Solving common problems with VPN on Windows Server 2012 R2 Essentials
Content of the article
Today we will discuss common problems that can cause VPN failures when using the Windows Server Essentials working environment.
In Windows Server Essential VPN is configured in such a way that minimal manual configuration is required on both the server and client sides.
To be able to use remote access tools, first install the GUI (a visual interface for managing and configuring remote access services) and the Remote Access command tools (provide the ability to control remote access functions via the command line or scripts) using the following command: Add- WindowsFeature – Name RSAT- RemoteAccess - MGMT.
Common VPN errors and their solutions
Let's analyze the three most popular VPN errors and consider ways to eliminate them:
- Error 850: The EAP authentication protocol is not installed. If you manually configured VPN, you may encounter error 850. It indicates that in the properties VPN connections with incorrect protocols selected. To resolve this issue, select Allow specified policies. There is still a possibility of problems with access to the network or the Internet. This often involves using standard remote network gateway characteristics. In the properties of Internet Protocol Version 4 (TCP/IPv4), in the “Advanced settings”, deselect the default gateway settings.
- Error 800. The VPN tunnel is not defined. Indicates that the VPN network node cannot be contacted. If this connection initiates a L2TP/IPsec tunnel, it is likely , IPsec security settings are incorrect. Check if port 443 is allowed on the firewall and is forwarded to the correct server.
- Error 720. The connection is not active. Error 720 indicates that the VPN does not receive the IP address allocated to it from the network host. DHCP (Dynamic Host Configuration Protocol) automatically configures network settings for devices on an IP network and is usually controlled by another device. To solve this problem, launch the Routing and Remote Access terminal and specify a set of static IPv4 addresses allowed for VPN clients, excluding them from the range of addresses managed by the DHCP server. If the client shows a connection to the server, but there is no connection, activate and examine the auxiliary event logs in Routing and Remote Access.
Application of the above solutions on other versions of Windows and other OS
The solutions mentioned can be adapted for other versions of Windows, as well as for other operating systems with some changes and additional settings:
- For Windows Server 2016 and 2019. The process of setting up a VPN and troubleshooting problems in these operating systems is similar to Windows Server. The PowerShell directives for installing remote access administration tools will be similar. Errors related to EAP, L2TP/IPsec and IP-addresses have similar causes and solutions. Differences can only be in the management interface and additional functions of these server versions.
- For Windows 10 and 11. On client operating systems VPN setup can be done via a graphical interface or command line. The basic principles for selecting protocols and setting the default gateway are similar. Errors related to protocols and certificates can also occur and be resolved using similar methods. Certificates are verified and linked through the certificate management console (certlm.msc).
- For Windows 7 and 8.1. These OS versions have similar capabilities for setting up a VPN through a graphical interface. Although it may be somewhat outdated, the basic principles and errors remain the same. Manual protocol configuration and IPsec security settings also apply.
- For Linux. Setting up a VPN is often done through the command line using tools such as OpenVPN, StrongSwan for IPsec, or NetworkManager for GUIs. Errors related to authentication protocols and certificates can also occur on Linux. Setting up configuration files and verifying certificates is similar to the process in Windows.
- For macOS. This OS provides built-in tools for setting up VPN connections through system settings. Errors similar to EAP and L2TP/IPsec errors can also occur on macOS. Configuring certificates and protocols is done through the GUI or command line (for example, scutil).
- For iOS and Android. On mobile devices, VPN configuration is performed through the system settings. Both platforms support basic protocols such as L2TP/IPsec and OpenVPN. Authentication and protocol configuration errors may also occur. Certificates are configured and verified through the application or system settings.
Although specific interfaces and commands may vary, the basic principles of setting up a VPN and troubleshooting common errors apply to most modern operating systems. It is important to take into account the features of each OS and use the appropriate tools to check and configure VPN.
Private VPN server: more features, fewer errors
Using a private VPN server minimizes the likelihood of many errors, including those described in this material, due to better control over settings and security. You can buy a private VPN server profitably and quickly, as well as get all the necessary related information, on Private VPN server.