Assistance on setup to Connect an offsite server to the LAN via RRAS VPN - Server 2008 R2

Posted by Paul D'Ambra on Server Fault See other posts from Server Fault or by Paul D'Ambra
Published on 2010-10-30T22:36:13Z Indexed on 2011/02/27 23:26 UTC
Read the original article Hit count: 335

I have an office LAN protected using a Zyxel Zywall USG 300. I've set up an L2TP/ipsec VPN on that which accepts connections using a shared secret and I've tested this from multiple clients.

I have a server offsite and want to set up RRAS to use a persistent connection to the VPN so that it can carry out network jobs even with no one logged in (I'm using it for Micorosft DPM secondary backup).

If I create a vpn as if I were setting up a users laptop it can dial in no problem but if I set up a demand dial interface in RRAS it errors.

  • I enable RRAS ticking only demand dial interface (branch office routing)
  • Select network interfaces, right click and choose new demand dial interface
  • Name the VPN ToCompany
  • Select connect using VPN
  • And then L2TP as the vpn type
  • enter the IP address (double-checked for typos!)
  • select Route IP packets on this interface
  • specify static route to remote network as 10.0.0.0/24 with metric of 1
  • add dial out credentials (again double checked for typos and confirmed with other vpn connections
  • click finish
  • now I right-click on the new interface and choose properties and then the security tab
  • I change Data encryption to optional
  • select only PAP for Authentication (both as per manufacturer of Zywall)
  • click advanced settings against type of vpn and set shared secret
  • then I select the new interface, right-click and choose connect

this dials and then errors with either 720 or 811 as the error codes. However, if I create a VPN by going to Network & Sharing center and setting up as if I was creating a VPN from my laptop to the office (say) it dials successfully

so I know the VPN settings are correct and the machine can connect to the VPN.

Suggests very strongly the problem is how I'm setting up RRAS. Can anyone help?

© Server Fault or respective owner

Related posts about windows-server-2008

Related posts about vpn