Hello Guys , i have a little problem with my setup hope you guys can help me a bit
So I created a VPN on a S2012 everythings check's out to be fine with the connection users from AD are login in just fine and the file's share permissions are doing fine, everything turns out to be just what i wanted BUT
I want this external users to use their own Internet to other things , so I Unchecked Use Remote Gateway , and users have access to everything except the file share, do I need to add a route manually?
Oh and by the way i also Created a GPO that maps a Drive on the users but it does't do anything =/
If the users can access everything on that server, we will say 10.0.0.1, except for file share, then it may be a firewall issue on the server.
First things first though. Are you accessing the server by DNS or IP? If IP proceed to the next step, if by DNS, try the IP address of the server. \`0.0.0.1\share_name
I would check that, if windows firewall is running, try disabling it. If that does not work, look at your AV that is installed on the server.
Last, GPO would not work, unless the PC is already joined to the domain, and then you run a GP update once connected to the VPN, but I would not advise this. You could however, create a batch file, and just email it to the user, and once they are connected to the vpn, they can just double click the batch file, and it will connect. If you want info on this just respond and I will give you one.
the users can connect to the VPN, I use a DDNS from Asus and the users always Receive an IP , the only Thing is shared in one folder.
when i connect with the vpn gateway it functions well ,The problem is when i connect with the users own gateway (to have internet access) the users cannot access the folder but still receive an IP, the server does not have any AV or Firewall as is still in Lab environment.
Lastly i didn't know i needed to add the computer in AD for the GPO , I assumed only needed the User for this
Turn off windows firewall on the server. That should allow you to do the fileshare, if not verify you can ping the IP address of the server from the client.
Unless there is another way, the computer has to be joined to the domain. I know you can setup GPOs under user config, but I do not think that would work, because the GPO's are applied on login. when you try to access the share, what does it say?
I have set up several Routing and Remote Access Servers, and this is the easiest way.
Install the RRAS role. When you activate the role, select the last option (custom I believe), then select the first option. This will create everything you need by default.
Turn off windows firewall, go into AD, and select the user you want to allow remote access. Right click and edit properties, and under one of the tabs, it will say dial in, change to allow user to remote in.
Pacman you sir .... is a Savior =) Firewall was the issue , i remotly accessed my server and another computer outside the Intranet and was able to make everything work just by disabling the firewall =)