We are trying to create a persistent connection between RRAS on a Server 2008 R2 box and an external machine running Server 2012. There is currently an RRAS connection set up between the internal 2008 R2 box and another external 2008 R2 machine which has worked perfectly for years.
We have installed RRAS on the new server 2012 external machine and tried to set it up with the exact same settings as the existing 2008 setup (obviously with different IP addresses) but it is unable to work with any reliability. Both ends have the connection type set to "Persistent connection" as is the case in the 2008 R2 setup.
With a lot of manual disconnecting and re-connecting it is possible to get the connection to come up and show "Connected" in the RRAS console at both ends. However every time the 2012 external system is rebooted, the connection fails to come up, usually at the internal end. What happens is:
1. The internal 2008 R2 server reports the connection as unreachable, with the reason "The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer."
2. The Server 2012 connection back to the internal server (reverse direction) shows as connected.
3. Attempting to manually connect from the internal Server 2008 R2 machine results in the ridiculous error, "The last connection attempt failed because: The interface is already connected."
3. Pings initiated from the external system, to the internal one, succeed.
4. Pings initiated from the internal system to the external one fail.
It seems to be some sort of timing issue, in that if the Server 2012 box brings up the connection first, the Server 2008 R2 box is then unable to connect. And the Server 2012 box always brings it up first, if you attempt to disconnect the Server 2012 one (even with it changed to demand dial instead of persistent), it immediately attempts to reconnect.