Excellent tutorial (and pretty much the only one I have found so far)... but why not self cert? The CAcert doesn't offer much over a self cert given that most browsers won't accept it anyway (if using the same cert for remote web access).. There is a good guide on PCPro which self certs, however they do not cover remote web access....
Thanks for these videos, they have helped me tremendously along the way. I want to distinguish my VPN traffic from that of my regular users. In "Routing and Remote Access", under the properties of the server-->IPv4 tab, instead of DCHP , I selected Static address and configured my pool. I'm able to make a connection to the server but I'm not able to access any websites once I’m connected to the VPN. What do I have to do to make it work with a Static pool? Using DHCP works fine when testing.
Love your videos...question...when I first install 2012E, I tried using a Self-Signed Certificate.... I did this before I saw your other video using CACERT...I went ahead and followed your video and installed a CACERT, but now my server still shows my old Self-Signed Cert when I right click on the server name in RAS... any way I can delete the old S-S Cert and make the server use the CACERT? Thanks
I was just getting time out errrors each time I try to access a webiste, the page would time out trying to reach the site. Right now its working since its using a pool within the same subnet....are the static routes neccessary for a pool with a different subnet and where would I need to input them? I see I could right click in the static entry and add a new static route, just not clear what I should input there.
Boa! Tenho duvidas em relação a ingressar uma maquina da filial no AD. A VPN esta via dispositivos nas pontas, ou seja as maquinas já ping e compartilha dados entre se pela matriz e filial, a questão é ao ingressar pede usuário e senha e apresenta erro ao conectar ao servidor de domínio e DNS. (português Brasil)
Hello....yes I was able to ping my server while connected through VPN and also clients using use their name and they resolved to their correct LAN ip. I did not test using their FQDN.
Fixing Error 720 on a Server 2008/2008 R2 Secure Socket Tunnelling Protocol (SSTP) VPN. I’m unsure how common this problem is, or how specific to me… but it took a lot of figuring out, so in the hope that it helps someone else… I have Server 2008 R2 running the Routing and Remote Access role to serve as an SSTP (Secure Socket Tunnelling Protocol) VPN server so my Windows 7 laptop can connect to it. I recently changed my hardware router for a different router, and ever since, was receiving “Error 720: “ when trying to connect to the VPN. After a dismally long time trying pointless other things, I fixed the problem by going to the Routing and Remote Access settings (run rrasmgmt.msc on the VPN server), right clicking on the server name and selecting Properties, navigating to the IPv4 tab, and changing “Dynamic Host Configuration Protocol (DHCP)” to “Static address pool”, and entering a valid IP range in there.
No it will not auto assign CACERT You need to reconfigure the domain Go to Server Dashboard > Settings > Anywhere Access > Configure "Checked Skip router setup I want to setup my router manually box) and leave the second option unchecked I want to setup my domain manually > next > release the existing domain. To reconfigure the domain manually follow the steps in video. Copy the SSl request and paste into cacert. let me know if you need any help.
will you able to ping you local domain FQDN, while connected through VPN to your server do ping from remote client machine yourservername.yourlocaldomainname.local see if you will getting reply and do let me know.
sorry to keep bugging... do I delete all the certs in personal? I've got like 7... I'm setting up a link in my blog site for you as well! (dalemeredith.blogspot.com)
Thanks for this. It has given me the information I need to get our VPN up and running.
Excellent tutorial (and pretty much the only one I have found so far)... but why not self cert? The CAcert doesn't offer much over a self cert given that most browsers won't accept it anyway (if using the same cert for remote web access)..
There is a good guide on PCPro which self certs, however they do not cover remote web access....
Thanks for these videos, they have helped me tremendously along the way. I want to distinguish my VPN traffic from that of my regular users. In "Routing and Remote Access", under the properties of the server-->IPv4 tab, instead of DCHP , I selected Static address and configured my pool. I'm able to make a connection to the server but I'm not able to access any websites once I’m connected to the VPN. What do I have to do to make it work with a Static pool? Using DHCP works fine when testing.
which subnet you are using for static pool you need to add few static routes, do let me know
Thanks. Add Certificate Console from MMC and go to Certificate > Personal, you will find your old certificate. you can simply delete it from there.
Love your videos...question...when I first install 2012E, I tried using a Self-Signed Certificate.... I did this before I saw your other video using CACERT...I went ahead and followed your video and installed a CACERT, but now my server still shows my old Self-Signed Cert when I right click on the server name in RAS... any way I can delete the old S-S Cert and make the server use the CACERT?
Thanks
I was just getting time out errrors each time I try to access a webiste, the page would time out trying to reach the site. Right now its working since its using a pool within the same subnet....are the static routes neccessary for a pool with a different subnet and where would I need to input them? I see I could right click in the static entry and add a new static route, just not clear what I should input there.
Boa! Tenho duvidas em relação a ingressar uma maquina da filial no AD. A VPN esta via dispositivos nas pontas, ou seja as maquinas já ping e compartilha dados entre se pela matriz e filial, a questão é ao ingressar pede usuário e senha e apresenta erro ao conectar ao servidor de domínio e DNS. (português Brasil)
in that case you should able to access your remote access website. which error you are getting ?
Hey man I love the video very informative. I was just wondering why did you make it without talking?
+jhowellburke Hey man i love your comment. Why don't you make your own video with commentating?
Hello....yes I was able to ping my server while connected through VPN and also clients using use their name and they resolved to their correct LAN ip. I did not test using their FQDN.
Thanks. no not all the certificates only that certificate belongs to domain host name remote xyz com, net or whatever domain name you are using
Fixing Error 720 on a Server 2008/2008 R2 Secure Socket Tunnelling Protocol (SSTP) VPN.
I’m unsure how common this problem is, or how specific to me… but it took a lot of figuring out, so in the hope that it helps someone else…
I have Server 2008 R2 running the Routing and Remote Access role to serve as an SSTP (Secure Socket Tunnelling Protocol) VPN server so my Windows 7 laptop can connect to it. I recently changed my hardware router for a different router, and ever since, was receiving “Error 720: “ when trying to connect to the VPN.
After a dismally long time trying pointless other things, I fixed the problem by going to the Routing and Remote Access settings (run rrasmgmt.msc on the VPN server), right clicking on the server name and selecting Properties, navigating to the IPv4 tab, and changing “Dynamic Host Configuration Protocol (DHCP)” to “Static address pool”, and entering a valid IP range in there.
No it will not auto assign CACERT You need to reconfigure the domain
Go to Server Dashboard > Settings > Anywhere Access > Configure "Checked Skip router setup I want to setup my router manually box) and leave the second option unchecked I want to setup my domain manually > next > release the existing domain. To reconfigure the domain manually follow the steps in video. Copy the SSl request and paste into cacert.
let me know if you need any help.
how do you get the cacert that says issued to your information
Can we login domain user outside company network???
will that auto assign my new CACERT?
please click like on facebook i need to reach 30 likes and share the facebook link if you can. thanks
What is the name of the song?
I followed everything and went over it for like 5 times but I keep getting cannot get information from the server.
any ideas? thanks in advance.
will you able to ping you local domain FQDN, while connected through VPN to your server do ping from remote client machine yourservername.yourlocaldomainname.local see if you will getting reply and do let me know.
My LAN DHCP is at 192.168.100.200-205 and I want to setup my VPN static pool with the address of 10.168.100.200-205. Thanks for your help.
I get ,SSTP Error 0x8007274D
sorry to keep bugging... do I delete all the certs in personal? I've got like 7... I'm setting up a link in my blog site for you as well! (dalemeredith.blogspot.com)