win2022 server VPN: connection established from intranet but not from internet

br flag

I have set up a VPN server on a Win2022 server. My Win10 clients (configured as "automatic VPN choice") can log onto the VPN without problem from within the intranet, by addressing either the public URL or the IP address of the server. Obviously, this not useful - but it proves that the VPN plumbing is properly configured and works.

However, when trying to reach the VPN from outside the LAN perimeter, the connection fails. All other connections work, and I can log into the WIN2022 server by RDP, indicating that RDP port forwarding works fine.

The client VPN log says "error 800" which means that the VPN server is generically unreachable. For testing purposes, and I have swtiched off both the gateway firewall (pfsense) and the Win2022 server firewall, and I have directed all TCP/UDP traffic from WAN to the server using 1:1 NAT translation, meaning that all ports are passed to the server. But even that doesn't work.

What might be the cause? I vaguely suspect a DNS-related issue, but I cannot pin it down and I may be wrong anyway.

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.