Announcement

Collapse
No announcement yet.

SSTP VPN setup

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • SSTP VPN setup

    Hello all,

    my first topic here and my first server.

    I am a computer engineer specialized in hardware.

    Recently i tried to install a Win 2008 R2 Enterprise server to be a router (RRAS) and VPN (SSTP) for home use.

    After studying alot of stuff on the net i have come up with this.

    Small form ITX server

    2 NICS: 1 ip: 89.x.x.x (assigned by ISP) 2 ip: 192.168.1.1 (static for DHCP)

    installed on server:

    AD DC
    DNS
    IIS
    all needed to get and use SSL certificate (RA issued)

    RRAS (NAT+VPN) no NPS server
    DHCP (1 scope)

    This works OK in the sense the local clients have net access.

    Remote clients can connect to either the public IP or to domain name. Can access the internal network but Can't go out on the net. Also sometimes, even if i know the server is powered on i can't ping it. Mind that firewall is disabled and service stopped.

    Tried anything my uber noob mind can think of and best i can do is make clients to connect to VPN.

    Asked our server admin to remote and take a look. His opinion is that this setup does not work because internal NIC has no gateway and can't have one because of the other NIC IP is in a different class. Suggested that i route the net with a dedicated server or with SOHO router.

    Please help me! Tell me what is wrong, what works with what because i am going out of my mind here!

    Thank you!

  • #2
    Re: SSTP VPN setup

    About the nic configuration, he is incorrect.
    Although it is related to TMG, it is still applicable for your gateway question.
    Please review: http://blog.nessus.nl/416/how-you-sh...r-isa-and-tmg/

    Also, have you followed this article?
    http://www.windowsecurity.com/articl...ver-Part2.html
    Else review: http://technet.microsoft.com/en-us/n.../bb545655.aspx
    Last edited by Dumber; 2nd September 2010, 15:07.
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: SSTP VPN setup

      When i configured the server i followed the tutorials found on some internet sites. Including the ones you mentioned.

      Following you blog page i have made several modifications to the NIC configuration:

      1. No DNS in external NIC
      2. internal DNS on internal NIC
      3. simplified configuration by uninstalling DHCP - now using static pool from RRAS

      No changes! still issues with accessing the server remote from outside the network. Still can't forward internet traffic trough VPN.

      will try:

      1. uninstall AD DS (i know there are issues runing more NICS with AD DS)
      2. uninstall DNS

      i do not need those 2. i only need the SSL certificate that i already have.

      Any ideas from someone running VPN server?

      What would be the simple/standard server config to run VPN?

      Comment

      Working...
      X