I have a VPS with Windows Server 2016 Datacenter, which I access through Remote Desktop. I would like to access it through VPN, so I tried to repeat the working configuration I have in another VPS with Windows Server 2008 Standard.
Both servers have a single Network Interface with a public address and a second internal address (10.1.0.1/255.255.255.248). As I said, VPN works perfectly on 2008.
The procedure I followed is described perfectly with screenshots in an article by Thomas Mauer http://www.thomasmaurer.ch/2016/10/how-to-install-vpn-on-windows-server-2016/
So, briefly, I added the Remote Access role with the Remote Access and Routing features. The role and features get installed without any problem and then I am directed to a wizard, though which I try to initialize the VPN-only feature with a custom configuration. When I finally get into the "old" Routing and Remote Access Management console and try to right-click on the server node to "Configure and Enable Routing and Remote Access" this procedure never ends. A rotating clock icon stays there forever, so I have to kill the management console from the task manager.
When I reopen the management console, either with or without restarting the server, the server looks like running. Then I right-click on the server and select "Properties" in order to define the tunneling protocol for VPN as well as the internal address range that will be provided to the connected clients. The problem here is that this properties popup never gets saved. The "Apply" button does nothing, the "OK" button does not close the form and only the "Cancel" button closes the form without changing anything.
Has anybody seen this behaviour? Am I missing something?
Best regards, Alex
To answer my question, it turned out that, for reasons I don't know, when the routing and remote access was being installed, the "Remote Access Management Service" was not starting. And after the server's restart it was always at "Starting" status.
This service is installed to run under the "Network Service" credentials with an Automatic (Delayed start) start type. When I changed to "Local Service" and manual, I was able to install the Role and initialize it without any problem. And then when I went back to Network Service and Automatic it runs without any more problems.
Strange ...
Alex