2
2000DXP
Hello, hope you are well.
I have deployed an Always On VPN (AOVPN) solution using Windows Server 2016 Routing and Remote Access (RRAS), Windows Server 2016 Network Policy and Access Services (NPS) using Always On VPN Device and User profiles on Windows 10 client workstations.
I am noticing that there is multiple VPN connections from the "Device" VPN connections on the RRAS servers. I would have expected old connections that have dropped or when the user has shut down the device to disconnect or eventually time-out. Some of the duplicated Device connections have a Duration of over 48 days which well exceeds any idle connection settings I have set.
My expectation would have been to just see one connection from the Device Tunnel VPN and one connection from the User Tunnel VPN. In some cases I can see what looks to be eleven Device tunnel connections all with very different duration times ranging from 48 days through to a few days and down to 1 hour.
Although I have capacity on the connections for IKEv2 and the IP Address Pool to cope with this, has anybody seen a similar scenario and found a way to clear reliably disconnect old idle connections via a time-out setting.
Any help would be greatly appreciated.
Regards,
Dave
Continue reading...
I have deployed an Always On VPN (AOVPN) solution using Windows Server 2016 Routing and Remote Access (RRAS), Windows Server 2016 Network Policy and Access Services (NPS) using Always On VPN Device and User profiles on Windows 10 client workstations.
I am noticing that there is multiple VPN connections from the "Device" VPN connections on the RRAS servers. I would have expected old connections that have dropped or when the user has shut down the device to disconnect or eventually time-out. Some of the duplicated Device connections have a Duration of over 48 days which well exceeds any idle connection settings I have set.
My expectation would have been to just see one connection from the Device Tunnel VPN and one connection from the User Tunnel VPN. In some cases I can see what looks to be eleven Device tunnel connections all with very different duration times ranging from 48 days through to a few days and down to 1 hour.
Although I have capacity on the connections for IKEv2 and the IP Address Pool to cope with this, has anybody seen a similar scenario and found a way to clear reliably disconnect old idle connections via a time-out setting.
Any help would be greatly appreciated.
Regards,
Dave
Continue reading...