Hi,
I'm wrestling with both WinGate 8 and RRAS installed on a Windows 2012 server.
I want to connect this host to Azure via site-to-site VPN. When I add the VPN to RRAS
(via the generated Azure PowerShell script or manually) it connects but other problems
arise. Like unable to connect to the WinGate host from within LAN (ICMP or RDP) or
even the default route doesn't seem to work any more.
After disconnecting and reconnecting the Internet interface (in RRAS - which is a PPPoE
interface), the host is accessible again and is properly routing again. Sometimes I even
have to delete the Internet PPPoE interface and add a new one in order to make the
WinGate host work again.
Can anyone tell me if this set-up is even possible? According to Azure requirements, Windows
Server 2012 is supported to connect to the Azure Gateway.
Our configuration:
Windows Server 2012
RRAS (custom configuration with VPN access, Demand-dial connections, LAN routing)
WinGate 8.0.1 (Build 4608)
Interfaces (3 total):
* Ethernet with PPPoE demand-dial connection to Internet (default route)
* Ethernet connected to private MPLS network (static routes on host)
* Ethernet connected to LAN
We need to add a route to the Azure platform via site-to-site VPN.
Thanks in advance.
Rob
Azure Site-to-Site VPN with WinGate 8
Moderator: Qbik Staff
2 posts
• Page 1 of 1
Azure Site-to-Site VPN with WinGate 8
by TabHelp » Oct 03 13 9:36 pm
- TabHelp
- Posts: 2
- Joined: Sep 30 13 11:31 pm
Re: Azure Site-to-Site VPN with WinGate 8
by adrien » Oct 08 13 3:46 pm
Hi Rob
we used to see something similar with dialup. When the dialup connected (and created a new default route), machines on the LAN lost connectivity to the WinGate host.
This typically happened when there was an internal router between WinGate and the LAN client, and the WinGate computer was using a default route to access the rest of the LAN segments. When the dialup default route kicked in, it took priority over the previous one and so packets destined for other internal LAN segments went out the dialup instead.
If the Azure VPN connection is configured so you also use the default gateway on the remote network, and you have an internal router for access to the rest of the LAN, you would see a similar thing.
The cure is to add specific routes on the WinGate computer for your internal networks via the internal router(s), this way the routes are not superceded by a default route. Also in this case remove the default route pointing to any internal router (unless it actually is a path to the Internet).
Regards
Adrien
we used to see something similar with dialup. When the dialup connected (and created a new default route), machines on the LAN lost connectivity to the WinGate host.
This typically happened when there was an internal router between WinGate and the LAN client, and the WinGate computer was using a default route to access the rest of the LAN segments. When the dialup default route kicked in, it took priority over the previous one and so packets destined for other internal LAN segments went out the dialup instead.
If the Azure VPN connection is configured so you also use the default gateway on the remote network, and you have an internal router for access to the rest of the LAN, you would see a similar thing.
The cure is to add specific routes on the WinGate computer for your internal networks via the internal router(s), this way the routes are not superceded by a default route. Also in this case remove the default route pointing to any internal router (unless it actually is a path to the Internet).
Regards
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: Bing [Bot] and 10 guests