I have configured Routing and Remote Access Service for VPN, is there a way to reconfigure it again with the wizard?
If I delete the server and add it again it says that it's already configured.
Reconfigure Routing and Remote Access Service Windows server 2012
remote-access
Related Solutions
Your terminology "...see anything on the LAN..." is imprecise. What do you mean by "see"? Do you mean that you couldn't PING or make TCP connections to hosts on the LAN? Do you mean that some "Network Places" or such functioinality didn't work?
What you're trying to do will work fine. You're probably not getting NetBIOS name resolution across the VPN because you're probably not using a WINS Server on the LAN. That would be my "psychic powers" guess as to why you're having problems.
Installing RRAS on a domain controller makes it multi-homed. It will work but Microsoft doesn't recommend it. You should think about preventing the RRAS adapter from registering in DNS and WINS.
Edit:
I don't think there's anything "contrived" about my answer. I'm trying to help based on your imprecise description of your problems (using the term "see" nstead of saying exactly what is failing when you're connected) and my experience with these types of problems. Your vague statement about using RADIUS gave me some feeling that you weren't a professional sysadmin (later validated by your comment re: your job) and that you were probably trying to use some graphical tool or application to access resources on the LAN but hadn't performed the basic troubleshooting steps of verifying layer 3 communication, name resolution, etc.
I've setup RRAS servers on domain controllers on LANs that are connected to the Internet behind NAT firewalls. I connect to them several times a week. What you're trying to do works fine.
Are you allowing the RRAS server to assign IP addresses to clients from DHCP, or have you specified an address range? If you've specified an address range is it a range that is within the LAN subnet, or is it a different subnet? Is the IP being assigned to the client when "connected" what you'd expect to see?
It's still unclear to me what you've tried doing once "connected" that makes you think you can't "see" the LAN. Can you PING the RRAS server's IP address? Can you make TCP connections to services hosted by the RRAS server or other servers on the LAN by IP address? Are you getting DNS resolution?
Finally, I did not suggest that moving RRAS to another server would make anything work. I suggested that Microosft doesn't recommend multi-homed domain controllers. RRAS will run fine on a domain controller, provided you understand the ramifications therewith.
Edit 2:
With the RRAS server setup to assign IP addresses from DHCP you're seeing a good LAN IP address being assigned to the client, then?
Assuming you are, and you can't PING the RRAS server's LAN IP address from the client, it's time to start sniffing traffic. I'd sniff on the RRAS server and on the client to see that the PING request is properly routing out the VPN connection (as an encrypted GRE payload-- presumably you're using PPTP). If sniffing is inconvenient you can watch the bytes transferred via the "Status" dialog for the connected client in the "Remote Access Clients" node in the "Routing and Remote Access" management console snap-in. I'd sniff, though-- there's no substitute for seeing the data on the wire.
The client's routing table looks like you'd expect after connection, too, I'd assume. By default, the Microsoft VPN client assigns your default gateway to the remote network (the "Use default gateway on remote network" checkbox in the "Advanced" TCP/IP properties for the VPN connection). If you turn that off, instead of seeing your default gateway change you'll see an entry for the remote network with a gateway of the IP address assigned to the client's VPN adapter. You don't mention what the client OS is, but the behaviour of the Microsoft VPN client changed slightly in Windows 7 (allowing you to disable the silly "classful" route addition behaviour explicitly).
It probably goes w/o asking, but the VPN server's LAN IP subnet and the LAN subnet where the client is connected are using different address ranges, aren't they?
I eventually found a solution to my problem. I hadn't realised it but RRAS has a built in firewall, which is not exactly brilliant. You would have thought that they would have dropped this for integration with the built in windows firewall - but no.
It has a sort of mini-firewall which requires you not only add an outbound rule for, say, http access but also an inbound rule for the responses to the outbound connections.
My error above was that I had only opened outbound http but hadn't included the second rule to permit responses. Seems a bit stupid to need to explicitly include this rule.
In any case, the various problems I had with this box are now solved.
Thanks
Ian
Best Answer
Yes there is, in almost the way you are currently doing it
Rather then click delete (which just removes it from the mmc window) click on disable routing and remote access. This will of course stop anyone connecting until you have finished the wizard again. To run the wizard click on Configure and Enable routing and Remote Access which will be available again