This video NAILED IT!! I've been trying to setup L2TP to my home lab for weeks & was unsuccessful until watching this video. All other videos I watched did not mention these steps. Thanks a lot!!
Absolutely brilliant tutorial. I can't believe I have a working L2TP vpn tunnel into my home network. Screw DHCP; instant vague problems that were pretty tough to troubleshoot. Static IP pool all the way. Android connected out of box perfectly. Can't wait to test it out the next time i'm at starbucks.
How critical are the regedit and local security policy steps? It seems weird that they aren't needed on other platforms. With android there was just the username / pw and preshared key. I haven't tested it out myself but for windows 7 clients it seems like it's not needed as well?
Good question. They only seem to be important if you use Windows PCs. Some people said they got it to work without it, but this is a comprehensive tutorial that covers all contingencies. It didn't work for me without it as an example.
Same here. I realize i'm causing more headaches for myself by being behind a router / firewall as well. One of these days i'll put it outside! Thanks again.
Thank you for this amazing video. It was the very first guide, that finally worked for me. Any other guide I tried before didn't. Great work - Thank you!
Thanks for making the video, saved me hours of searching for these answers! This worked perfectly for me. Feel free to make a "how to lock down your vpn server" video as well. :)
Thanks for this video, just what I needed. I did find, that the local machine policy wasn't needed in my case, the registry string alone solved my connection issue.
Hiya, Did you make the port forwarding video? I understand MS machines will not work over a NAT enabled router? SO I put it ni bridge mode and use my firewall as the 'router', but its complicated! its a USG60 Zywall. Perhaps you have a video in hand? :)
I have done many firewall videos but I focused on Cisco ASA because of their market share. Zywall is very difficult and confusing. I usually just replace them. Sorry about that.
Thank you Robert McMillen , this help me so much. I being searching on the web and i never found a solution i was thinking that it was my router that was faulty but with this is solved it thanks.
Hi Robert, just a quick question, I've checked on forums, they don't recommend setting up Remote Access Server on a DC, But you did it. Can I do this also?? Cause its working DC in a work environment not lab. 2- Can i Use VM as domain member of physical DC and make it as Remote Access Server?? Thanks!!
Can you explain what exactly the registry entry is doing? Also, what is the IP Security policy doing? Doesn't seem to be related to L2TP in anyway. Is this just something if you have an older computer running an old windows edition?
afrch7 Thank you Robert. Great video. However something doesn't work on my system. When I am trying to connect to the server I am getting an error message saying: "the L2TP connection attempt failed because the security layer encountered a processing error during initial negotiation with the remote computer". What could be wrong?
How do you set it up for static IP addresses. I need my clients to connect with the same IP addresses each time Example :bob would always get the same VPN ip address
I have successfully set this up thanks to the help from this video. However, I am trying to do the same thing at another location and can not make it work. I am assuming because to the "client" policy assigned in the mmc console?
Great video. Can I create 2 IP security policies (step 8) that will allow connections with different PSK? It does not allow to set both IP security policies assigned at the same time. Thank you.
Thank you for a great video, You have a knack for clarity and organization, I also was wondering if you created the video for opening the L2TP ports on a cisco router/firewall? My device is a UC540, sw ver. 15.1
Thanks for this amazing tutorial :) 2 questions though: 1- what if you cannot restart the server (so many clients are dependent on it), can we restart services instead. and if so what are they? 2- Do we have to allow any port on our routers? UDP ports for L2TP? Thanks
Thanks for the video! Followed it and am now up and running! The only issue is that I can't connect with my Android Device. Do I need to add it to my domain controller somehow, or am I missing something else?
When I try to access active directory and users, a pop up box appears and tells me that I should use local users and groups or log on as a user with domain administration rights..Any idea why? Thank you!
This was working perfectly for me on 2012 r2 but getting a connection to remote computer cannot be established on 2019 std. exact same setup, same router, forwarding ports to same ip, disabled windows firewall. nothing.. get username prompt but get error right after. Any suggestions? thanks in advance.
@@techpub Thanks for the reply. It started working after I a) forwarded pptp to server b) added a static pool (which wasn't necessary b/f). One of those things, probably the second fixed it. I doubt it's the first since it's working with the l2tp client. Again, thxs for reply. I forwarded pptp b/c I was giving up on l2tp. will probably disable it now.
The registry change to add AssumeUDPEncapsulationContextOnSendRule, is there a Mac equivalent that needs to be done? I see your explanation above of what the Windows change is for but I can't find a Mac equivalent (specifically for Sierra 10.12)
Hi Rob can you please explain how you went about the first step. Did you configure your router for port forwarding or was it all on the windows server. Can I use the User and password i created on the server to connect in the VPN connection i created on client computer
Sure. You will need to do the firewalls on both the server and your edge router/firewall. Just open the ports on Windows and port forward on the firewall the exact ports as you see them in the first step. Yes you will use the VPN secret password in the client settings and the client's Windows username and password in the client VPN setup.
are you avaiable for help on advice on setting up a web server? i have 3 small websites that i want to host myself on my windows 2012 r2 machine instead of using a 3rd party hosting company like godaddy or others, do you have any videos that could help?
If you have a Cisco router, here are the commands to port forward ip nat inside source static udp 1701 1701 extendable ip nat inside source static udp 500 500 extendable ip nat inside source static udp 4500 4500 extendable
thanks you but it didn't work with me i did exactly as you did in the video but never connected to the server i wish if you could help me ''the l2tp connection attempt failed because the security layer encountered windows 10''
Hi Robert, thanks for this excellent video. Question here: what if I am using an edge router to setup the vpn on the server? Do I still follow all the steps on the Windows 2012 Server?
If you're using your EdgeRouter as the VPN server, you won't be configuring VPN services on your server. If you're using the Windows Server's VPN server, you'll just need to configure the port forwards on your EdgeRouter.
Hi Robert, I've been running L2TP for a few years, but the connection to my server is always spotty. I sometimes cannot connect (DDNS is forwarding correctly can RDP to my desktop machine always). I also setup OpenVPN to my router which I can connect to. However, I'd like to use LT2P because then I don't need additional software. I always seem to fiddle with something then it stops working. I noticed when I do a netstat I don't see the windows server listening on 4500 or 1701, and the connection is refused by any clients. I did not setup the local polices, but i'm not sure why these are needed if the ports are already open local windows firewalls are not blocking (turned off to be sure) and router is port fowarding.
Sounds like the places you're going may be blocking L2TP or you may have an internet connection that is not very stable. You can switch to SSTP so it won't be blocked, or IKEv2 which is good for unstable connections. Both are also possible with Windows VPN.
@@techpub Thanks again. Today I ran into a new problem trying to get an L2TP connection going. I went through your instructions 3 times, triple checked everything, tried it both WiFi and hardwired adapter, tried it from different locations, scanned the PC for malware, still no connection. Also, I was able to confirm the settings worked perfectly from another PC. Eventually I got an error message that I was able to use to search for a solution. The solution was to remove and replace the WAN network drivers through the device manager. Perhaps someone else reading these comments might benefit by this since it probably took me four hours to figure it out.
Hi Robert. I used your guide to setup L2TP on a Win 2012 R2 server. It worked very well for a few months but now we cannot connect. The error is, of course, very vague and reads: "A connection to the remote computer could not be established. You might need to change the network settings for this connection." Any advice? Thanks!
Yes. Check to see if it works internally by pointing a PC to the inside IP. If it works then it's an outside firewall issue. Some ISPs randomly block ports. If it doesn't work then just delete and recreate the config. Windows corruption with VPN is common.
Robert McMillen Hi Robert. Thank you for the assistance, I it was something with the client side config on both of my Win 10 clients (my Win 7 client had no issues at all). If I haven't already, you definitely have another subscriber! Thanks again!
Regarding the regedit to add DWORD: "It may not have to be done but in many cases it does and I wanted to cover all possibilities. You can try it without it. If it needs it you can push it out with a script in a group policy. Macs and phones don't need it." How are routers affected?
Thank you very much, it works fine for me, I have a question, I am using a L2TP VPN from Mac and I am trying to enable the option send all traffic over VPN connection and then the connection fail cant connect send me error. but if i disabled this option it works perfectly. thank i appreciate your answer
Hello great video. I was able to set up my server. Im trying to connect to it using Android. I think I may be getting the username wrong. I dont have Active Directory on my network, so the server is not appart of a domain. So would I put something like HOSTNAME\\Username, for the username? Thank you
Hi and thanks for this video Robert. I'm on Windows Server 2019 and I have an issue. "The number of remote VPN clients connecting to the server is greater than the number of IP addresses available in the static IP address pool on the VPN server." I have only 1 client connected. So, I don't understand! Thanks.
Hi, nice video, thanks for taking the time to put this together. I've been looking around the internet as I have setup this new VPN several times with no luck what-so-ever.. Everything appears to be setup correctly, but when I try and make the VPN connection, I get this error "Can't connect to 'VPN_NAME' The specified protocol identifier is not known to the router." I've googled this error with no luck, is this something you may have come across? I am doing this with Server 2016 and Windows 10 (both BUILD 1607) on a LAN not via the internet. I am not sure if this is a bug, or a configuration issue. Any help would be greatly appreciated.
I had this same issue when I didn't use the exact name on the certificate. It has to match. If you can't ping the name of the certificate then either add a DNS host record or an entry to your hosts file on your PC.
Hi Robert, Thanks for your help is trying to sort out my problem. I'm not expert on CA's. I have run this command "certutil -config - -ping" and it does show up the new CA in my network, and upon clicking OK, it says ----- DC.domain.local\domain-DC-CA Connecint to DC.domain.local\domain-DC-CA ... Server "domain-DC-CA" IcertRequest2 interface is alive (31ms) CertUtil: -ping command completed successfully. ----- Checking the AD Group "Cert Publishers" the server is also in this group. I have also checked that IIS is installed and the "CertEnroll" Virtual directory is present and permissions of "Anonymous Authentication" is enabled. Where did you need to use the same name as on the certificate? What DNS record do I need to check/create? Thanks again for taking the time to help me.
I logged into the CA via my web browser "servername/certsrv" I tried to request a new cert and got this error -> --- Error Your request failed. An error occurred while the server was processing your request. Contact your administrator for further assistance. Request Mode: newreq NN - New Request (keygen) Disposition: (never set) Disposition message: (none) Result: Invalid pointer 0x80004003 (-2147467261 E_POINTER) COM Error Info: CCertRequest::Submit: Invalid pointer 0x80004003 (-2147467261 E_POINTER) LastStatus: The operation completed successfully. 0x0 (WIN32: 0) Suggested Cause: No suggestions. ---
I've followed the instruction carefully and successfully connected to the VPN server, but from my client side the IP address remain unchanged, somebody knows why?
You should still have your original IP but you will add a second IP assuming you have a DHCP server on your network. If not, then go ahead and add it in and then it should work. You can add it from server manager, add roles and features, and then DHCP.
I end up realising, the end goal what I was trying to achieve is build a gateway through a VPN. So, VPN is only part of the formula. Hope this could shine some light on people who encountering the same problem as I do. Thanks Robert for the reply.
A Microsoft Certified Trainer and Solution Expert , Please i have been learning a lot from your channel first thank you so much , but do you have any idea on hacking a phone Hotspot AP any Wifi password please ?
okay thank you , i will get the app and i will see how it works , but second can see the password of already connected Hotspot connection , how do i check that ? can i do that in command prompt ? please i am waiting your response , thanks
It sores the copies of all of the settings that makes Windows work. In Linux they use text files, but Windows uses two files that make up the registry.
This video NAILED IT!! I've been trying to setup L2TP to my home lab for weeks & was unsuccessful until watching this video. All other videos I watched did not mention these steps. Thanks a lot!!
Awesome!
Thank you so much Robert. I was using PPTP and was scared to death because it is a weakened protocol. I feel more secured with the L2PT protocol.
I know this video is almost 2 years old, but still very useful....THANKS!
Great!
Absolutely brilliant tutorial. I can't believe I have a working L2TP vpn tunnel into my home network. Screw DHCP; instant vague problems that were pretty tough to troubleshoot. Static IP pool all the way. Android connected out of box perfectly. Can't wait to test it out the next time i'm at starbucks.
Glad it helped!
I just got that verizon FiOS gigabit internet so perfect timing.
How critical are the regedit and local security policy steps? It seems weird that they aren't needed on other platforms. With android there was just the username / pw and preshared key. I haven't tested it out myself but for windows 7 clients it seems like it's not needed as well?
Good question. They only seem to be important if you use Windows PCs. Some people said they got it to work without it, but this is a comprehensive tutorial that covers all contingencies. It didn't work for me without it as an example.
Same here. I realize i'm causing more headaches for myself by being behind a router / firewall as well. One of these days i'll put it outside! Thanks again.
I love your work Robert.!! Very thorough!! Thank you!!
Glad it was helpful!
Ben trying to get this to work for about 2 months. Enabling the network policies is what I was missing. Thanks a bunch!
Awesome!
Thank you for this amazing video. It was the very first guide, that finally worked for me. Any other guide I tried before didn't. Great work - Thank you!
Great video. as you mentioned there are a lot of videos out there, but this one is the one has worked for me. well done!
So glad it helped.
Thanks for making the video, saved me hours of searching for these answers! This worked perfectly for me.
Feel free to make a "how to lock down your vpn server" video as well. :)
Glad it helped!
Thanks for this video, just what I needed.
I did find, that the local machine policy wasn't needed in my case, the registry string alone solved my connection issue.
WOW! I've searched for something like this for looooong time. Thank you, great tutorial!!!
Glad it helped!
@@techpub is there any change in RRAS in W2016? On 2012R2 it works, on 2016 it connects but i cannot cannot ping myself and other computers...
This video was very easy to follow and ended up working as expected on Server 2012 R2. Question, does this incorporate IPSec?
Did you ever do the video on port forwarding those UDP's?
Hiya, Did you make the port forwarding video? I understand MS machines will not work over a NAT enabled router? SO I put it ni bridge mode and use my firewall as the 'router', but its complicated! its a USG60 Zywall. Perhaps you have a video in hand? :)
I have done many firewall videos but I focused on Cisco ASA because of their market share. Zywall is very difficult and confusing. I usually just replace them. Sorry about that.
Thank you very much Robert. This is real the best and working instructions. I subscribed to your channel.
You are welcome. Thanks for watching.
Thank you Robert McMillen , this help me so much. I being searching on the web and i never found a solution i was thinking that it was my router that was faulty but with this is solved it thanks.
Glad it helped!
hello! do i need to do anything for mobile phones (andriod, IOS) for L2TP , any settings?
Hi Robert, just a quick question, I've checked on forums, they don't recommend setting up Remote Access Server on a DC, But you did it. Can I do this also?? Cause its working DC in a work environment not lab. 2- Can i Use VM as domain member of physical DC and make it as Remote Access Server?? Thanks!!
Correct they don't but for demo purposes it works fine. It also works on a DC in production but it could be a security risk.
Can you explain what exactly the registry entry is doing? Also, what is the IP Security policy doing? Doesn't seem to be related to L2TP in anyway. Is this just something if you have an older computer running an old windows edition?
afrch7
Thank you Robert. Great video. However something doesn't work on my system. When I am trying to connect to the server I am getting an error message saying: "the L2TP connection attempt failed because the security layer encountered a processing error during initial negotiation with the remote computer". What could be wrong?
That is usually an error with the registry change or the policy change. Double check you did those as per the video and try again.
How do you set it up for static IP addresses. I need my clients to connect with the same IP addresses each time Example :bob would always get the same VPN ip address
You would setup a MAC reservation. ruclips.net/video/8clPG66l6D0/видео.html
I have successfully set this up thanks to the help from this video. However, I am trying to do the same thing at another location and can not make it work. I am assuming because to the "client" policy assigned in the mmc console?
Great video. Can I create 2 IP security policies (step 8) that will allow connections with different PSK? It does not allow to set both IP security policies assigned at the same time. Thank you.
Thank you for a great video, You have a knack for clarity and organization,
I also was wondering if you created the video for opening the L2TP ports on a cisco router/firewall? My device is a UC540, sw ver. 15.1
Hey Robert, does VPN service needs to be in a domain controller or can be installed in separate server within the network?
Any domain joined server
Thanks for this amazing tutorial :)
2 questions though:
1- what if you cannot restart the server (so many clients are dependent on it), can we restart services instead. and if so what are they?
2- Do we have to allow any port on our routers? UDP ports for L2TP?
Thanks
Thank you Robert, this just helped me 100%
Glad it helped.
Thanks for the video! Followed it and am now up and running! The only issue is that I can't connect with my Android Device. Do I need to add it to my domain controller somehow, or am I missing something else?
I should be trying this soon to enable our now many remote employees working from home to securely connect to HQ to access resources. Thanks.
This worked perfectly!
When I try to access active directory and users, a pop up box appears and tells me that I should use local users and groups or log on as a user with domain administration rights..Any idea why? Thank you!
This was working perfectly for me on 2012 r2 but getting a connection to remote computer cannot be established on 2019 std. exact same setup, same router, forwarding ports to same ip, disabled windows firewall. nothing.. get username prompt but get error right after.
Any suggestions? thanks in advance.
Re enable the firewall and just open the ports. When disabled, many services don't work anymore.
@@techpub Thanks for the reply. It started working after I a) forwarded pptp to server b) added a static pool (which wasn't necessary b/f). One of those things, probably the second fixed it. I doubt it's the first since it's working with the l2tp client.
Again, thxs for reply.
I forwarded pptp b/c I was giving up on l2tp. will probably disable it now.
Thank you Robert for making this video.
So glad it helped.
With this setup can I have access from iOS using L2TP VPN Connection as well?
Thank You for the answer and your video.
Yes we have done this with our customers on Mac and IOS along with all versions of Windows.
Robert McMillen perfect, I really appreciate your reply and your video.
The registry change to add AssumeUDPEncapsulationContextOnSendRule, is there a Mac equivalent that needs to be done? I see your explanation above of what the Windows change is for but I can't find a Mac equivalent (specifically for Sierra 10.12)
No there is not. No need to make any changes like that. Just omit from the steps.
Awesome, thank you sir! I just tested and you are right, works for everything from 10.7 - 10.12
i'm stuck on the part where you supposed to use certificates
You can just use the shared passphrase instead.
But why not using best practices - shared passphrase is only for test environments (yes it works) but I never seen it in production ...
Hi Rob can you please explain how you went about the first step. Did you configure your router for port forwarding or was it all on the windows server.
Can I use the User and password i created on the server to connect in the VPN connection i created on client computer
Sure. You will need to do the firewalls on both the server and your edge router/firewall. Just open the ports on Windows and port forward on the firewall the exact ports as you see them in the first step. Yes you will use the VPN secret password in the client settings and the client's Windows username and password in the client VPN setup.
thanks for the great and easy to follow setup, help me out loads going to check out your other videos now
So glad to hear it!
are you avaiable for help on advice on setting up a web server? i have 3 small websites that i want to host myself on my windows 2012 r2 machine instead of using a 3rd party hosting company like godaddy or others, do you have any videos that could help?
If you have a Cisco router, here are the commands to port forward
ip nat inside source static udp 1701 1701 extendable
ip nat inside source static udp 500 500 extendable
ip nat inside source static udp 4500 4500 extendable
thanks you but it didn't work with me i did exactly as you did in the video but never connected to the server i wish if you could help me
''the l2tp connection attempt failed because the security layer encountered windows 10''
Hi Robert, thanks for this excellent video. Question here: what if I am using an edge router to setup the vpn on the server? Do I still follow all the steps on the Windows 2012 Server?
If you're using your EdgeRouter as the VPN server, you won't be configuring VPN services on your server. If you're using the Windows Server's VPN server, you'll just need to configure the port forwards on your EdgeRouter.
Hi Robert, I've been running L2TP for a few years, but the connection to my server is always spotty. I sometimes cannot connect (DDNS is forwarding correctly can RDP to my desktop machine always). I also setup OpenVPN to my router which I can connect to. However, I'd like to use LT2P because then I don't need additional software. I always seem to fiddle with something then it stops working. I noticed when I do a netstat I don't see the windows server listening on 4500 or 1701, and the connection is refused by any clients. I did not setup the local polices, but i'm not sure why these are needed if the ports are already open local windows firewalls are not blocking (turned off to be sure) and router is port fowarding.
Sounds like the places you're going may be blocking L2TP or you may have an internet connection that is not very stable. You can switch to SSTP so it won't be blocked, or IKEv2 which is good for unstable connections. Both are also possible with Windows VPN.
You are my new hero. Thank you much.
Glad to hear it helped.
All I can say is - thank you, thank you, thank you, thank you!
Happy to help!
@@techpub Thanks again. Today I ran into a new problem trying to get an L2TP connection going. I went through your instructions 3 times, triple checked everything, tried it both WiFi and hardwired adapter, tried it from different locations, scanned the PC for malware, still no connection. Also, I was able to confirm the settings worked perfectly from another PC. Eventually I got an error message that I was able to use to search for a solution. The solution was to remove and replace the WAN network drivers through the device manager. Perhaps someone else reading these comments might benefit by this since it probably took me four hours to figure it out.
THANK YOU, THANK YOU, THANK YOU... Apple really made this hard... no good instructions... yours were perfect!!! Thanks you!
Awesome!
Hi Robert. I used your guide to setup L2TP on a Win 2012 R2 server. It worked very well for a few months but now we cannot connect.
The error is, of course, very vague and reads:
"A connection to the remote computer could not be established. You might need to change the network settings for this connection."
Any advice?
Thanks!
Yes. Check to see if it works internally by pointing a PC to the inside IP. If it works then it's an outside firewall issue. Some ISPs randomly block ports. If it doesn't work then just delete and recreate the config. Windows corruption with VPN is common.
Robert McMillen Hi Robert. Thank you for the assistance, I it was something with the client side config on both of my Win 10 clients (my Win 7 client had no issues at all).
If I haven't already, you definitely have another subscriber!
Thanks again!
Thank for the tutorial, but how about router gateway port forwarding for the L2TP VPN?
On my list.
Awesome!
Great Video Robert.
Glad it helped!
I can connect from a Win10 PC but cannot connect from my iphone running IOS 10.3.1, keeps saying L2TP-VPN server did not respond... any ideas?
You could just use PPTP instead and open ports 1723 and GRE on the firewall. The VPN server is already setup to work that way.
Don't have a solution but I can tell you that PPTP won't work from IOS 10. Apple has removed support for it as it's not secure.
Regarding the regedit to add DWORD: "It may not have to be done but in many cases it does and I wanted to cover all possibilities. You can try it without it. If it needs it you can push it out with a script in a group policy. Macs and phones don't need it."
How are routers affected?
Adding or not adding the DWORD won't affect the routers.
Thank you for this tutorial ....
Very simple and work perfectly .....
Glad to hear it!
Thank you very much, it works fine for me, I have a question, I am using a L2TP VPN from Mac and I am trying to enable the option send all traffic over VPN connection and then the connection fail cant connect send me error. but if i disabled this option it works perfectly. thank i appreciate your answer
I've seen that happen before in Windows as well. Not sure about the Mac but in windows we do a TCPIP stack reset and recreate the VPN adapter.
Hello great video. I was able to set up my server. Im trying to connect to it using Android. I think I may be getting the username wrong. I dont have Active Directory on my network, so the server is not appart of a domain. So would I put something like HOSTNAME\\Username, for the username? Thank you
You would put computername\username
Video was a life saver thanks!
Robert, Thank you for the tutorial - brilliant.
Many Thanks! This really helped me out!
Glad I could help.
Copy Paster from here AssumeUDPEncapsulationContextOnSendRule
Shouldn't this be capable of being done WITHOUT regedit? I did this just fine without ever touching RegEdit.....
For Windows 10 clients I have found that sometimes it works without regedit and sometimes not. Iw anted to cover all bases.
@@techpub Interesting. Thanks for the response :)
Mate, I really appreciate that! Thank you very much!
Thanks for watching.
Hi Robert,
it works great on my windows 10 client , i am trying to configure vpn on my samsung s6 vpn but it does not work.
Not sure the issue there. What error do you get?
Thanks for the great tutorial. Kudos
Awesome! Glad it helped.
Hi and thanks for this video Robert. I'm on Windows Server 2019 and I have an issue.
"The number of remote VPN clients connecting to the server is greater than the number of IP addresses available in the static IP address pool on the VPN server."
I have only 1 client connected. So, I don't understand! Thanks.
try just letting your dhcp server handle it see if that helps. I don't use a static pool and it works fine.
Thank you Sir, worked perfectly!!!
Hi, nice video, thanks for taking the time to put this together.
I've been looking around the internet as I have setup this new VPN several times with no luck what-so-ever..
Everything appears to be setup correctly, but when I try and make the VPN connection, I get this error "Can't connect to 'VPN_NAME' The specified protocol identifier is not known to the router."
I've googled this error with no luck, is this something you may have come across? I am doing this with Server 2016 and Windows 10 (both BUILD 1607) on a LAN not via the internet. I am not sure if this is a bug, or a configuration issue.
Any help would be greatly appreciated.
I had this same issue when I didn't use the exact name on the certificate. It has to match. If you can't ping the name of the certificate then either add a DNS host record or an entry to your hosts file on your PC.
Hi Robert,
Thanks for your help is trying to sort out my problem.
I'm not expert on CA's. I have run this command "certutil -config - -ping" and it does show up the new CA in my network, and upon clicking OK, it says
-----
DC.domain.local\domain-DC-CA
Connecint to DC.domain.local\domain-DC-CA ...
Server "domain-DC-CA" IcertRequest2 interface is alive (31ms)
CertUtil: -ping command completed successfully.
-----
Checking the AD Group "Cert Publishers" the server is also in this group.
I have also checked that IIS is installed and the "CertEnroll" Virtual directory is present and permissions of "Anonymous Authentication" is enabled.
Where did you need to use the same name as on the certificate?
What DNS record do I need to check/create?
Thanks again for taking the time to help me.
I logged into the CA via my web browser "servername/certsrv"
I tried to request a new cert and got this error ->
---
Error
Your request failed. An error occurred while the server was processing your request.
Contact your administrator for further assistance.
Request Mode:
newreq NN - New Request (keygen)
Disposition:
(never set)
Disposition message:
(none)
Result:
Invalid pointer 0x80004003 (-2147467261 E_POINTER)
COM Error Info:
CCertRequest::Submit: Invalid pointer 0x80004003 (-2147467261 E_POINTER)
LastStatus:
The operation completed successfully. 0x0 (WIN32: 0)
Suggested Cause:
No suggestions.
---
You can just copy the certificate from your server to your PC and install it that way. Add it to the trusted root certificates when prompted.
The certificate is already in the certificate store (Trusted root) on the computer, as it is part of the domain.
Does this work for Windows 2008 Server?
Yes it does but it looks more like this in R2 then in the first release.
Hey what are the steps to change from PPTP to L2TP?
PPTP is enabled by default so if you already have that setup, just start the procedure from the point where RRAS is already installed and continue.
Hello sir, thank you,
And can I have L2TP and PPTP running at the same time? I already have PPTP, and If i setup L2TP , PPTP wont be disabled right
I've followed the instruction carefully and successfully connected to the VPN server, but from my client side the IP address remain unchanged, somebody knows why?
me too, i connected with my mac, but not working and also very slow
You should still have your original IP but you will add a second IP assuming you have a DHCP server on your network. If not, then go ahead and add it in and then it should work. You can add it from server manager, add roles and features, and then DHCP.
Robert McMillen I think he means the IP showing up when you go to sites like whatismyip.com/
I end up realising, the end goal what I was trying to achieve is build a gateway through a VPN. So, VPN is only part of the formula. Hope this could shine some light on people who encountering the same problem as I do.
Thanks Robert for the reply.
Thank you very very very much
You Genius .
Can you please make a video for OpenVpn
thank you
Works but no resources on the remote system....
For some reason the server regedit didn't save. Confirmed save fixed issue.
you re my hero
Glad to hear it helped you out.
This works with android?
It will work with any L2TP client. We also tested with iPhone.
Thank you!
A Microsoft Certified Trainer and Solution Expert , Please i have been learning a lot from
your channel first thank you so much , but do you have any idea on hacking a phone Hotspot AP any Wifi password please ?
You would use AIrSnort to sniff the packets. They have a good tutorial when you download the free software.
okay thank you , i will get the app and i will see how it works , but second can see the password of already connected Hotspot connection , how do i check that ? can i do that in command prompt ? please i am waiting your response , thanks
Thanks!
Glad it helped you!
Why is a Regedit needed?
It sores the copies of all of the settings that makes Windows work. In Linux they use text files, but Windows uses two files that make up the registry.
I love it
Yay!
Destroy the enemy :)
regedit:Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent