Skip to content

Instantly share code, notes, and snippets.

@GuyPaddock GuyPaddock/HOWTO.md
Last active Jun 9, 2019

Embed
What would you like to do?
WIP: Configure RRAS on Server 2016 when Anywhere Access VPN is Enabled

If you enable Anywhere Access VPN in WSE 2016, you will no longer be able to access RRAS admin UI. The message "Legacy mode is disabled" appears. This is because Access Anywhere configures the VPN in WS in a way that cannot be represented in the legacy UI. This makes it nearly impossible to setup other RRAS functionality like NAT or RAS, and there does not appear to be PowerSell cmdlets to address these gaps.

As a workaround, do not use Anywhere Access VPN. Instead, configure VPN manually in the RRAS admin UI. If you need to enable NAT + VPN, you will need to take special care to configure NAT first. For some reason, configuring NAT + VPN in one step leads to the NAT not functioning properly.

@GuyPaddock

This comment has been minimized.

Copy link
Owner Author

commented Nov 17, 2018

2018-11-16 - legacy mode is disabled on this server
2018-11-16 - disable anywhere access

@GuyPaddock

This comment has been minimized.

Copy link
Owner Author

commented Jun 9, 2019

This appears to be controlled by this registry setting:
image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.