Server Fault Asked by Asagohan on February 16, 2021
We have an IPSEC/L2TP PSK VPN on Windows Server 2012 using RRAS. This usually works fine, but now with so many staff working from home due to COVID-19, I am getting complaints of the VPN dropping out on a few mobile devices. So now I am trying to get IKEv2 VPN to work in RRAS. I only have the small amount of experience with setting up the L2TP VPN that we have. I figured that I could just add some IKEv2 ports on RRAS and as long as I specify the correct CN on the server certificate when connecting, I would be able to connect using PSK. So far I have been unsuccessful. I also exported the certificate and tried to connect using that which also didn’t work.
I have used Wireshark to check if the RRAS server was receiving requests from my client and I saw “ISAKMP 646 IKE_SA_INIT MID=00 Initiator Request” multiple times, but the RRAS server never responds.
I cannot find any errors or information in %windir%/System32/LogFiles or %windir%/tracing. I have also checked Event Viewer in Custom Views/Server Roles/Remote Access and Custom Views/Server Roles/Network Policy And Access Services without finding any reports of connection issues.
We are using a Cisco 800 series router and the following lines are present which I assume is all I need to pass through the VPN traffic to the RRAS server:
ip nat inside source static udp 500 interface Loopback1 500
ip nat inside source static udp 4500 interface Loopback1 4500
I don’t know what to do next to diagnose why the server is not acting on “ISAKMP 646 IKE_SA_INIT MID=00 Initiator Request”.
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP