{"id":527,"date":"2015-06-29T22:47:23","date_gmt":"2015-06-29T22:47:23","guid":{"rendered":"http:\/\/www.itcrumbs.com\/?p=527"},"modified":"2019-02-07T04:39:44","modified_gmt":"2019-02-07T04:39:44","slug":"vpn-was-not-configured-successfully-in-windows-server-2012-essentials-experience","status":"publish","type":"post","link":"https:\/\/www.itcrumbs.com\/?p=527","title":{"rendered":"VPN was not configured successfully in Windows Server 2012 Essentials Experience"},"content":{"rendered":"<p><a title=\"http:\/\/www.tachytelic.net\/2014\/08\/vpn-configured-successfully-windows-server-2012-essentials\/\" href=\"http:\/\/www.tachytelic.net\/2014\/08\/vpn-configured-successfully-windows-server-2012-essentials\/\">http:\/\/www.tachytelic.net\/2014\/08\/vpn-configured-successfully-windows-server-2012-essentials\/<\/a><\/p>\n<p>During a recent SBS 2003 to Windows Server 2012 r2 Essentials migration I was having a number of problems setting up anywhere access. The two problems that I was getting were: <\/p>\n<ul>\n<li><strong>Anywhere access to your server is blocked<\/strong> <\/li>\n<li><strong>VPN was not configured successfully<\/strong> <\/li>\n<\/ul>\n<p><a href=\"http:\/\/www.tachytelic.net\/wp-content\/uploads\/AnywhereAccess.png\"><img loading=\"lazy\" decoding=\"async\" alt=\"Windows Server Essentials Anywhere access - VPN was not configured successfully\" src=\"http:\/\/www.tachytelic.net\/wp-content\/uploads\/AnywhereAccess.png\" width=\"644\" height=\"526\" \/><\/a> <\/p>\n<p>I searched all over but couldn\u2019t come up with anything useful and the dashboard.log file didn\u2019t show anything useful, just the error: <\/p>\n<p><strong>ConnectivityCenter: RemoteAccessAnalyzer: VPN server deployment result: InstallationFailed<\/strong> <\/p>\n<p>The ports 80 and 443 required for Remote Web Access and VPN were without doubt open but it seemed to me that the wizard always failed at the verification stage, so I figured that it must be seeing something different than I was picking up in my tests. <\/p>\n<p>Now, this server has been configured with a custom domain name of remote.companydomain.com and externally this resolved no problems at all. <\/p>\n<p>But if I tried to ping that address or use nslookup on the essentials server to resolve the external DNS address that had been assigned to the server it failed. Then I realized what was going on. <\/p>\n<p>This system\/customer is new to me and I had made the new essentials server a domain controller which also meant that it would have replicated DNS records from the source domain controller. <\/p>\n<p>Although the internal domain name was companyname.local there was also a forward lookup zone for the main companyname.com address space, because the essentials server was rightly using itself as a DNS server it was unable to resolve remote.companyname.com using its own DNS forward lookup zone for the external domain as the record for remote.companyname.com had not been added. <\/p>\n<p>So I had two choices, remove the forward lookup zone or add the remote.companyname.com address to it as an A record. It was obvious after a little investigation why the external domain name had been added to the active directory DNS, but the reason it was include it was no longer appropriate, so I deleted the whole zone. <\/p>\n<p>I then restarted the DNS server and cleared the DNS cache from a command prompt with: <\/p>\n<p>ipconfig \/flushdns <\/p>\n<p>and tried to resolve the external domain name again and this now resolved correctly. <\/p>\n<p>So I once again tried to run the Windows Essentials Anywhere Access Wizard and it still failed with the exact same issue! Infuriating! . <\/p>\n<p>It did show one less error this time though and I was down to \u201cVPN was not configured successfully\u201d only this time. This error took make ages to figure out though. <\/p>\n<h5>Fixing the VPN was not configured successfully error<\/h5>\n<p>I ended up looking through the CBS.LOG file in quite some detail and figured out what the problem was. Thanks to someone on <a href=\"http:\/\/social.technet.microsoft.com\/Forums\/appvirtualization\/en-US\/4063b0fb-4fb8-4d18-a576-6023217980d0\/vpn-was-not-configured-succesfully\">this thread on technet <\/a>for the inspiration to look there. <\/p>\n<p>When the VPN is being enabled Windows Essentials attempts to setup a Windows Internal Database and in my case failed to do so due to a logon failure as it did not have the \u201cLogon as a Service\u201d privilege. Here is a sample of the log:<\/p>\n<pre>2014-08-29 23:04:32, Error CSI 00000001 (F) Logged @2014\/8\/29:22:04:32.768 : [ml:130{65},l:128{64}]&quot;Attempting to start service {MSSQL$MICROSOFT##WID} synchronously&quot;\n[gle=0x80004005]\n2014-08-29 23:04:32, Error CSI 00000002 (F) Logged @2014\/8\/29:22:04:32.893 : [ml:84{42},l:82{41}]&quot;start service MSSQL$MICROSOFT##WID (1069)&quot;\n[gle=0x80004005]\n2014-08-29 23:04:32, Error CSI 00000003@2014\/8\/29:22:04:32.893 (F) CMIADAPTER: Inner Error Message from AI HRESULT = HRESULT_FROM_WIN32(1069)\n [\n[51]&quot;The service did not start due to a logon failure.<\/pre>\n<p>Now I felt I was getting close to the source of the issue, light at the end of the tunnel (you have no idea how long I spent trying to figure this out). <\/p>\n<p>The <a href=\"http:\/\/support.microsoft.com\/kb\/2832204\">knowledge base article 2832204<\/a> from Microsoft explains how to make the appropriate group policy changes to stop this prevent the specific issue of being unable to start the MSSQL$MICROSOFT##WID service, which is actually the root cause of the wizard not being able to finish. <\/p>\n<p>Here is a screenshot of how I the corrected group policy looked on the system I was working on: <\/p>\n<p><a href=\"http:\/\/www.tachytelic.net\/wp-content\/uploads\/LogonAsAService.png\"><img loading=\"lazy\" decoding=\"async\" alt=\"Changing the logon as a service policy to resolve the error &quot;VPN was not configured&quot; on Windows Server Essentials Experience\" src=\"http:\/\/www.tachytelic.net\/wp-content\/uploads\/LogonAsAService.png\" width=\"441\" height=\"521\" \/><\/a> <\/p>\n<p>After you have changed the policy run a quick \u201cgpupdate\u201d to make the new policy active and then try running the VPN wizard again, the wizard took a long time to complete but I was fairly confident it was going to work as I could see the SQL database becoming active in Task Manager: <\/p>\n<p><a href=\"http:\/\/www.tachytelic.net\/wp-content\/uploads\/AnywhereAccessSQLServer.png\"><img loading=\"lazy\" decoding=\"async\" alt=\"Essentials Anywhere Access Creating a Windows Internal SQL Database\" src=\"http:\/\/www.tachytelic.net\/wp-content\/uploads\/AnywhereAccessSQLServer.png\" width=\"607\" height=\"196\" \/><\/a> <\/p>\n<p>The wizard finally finished with success! I spent a long time trying to figure out the cause of this problem and I am so glad to see the back of it. I really hope this helps you if you are having the same issue. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>http:\/\/www.tachytelic.net\/2014\/08\/vpn-configured-successfully-windows-server-2012-essentials\/ During a recent SBS 2003 to Windows Server 2012 r2 Essentials migration I was having a number of problems setting up anywhere access. The two problems that I was getting were: Anywhere access to your server is blocked VPN was not configured successfully I searched all over but couldn\u2019t come up with anything useful [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-527","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.itcrumbs.com\/index.php?rest_route=\/wp\/v2\/posts\/527","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.itcrumbs.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.itcrumbs.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.itcrumbs.com\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.itcrumbs.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=527"}],"version-history":[{"count":1,"href":"https:\/\/www.itcrumbs.com\/index.php?rest_route=\/wp\/v2\/posts\/527\/revisions"}],"predecessor-version":[{"id":528,"href":"https:\/\/www.itcrumbs.com\/index.php?rest_route=\/wp\/v2\/posts\/527\/revisions\/528"}],"wp:attachment":[{"href":"https:\/\/www.itcrumbs.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=527"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.itcrumbs.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=527"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.itcrumbs.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=527"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}