also I am able to ping other pcs but other pcs cannot ping my server..
  However when I go into the active directory services, it shows all services are running except file replication service. I have tried to start that service but it give error 1053 error..
  My server in  between loses LAN connection... I dont know what is going on.. Please help!!!
  My  server is win 2008 R2 ser pack 1
  Only one DC....
  Has fixed ip, 
  no DNS server running..

  Hi,
  The File Replication Service Start Error 1053 error can be caused by damaged Windows system files. Corrupted system files entries can threaten the well-being of your computer. Many events can result in creating system file errors.
  Please refer to the articles below to troubleshoot the issue:
  File Replication Service Start Error 1053
  http://repairerrors.net/file-replication-service-start-error-1053.html
  Please Note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
  Regards,
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Would you tell me If window server installed with "routing and remote access" can output firewall logs.

  I install "routing and remote access" into Window Server and make it work as a firewall.
  When connections are accepted or denied at firewall, would you tell me if the firewall can output the logs ?
  If that function can, would you tell me how to configure ?
  Thanks.

  Hi Kohenro31,
  I'm a little confused about configuring RRAS to work as firewall, cause we usually deploy RRAS as VPN connection, router etc, would you please post more information in detail?
  Routing and Remote Access Service：
  http://technet.microsoft.com/en-us/library/cc754634(v=ws.10).aspx
  In addition, to view firewall event logs please check this article:
  Viewing Firewall and IPsec Events in Event Viewer:
  http://technet.microsoft.com/en-us/library/ff428140(v=WS.10).aspx
  To enable RRAS logs, please check this article:
  Enabling logs for RRAS:
  http://blogs.technet.com/b/rrasblog/archive/2005/12/22/enabling-logs-for-rras.aspx
  If I have any misunderstanding, please let me know.
  Best Regards,
  Anna Wang

• Routing and Remote access can cause cluster network issues?

  After enabling routing and remote access on the servers, we found lots of cluster issues on our server like<o:p></o:p>
  Cluster Service stopped
  Communication was lost and reestablished between cluster nodes
  Unable to access witness resource
  Cluster resource failed
  can RRAS enabling causes cluster network issues?
  Rahul

  Hi TwoR,
  Please offer more information about your current cluster and RRAS configuration, such as are you installed the RRAS role on any cluster node? Are your cluster in Hyper-V environment?
  Or if you want to create the RRAS cluster you can refer the following KB:
  Deploy Remote Access in a Cluster
  http://technet.microsoft.com/en-us/library/jj134175.aspx
  How to configure Network Load Balancing (NLB) based cluster of VPN Servers
  http://blogs.technet.com/b/rrasblog/archive/2009/07/02/configuring-network-load-balancing-nlb-cluster-of-vpn-servers.aspx
  I’m glad to be of help to you!
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Windows 2012 routing and remote access service with same subnet

  I have internal server IP range -192.168.1.0/24
  Windows routing and remote access service  with vpn client IP -192.168.11../22
  client side IP subnet is -192.168.1.0/24
  So we wan routing \ NATING between  192.168.1.0/24 to 192.168.11.0/22 so if vpn user try to ping 192.168.11.5 it should internally forward all request to 192.168.1.5 
  <p>Don't forget to mark helpful or answer</p> <p>connect me :-</p> <p>http://in.linkedin.com/in/satya11</p> <p>http://facebook.com/satya.1000</p>

  Hi,
  According to your description, my understanding is that VPN client and internal network has the same IP range -192.168.1.0/24. And you want to transfer internal network from IP address 192.168.1.0/24 to 192.168.11.0/22.
  Agree with Charles David’s point of view. The easiest way to fix routing confusion would be to either change the VPN subnet or the VPN client subnet.
  Or, if you configure Windows Server(RRAS) as VPN server, you may enable NAT to transfer internal IP address:
  1. Open RRAS, add NAT.
  2. New interface to NAT and configure it as public interface.
  3. Open Address Pool tab, add IP address range 192.168.11.0/22.
  4. Click Reservations, add reserved IP(192.168.11.0/22) and corresponding internal IP(192.168.1.0/24) one by one.
  This would be a lot of workload. Besides, you may use 3rd party devices to transfer subnet IP addresses.
  Best Regards,
  Eve Wang 
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Exchange Server 2013 and Remote Access VPN on a single server running Windows Server 2012?

  Just by way of background, I have been installing and administering network servers, e-mail systems, VPN servers, and the like for many years.  However, my involvement with Exchange and Windows Server has been mostly on the forensics and data recovery
  level, or as a (sophisticated) user.  I have never tried to deploy either from scratch before.  My deployment experiences have been mostly with Linux in recent years, and with small private or personal "servers" running such cutting edge
  software as Windows XP back when it was new.  And even NetWare once.
  When a client asked me if I could set up a server for his business, running Exchange Server (since they really want Outlook with all of its bells and whistles to work, particularly calendars) and providing VPN access for a shared file store, I figured it
  could not be too difficult given that its a small business, with only a few users, and nothing sophisticated in the way of requirements.  For reasons that don't bear explaining here, he was not willing to use a vendor hosting Exchange services or cloud
  storage.  There is no internal network behind the server; it is intended to be a stand-alone server, hanging off a static IP address on the Internet, providing the entirely mobile work-force of about 10 people with Exchange-hosted e-mail for their computers
  and phones, a secure file store, and not much else.  If Exchange didn't need it, I would not need to install Active Directory, for example.  We have no direct need for its services.
  So I did the research and it appears, more by implication than outright assertion, that I should be able to run Windows Server 2012 with Exchange Server 2013 on a server that also hosts Remote Access (VPN only) and does nothing else.  And it appears
  I ought to be able to do it without virtualizing any of it.  However, I have spent the last three or four days fighting one mysterious issue after another.  I had Remote Access VPN working and fairly stable very quickly (although it takes a very
  long time to become available after the server boots), and it has mostly remained reliable throughout although at times while installing Exchange it seems to have dropped out on me.  But I've always been able to get it back after scrounging through the
  logs to find out what is bothering it.  I have occasionally, for a few minutes at a time, had Exchange Server willing to do everything it should do (although not always everything at the same time).  At one point I even received a number of e-mails
  on my BlackBerry that had been sent to my test account on the Exchange Server, and was able to send an e-mail from my BlackBerry to an outside account.
  But then Exchange Server just stopped.  There are messages stuck in the queues, among other issues, but the Exchange Administration Center refuses now to display anything (after I enter my Administrator password, I just get a blank screen, whether on
  the server or remotely).
  So, I am trying to avoid bothering all of you any more than I have to, but let me just begin with the basic question posed in the title: Can I run Exchange Server (and therefore Active Directory and all of its components) and Remote Access (VPN only) on
  a single Windows Server 2012 server?  And if so, do I have to run virtual machines (which will require adding more memory to the server, since I did not plan for it when I purchased it)?  If it can be done, can anyone provide any pointers on what
  the pitfalls are that may be causing my problems?  I am happy to provide whatever additional information anyone might like to help figure it out.
  Thanks!

  An old thread but I ran into this issue and thought I share my solution since I ran into the same issue. Configuring VPN removes the HTTPS 443 binding on the Default Site in IIS for some strange reason; just go and editing the bindings, add HTTPS and things
  should be back to normal.

• Set value when a virtual, analog modem should answers in Server 2012 Routing and Remote Access

  Hi there,
  I googled for hours on the following problem:
  We have a Routing and Remote Access Server with an Dialogic Diva PRI card (30 lines). The card provides an analog, virtual modem pool. All this runs on Windows Server 2012 (without R2).
  My problem is that the client will be connected after 3 or 4 rings on the line (I can not hear properly with our client device), but it should be connected after the first ring.
  Under Server 2000 there was the possibility to set the value "NumberOfRings" in the registry and / or  set the modem to ATS0 = 1. Both ways do not work in Server 2012.
  Can anyone tell me how it works under 2012?
  Thanks and regards
  Andre

  I assume you followed Dialogic's instructions for configuring the device on Windows Server 2012.  It would most likely make more sense to contact Dialogic if you are having issues.  They support the product.  If it is not working according
  to their configuration instructions, they are in the best position to be able to answer your questions.
  . : | : . : | : . tim

• Routing and Remote access - internal network not accessing internet through public network!

  Hello,
  Good Evening to all.
  I got an issue in routing and remote access on windows 2003 server.  This server is already configured as File server, domain server and Application server. Also configured as router (through routing & remote access) for connecting three different
  network to each other. So This server has three NIC card installed and each NIC card represent separate network.
  three different network are - 192.42.160.0/24 , 192.42.161.0/24, 192.42.162.0/24
  Three NIC card installed on server as with following IP address -
  NIC -1 = 192.42.160.220 , Sub- 255.255.255.0 , Gateway - NO
  NIC -2 = 192.42.161.220 , Sub- 255.255.255.0 , Gateway - 192.161.220.112 (This ip for internet access so 4g router IP)
  NIC -3 = 192.42.162.220,  , Sub- 255.255.255.0 , Gateway - NO
  Now the issue is I can reach to internet & (also pinging to router ip 192.42.161.112) from only one network that is - 192.42.161.0/24 , BUT when I trying to access internet from another two network (192.42.160.0/24 & 192.42.162.0/24) I cant access
  it and moreover can't ping to internet router ip - 192.42.161.112...
  So how I can access to internet from other two network also? 
  I was already configured static routing for all three network but still I was not success. really I don't know what exactly static routing it should be done in routing & remote access so that all three network can reach to internet?
  Sorry if I am not able to explain properly. Please let me know if you need more explain on this...
  Thanks to all.

  Dear Milos,
  I am happy to hear from you....
  1.- Actually the setup was done long before by another guy and right now I don't want to change it. 
  Nice to hear from you! Thank you so much. Actually this is first time I am using technet forum upon the suggestion from one of the my friend. So any your help from you will help me a great in this issue...
  I ran the route print command and given follow are the results.
  I have only added the default route as per the below routes. Please guide me know how to add other static routes for three network.
  D:\Documents and Settings\Administrator>route print
  IPv4 Route Table
  ===========================================================================
  Interface List
  0x1 ........................... MS TCP Loopback interface
  0x2 ...00 30 05 ad 8f 5c ...... Broadcom NetXtreme Gigabit Ethernet - Teefer2 Mi
  niport
  0x3 ...00 0e 0c a7 c4 f8 ...... Intel(R) PRO/1000 GT Desktop Adapter - Teefer2 M
  iniport
  0x4 ...00 0e 0c a7 c5 85 ...... Intel(R) PRO/1000 GT Desktop Adapter #2 - Teefer
  2 Miniport
  ===========================================================================
  ===========================================================================
  Active Routes:
  Network Destination        Netmask          Gateway       Interface  Metric
            0.0.0.0          0.0.0.0   192.42.161.112   192.42.161.220      1
          127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
       192.42.160.0    255.255.255.0   192.42.160.220   192.42.160.220     20
     192.42.160.220  255.255.255.255        127.0.0.1        127.0.0.1     20
     192.42.160.255  255.255.255.255   192.42.160.220   192.42.160.220     20
       192.42.161.0    255.255.255.0   192.42.161.220   192.42.161.220     20
     192.42.161.220  255.255.255.255        127.0.0.1        127.0.0.1     20
     192.42.161.255  255.255.255.255   192.42.161.220   192.42.161.220     20
       192.42.162.0    255.255.255.0   192.42.162.220   192.42.162.220     20
     192.42.162.220  255.255.255.255        127.0.0.1        127.0.0.1     20
     192.42.162.255  255.255.255.255   192.42.162.220   192.42.162.220     20
          224.0.0.0        240.0.0.0   192.42.160.220   192.42.160.220     20
          224.0.0.0        240.0.0.0   192.42.161.220   192.42.161.220     20
          224.0.0.0        240.0.0.0   192.42.162.220   192.42.162.220     20
    255.255.255.255  255.255.255.255   192.42.160.220   192.42.160.220      1
    255.255.255.255  255.255.255.255   192.42.161.220   192.42.161.220      1
    255.255.255.255  255.255.255.255   192.42.162.220   192.42.162.220      1
  Default Gateway:    192.42.161.112
  ===========================================================================
  Persistent Routes:
    None
  Regards & Thanks
  Mahesh