Cannot Ping a server after configuring the Routing and Remote Access Services
Solution 1
Check the External Inbound/Outbound Packet Filters - most likely it enabled highly restrictive filters that just allow inbound/outbound VPN traffic (that's what it did on mine). Open the RRAS console, expand IPv4, click General, right click your External interface->Properties. Check the inbound/outbound filters. You're probably going to want to add ICMP to both (ICMP type 8 code 0 for ICMP requests, type 0 code 0 for replies).
Solution 2
I too found (following Dan's answer - +1) that restrictive filters were added when I installed RRAS on my new Windows Server 2008 R2 machine.
Looking at the same thing on Windows Server 2003, no such filters were added by default.
To restore the ability to ping the machine (or RDP in, or pretty much anything else) I first just unticked Enable IP Router Manager under:
RRAS Console > IPv4 > Local Area Connection (ie External interface) > General.
Then when I added the ICMP filter as Dan described, I could reenable the IP Router Manager and still get in via the non-VPN IP address.
Related videos on Youtube
stacker
ASP.NET MVC Developer. Software Architect. And little bit a sysadmin. I'm looking for a System Administrator that know Windows Server 2008 R2 perfectly, and like to use the most current technology in the day to day work. Please Contact me at stacker25 at period.gmail.com (without the period).
Updated on September 17, 2022Comments
-
stacker over 1 year
After configuring the Routing and Remote Access Services to be a both VPN and NAT service, I cannot ping that server anymore from the external side. But when I configure it to be just a VPN server, or just a NAT server, I do able to ping it from the external side.
My configuration is like:
DC: 192.168.20.11 VPN and NUT: Nic 1: 192.168.20.1, NIC 2: 192.168.147.171 Client: 192.168.147.1
The mask is always: 255.255.255.0
I cannot understand why when configuring the VPN server to be a VPN and NAT, I cannot ping the server anymore.
-
stacker over 13 yearsIt's not helped. I still cannot get ping confirmation, but now it's not a problem, as I understanding that there is no a connection problem, the ping just filtered out.
-
Dan over 13 yearsSorry, I mixed those up (edited to fix). Try adding both type 0/code0 and type8/code0 to both inbound and outbound filters to see if you can get replies.
-
Regent almost 11 yearsDisabling IP Router Manager helped me to restore RDP access to just configured Server 2012 VPN server.