I am running a VPN gateway product on Server2008 R2. The server has 2 network interfaces. One is a VMWare interface, the other a virtual interface installed by the gateway software. The VPN clients come in through the VM interface, which is the same as a physical network interface in a physical server, and they get an IP address consistant with the virtual interface the gateway software installs and manages.
When I tell the gateway to NAT VPN addresses to LAN addresses, RDP sessions between my workstatoin and the gateway server get flaky and disconnect every so often.
NAT also does not work.
If I remove SEP totally the RDP issues go away and the gateway happily NATs the VPN client addresses to the LAN addresses and the clients appear to be on our LAN with the NAT addresses.
Install SEP, NAT fails, RDP gets funky.
I can "disable" the SEP firewall, same result.
I can create a top rule that says "allow all traffic to and from all things from anywhere to anywhere anything at all" to open things up wide as can be, same issue. RDP is not stable and NAT stops working if SEP is installed.
As soon as I uninstall SEP, the product works GREAT.
If I do not NAT, everything is fine but our clients can't get to all resources due to the VPN IP addresses not being allowed to all things. We need to NAT those addresses to LAN addresses so must have NAT working, but SEP is killing that.
Any ideas? Any way to tell SEP to deal with 1 interface and TOTALLY ignore the other interface? Or set it different for each interface?
Can I tell SEP to watch the LAN interface, which is the VMware equal of a physical interface and leave the rest alone, or somehow make SEP stop interfering with NATting??
Odd that SEP blocks the NATting, and messed with RDP as well, remove SEP, RDP is flawless, fast and stable and NAT works.
Traffic passes between the two interfaces, Microsoft routing is installed on tis server.
Any known issues?