This is my first post.
- Connect Server 2012R2 to Domain VPN so that I can set it up as a RODC.
I currently have my business domain setup with 1 Physical DC, 1 Physical RRAS, 1 Hyper-V Host (for testing whatever) and 5 computers. I have little experience with VPN so I wanted to learn how to setup a VPN NOT using an all in one software solution even though that might be easier.
- RRAS is setup to use AD Authentication, DDNS setup for external resolution.
- Cisco router ports are open to RRAS and VPN is confirmed working when connecting from a Domain Joined laptop at a remote location. (The laptop was brought to Site A, Joined to Domain, User and Computer were given permissions in AD to dial in.) Then brought back to Site B and VPN works.
- Laptop at Site B can use IP or Netbios name resolution and all works just like it should.
So I also have a Windows 2012R2 Server at Site B. It is a fresh install and has nothing configured yet. I want this to be the RODC. I create the VPN connection on the B Server, Give it the same settings to connect as the VPN on the laptop and try to connect. It always fails the connection saying that
"Error 800: The remote connection was not made because the attempted VPN tunnels failed. The VPN server might be unreachable. If this connection is attempting to use an L2TP/IPsec tunnel, the security parameters required for IPsec negotiation might not be configured properly."
I have tried to change the "Type of VPN" from Automatic to SSTP (which is what the laptop shows) I have exported the "Root Certificate" from the DC and imported it into the B Server on the "Machine" not just the "User". I have created an account for the B Server in AD (even though I know it will not help.. just thought i would try it)
I have been attempting this for a few days and reading a ton about it on the internet. Maybe it cant be done but then how else do you get a Workgroup machine to connect to the VPN so that it can join the Domain..?
Thank you in advanced for your answers.