VPN Server "unable to reach the IPv4 DDNS server"

jhstealth · Post by **jhstealth** » Wed May 28, 2014 4:24 pm

Hello.

I have installed the VPN server on my laptop with plans to use Azure to connect through an extremely restrictive deep packet inspection proxy/firewall (Microsoft Forefront Threat Management Gateway 2010). I installed the server onto an Intel i5-4300 based laptop running Windows 7 x64 SP1. When I get to the screen in which I setup a DDNS name, I get the error:

Unable to reach the IPv4 DDNS Server.

That is using the direction connection, letting the IE settings (Autodetect) determine the proxy. 100% of all outbound traffic is forced through the proxy/firewall, so autodetect forces the use of the Forefront Threat system. If I manually set the proxy to the actual proxy server address and provide the login credentials, I get the following error:

The connection to the Dynamic DNS server has been disconnected.

How do I use Azure if the DDNS does not work? If I cannot, how I can get the DDNS to work behind this excessively restrictive firewall?

Ver 4.06, Build 9437
SoftEther VPN Server (with Azure enabled)
Path: Private NAT IP - MS Forefront Threat Management Gateway 2010 - Internet
SecureNat is not being used.
I have enabled (no positive impacted detected) the VPN over ICMP and VPN over DNS Server Function.
There is no loop in the local bridge between the Virtual Hub and the LAN adapter.

Post by **dnobori** » Fri Jun 06, 2014 12:43 pm

When the same computer is connected to the Internet, without that ligh-level firewall product, does the DDNS connection establish correctly?

jhstealth · Post by **jhstealth** » Sat Jun 07, 2014 2:45 am

Yes, actually it works fine on the guest network that traverses the same WAN router via a different proxy/firewall combination.

Post by **dnobori** » Sat Jun 07, 2014 5:17 am

I'd like to analyze the detail.

Could you attach the screen shot of the error, please?

jhstealth · Post by **jhstealth** » Sun Jun 08, 2014 5:53 pm

Absolutely...and thanks for looking. See attached.

Post by **dnobori** » Mon Jun 09, 2014 4:14 am

Hi,

Can you open https://ddns.sehosts.com/ from the server computer?
If the SSL certificate warning will pop-up, ignore it.

After open it, you can see the SSL certificate of the above page.
Please post the screen shot of the shown SSL certificate (including Common Name).

jhstealth · Post by **jhstealth** » Mon Jun 09, 2014 11:57 pm

I clicked the link and have attached the resulting certificate as well as the error landing page.

Once again, thanks for looking into this with me. I do appreciate it.

Post by **dnobori** » Tue Jun 10, 2014 4:07 am

Hi,

The server computer needs to go to the Internet via a proxy server?
If so, you have to set up a proxy setting on the DDNS dialog box.

jhstealth · Post by **jhstealth** » Wed Jun 11, 2014 1:41 pm

The configuration at the site is such that all packets are intercepted and inspected. So, if I specify the proxy, it will use it. If I do not specify a proxy, it still uses it. If I direct traffic to a different proxy I lose access to the Internet entirely as the traffic is dropped by the firewall for not having come through the default proxy server for the internal network.

VPN Server "unable to reach the IPv4 DDNS server"

VPN Server "unable to reach the IPv4 DDNS server"

Re: VPN Server "unable to reach the IPv4 DDNS server"

Re: VPN Server "unable to reach the IPv4 DDNS server"

Re: VPN Server "unable to reach the IPv4 DDNS server"

Re: VPN Server "unable to reach the IPv4 DDNS server"

Re: VPN Server "unable to reach the IPv4 DDNS server"

Re: VPN Server "unable to reach the IPv4 DDNS server"

Re: VPN Server "unable to reach the IPv4 DDNS server"

Re: VPN Server "unable to reach the IPv4 DDNS server"