I have a server running RRAS on Server 2012 R2. Clients connect using an IKEv2 VPN, and are on the same subnet: 192.168.1.0/24 and 255.255.255.0.
The server has a single NIC, and VPN ports are forwarded via the router.
Clients on the VPN are unable to send or receive broadcast UDP packets to or from the internal network.
An application I am using sends out UDP broadcast packets to 192.168.1.255 on a specific port to advertise themselves and enable a handshake.
For example, I have the following:
On the local network:
Router at 192.168.1.1 (external IP is 1.2.3.4)
VPN Server at 192.168.1.2
Application Computer 1 at 192.168.1.3
Application Computer 2 at 192.168.1.4
On an external network, connected via VPN
Application Computer 3 at 192.168.1.100 (connected to the VPN at 1.2.3.4)
In this scenario, Application Computers 1 and 2 are able to see each other and complete a handshake, but neither are able to see Application Computer 3, and Application Computer 3 can see nothing. They can all ping each other fine.
If the UDP handshake is completed on the local network, and then the Application computer is moved to an external network and connected via VPN, then the Application Computers are still able to communicate, until another handshake is required.
How do I configure RRAS to forward UDP broadcast packets from VPN clients to internal network peers?
