Posts

Showing posts from January, 2019

Always On VPN

-
Image
Windows 10 has a nice feature called Always On VPN. This is pretty much an acceptance that many people have not deployed Direct Access :)  Although DA is not a VPN solution I prefer AO so I set it up for our recent Windows 10 roll out. Basically the steps boil down to... Create some certificate templates. Create 2 new VMs. Enroll into those templates Install RRAS and NPS roles Config RRAS and NPS Client Config The most difficult for me was deciding on how to get the client config to roll out.  We use the Quest appliance KACE here so I used that to deploy a powershell script which sets up the VPN.  Love Windows 10!! I used MDT to build two Windows 2016 servers - I tried the core but my skills were not up for it! EDIT: It is not possible to install NPS on core - it does "come with" RRAS but avoid on core! EDIT:  I ended up making my NPS and RRAS box the same it reduces the server count a bit and proved more reliable/stable (Never found out why)
Post a Comment
Read more

VPN Issue after Fortinet install/uninstall

-
We noticed that after installing Fortinet VPN our Windows VPNs configured on the same machine stopped working. uninstalling the Fortinet client had no effect. We did notice that the services, IKEEXT and PolicyAGent were disabled. Making these auto start and rebooting fixed the issue. We are not sure that Fortinet VPN has anything to do with causing this - however only those machine with the client have shown this issue. Thanks to this posting from Stephan for the solution: https://social.technet.microsoft.com/Forums/lync/en-US/46667a11-5a49-4549-9e18-7d07e8001c35/error-789-when-trying-to-establish-l2tp-vpn-connection?forum=w7itpronetworking
1 comment
Read more

Turn on VSS using Powershell

-
Whilst investigating Server 2016 core we found we needed to turn on VSS.....I found this online (the original website shows a 404 so no reference I'm afraid)   This is not my work but repeated here for me. #Enable Volume Shadow copy clear $Continue = Read - Host "Enable Volume Shadowcopy (Y/N)?" while ( "Y" , "N" - notcontains $Continue ) { $Continue = Read - Host "Enable Volume Shadowcopy (Y/N)?" } if ( $Continue - eq "Y" ) { #Enable Shadows vssadmin add shadowstorage / for = C : /on=C: / maxsize = 8128MB vssadmin add shadowstorage / for = D : /on=D: / maxsize = 8128MB #Create Shadows vssadmin create shadow / for = C : vssadmin create shadow / for = D : #Set Shadow Copy Scheduled Task for C: AM $Action = new - scheduledtaskaction - execute "c:\windows\system32\vssadmin.exe" - Argument "create shadow /for=C:" $Trigger = new - scheduledtasktr
Post a Comment
Read more