Otdfbt

Why ambiguous grammars are bad?

bash vs. zsh: What are the practical differences?

Zig-zag function - coded solution

Housemarks (superimposed & combined letters, heraldry)

What is the reason for setting flaps 1 on the ground at high temperatures?

Assigning function to function pointer, const argument correctness?

Extracting data from Plot

noalign caused by multirow and colors

How do you play "tenth" chords on the guitar?

Why do some devices use electrolytic capacitors instead of ceramics for small value components?

Why did Intel abandon unified CPU cache?

Is it okay to have a sequel start immediately after the end of the first book?

Grep Match and extract

What is the logic behind charging tax _in the form of money_ for owning property when the property does not produce money?

Confused with atmospheric pressure equals plastic balloon’s inner pressure

How can one's career as a reviewer be ended?

Why do radiation hardened IC packages often have long leads?

Are polynomials with the same roots identical?

Do you need to let the DM know when you are multiclassing?

Trying to get (more) accurate readings from thermistor (electronics, math, and code inside)

How to destroy a galactic level civilization and still leave behind primitive survivors?

Does the Nuka-Cola bottler actually generate nuka cola?

Hatch with Shading

Was planting UN flag on Moon ever discussed?

Windows Server 2019 - L2TP VPN in RRAS only accessable from internal interface, not from external

Assistance on setup to Connect an offsite server to the LAN via RRAS VPN - Server 2008 R2Windows Server 2008 R2 RAS VPN: access server on internal interface ipSingle NIC VPN Setup on Server 2008 R2 and RRASWindows Server VPN: Error 720Sharing Cisco VPN connection with network peersFreeBSD L2TP/IPsec not routing traffic to vpn serverSonicWall - connecting to L2TP VPN from DMZL2TP + IPSec pfSense: can ping, no accessCan't connect multiple user to L2TP VPN server (Error 720)OpenVPN Windows 10 Server, Windows 7 Client, can ping each other on VPN IPs but nothing more?

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;

0

I have a problem installing a L2TP VPN Connection with Windows Server 2019.

There are two interfaces:
"Intern" - 10.0.0.1 / Internal interface
"Extern" - 192.168.2.3 / External interface, connected through router to the internet

I can easily connect to the VPN from a local PC, in the same network, e.g. 10.0.0.10. Connection can be established with the correct user and PSK.

But when I try to connect to 192.168.2.3 (from the 10.0.0.10, 192.168.2.3 is accessable from this IP, because of routing) or from external (internet, correct port-forwarding in Internet-Router (FritzBox)), I just get no connection established.

The only thing is the NAT between it. The client is correct configured, included the registry values HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesIPSec and HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesPolicyAgent

What am I doing wrong? Firewall cannot be the problem, because I deactivated the firewall for testing purposes.

Maybe somebody has an idea that could help. Thanks very much in advance.

EDIT: The ISAKMP packets are received, but there is no response from the server (see wireshark screenshots). The firewall dropped nothing, because it was disabled for test purposes.

Screenshots of the configuration:
External Interface Routing Settings
Internal Interface Routing Settings
External Interface Port-Forwarding Settings
Routing settings
Routing security settings
Interface list
enter image description here

vpn l2tp windows-server-2019

share|improve this question

edited May 27 at 19:42

Marc M

asked May 26 at 21:24

Marc MMarc M

13

add a comment | 

0

I have a problem installing a L2TP VPN Connection with Windows Server 2019.

There are two interfaces:
"Intern" - 10.0.0.1 / Internal interface
"Extern" - 192.168.2.3 / External interface, connected through router to the internet

I can easily connect to the VPN from a local PC, in the same network, e.g. 10.0.0.10. Connection can be established with the correct user and PSK.

But when I try to connect to 192.168.2.3 (from the 10.0.0.10, 192.168.2.3 is accessable from this IP, because of routing) or from external (internet, correct port-forwarding in Internet-Router (FritzBox)), I just get no connection established.

The only thing is the NAT between it. The client is correct configured, included the registry values HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesIPSec and HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesPolicyAgent

What am I doing wrong? Firewall cannot be the problem, because I deactivated the firewall for testing purposes.

Maybe somebody has an idea that could help. Thanks very much in advance.

EDIT: The ISAKMP packets are received, but there is no response from the server (see wireshark screenshots). The firewall dropped nothing, because it was disabled for test purposes.

Screenshots of the configuration:
External Interface Routing Settings
Internal Interface Routing Settings
External Interface Port-Forwarding Settings
Routing settings
Routing security settings
Interface list
enter image description here

vpn l2tp windows-server-2019

share|improve this question

edited May 27 at 19:42

Marc M

asked May 26 at 21:24

Marc MMarc M

13

add a comment | 

I have a problem installing a L2TP VPN Connection with Windows Server 2019.

There are two interfaces:
"Intern" - 10.0.0.1 / Internal interface
"Extern" - 192.168.2.3 / External interface, connected through router to the internet

I can easily connect to the VPN from a local PC, in the same network, e.g. 10.0.0.10. Connection can be established with the correct user and PSK.

But when I try to connect to 192.168.2.3 (from the 10.0.0.10, 192.168.2.3 is accessable from this IP, because of routing) or from external (internet, correct port-forwarding in Internet-Router (FritzBox)), I just get no connection established.

The only thing is the NAT between it. The client is correct configured, included the registry values HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesIPSec and HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesPolicyAgent

What am I doing wrong? Firewall cannot be the problem, because I deactivated the firewall for testing purposes.

Maybe somebody has an idea that could help. Thanks very much in advance.

EDIT: The ISAKMP packets are received, but there is no response from the server (see wireshark screenshots). The firewall dropped nothing, because it was disabled for test purposes.

Screenshots of the configuration:
External Interface Routing Settings
Internal Interface Routing Settings
External Interface Port-Forwarding Settings
Routing settings
Routing security settings
Interface list
enter image description here

vpn l2tp windows-server-2019

share|improve this question

edited May 27 at 19:42

Marc M

asked May 26 at 21:24

Marc MMarc M

13

share|improve this question

edited May 27 at 19:42

Marc M

asked May 26 at 21:24

Marc MMarc M

13

share|improve this question

edited May 27 at 19:42

Marc M

asked May 26 at 21:24

Marc MMarc M

13

asked May 26 at 21:24

Marc MMarc M

13

asked May 26 at 21:24

Marc MMarc M

13

1 Answer
1

active

oldest

votes

0

The problem was, that there was port-forwarding in NAT-interface. The forwardings must be disabled (although they was to 127.0.0.1).

share|improve this answer

answered May 30 at 12:42

Marc MMarc M

13

add a comment | 

Your Answer

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f968911%2fwindows-server-2019-l2tp-vpn-in-rras-only-accessable-from-internal-interface%23new-answer', 'question_page');

);

Post as a guest

Name

Email

Required, but never shown

0

The problem was, that there was port-forwarding in NAT-interface. The forwardings must be disabled (although they was to 127.0.0.1).

share|improve this answer

answered May 30 at 12:42

Marc MMarc M

13

add a comment | 

0

The problem was, that there was port-forwarding in NAT-interface. The forwardings must be disabled (although they was to 127.0.0.1).

share|improve this answer

answered May 30 at 12:42

Marc MMarc M

13

add a comment | 

The problem was, that there was port-forwarding in NAT-interface. The forwardings must be disabled (although they was to 127.0.0.1).

share|improve this answer

answered May 30 at 12:42

Marc MMarc M

13

share|improve this answer

answered May 30 at 12:42

Marc MMarc M

13

answered May 30 at 12:42

Marc MMarc M

13

answered May 30 at 12:42

Marc MMarc M

13