We set up a new 2016 standard server with essentials role a few months back and set up anywhere access using the free remotewebaccess.com domain which has worked fine for us on previous windows versions however it seems that on server 2016 standard there's a common problem which appears to be with the certificates which means that the server has to be restarted every 24 hours otherwise the anywhere access stops working. My research into this so far seems to indicated that the only solution is to not use remotewebaccess.com.
I've had a brief look at your tutorial about using Lets Encrypt certificates but I was wondering if you have any experience with setting this up after previously using remotewebaccess.com? In particular for remote workers as I'm assuming that as soon as we complete that tutorial the remote workers will no longer be able to connect via anywhere access? How do we get those remote workers updated with the correct information, would it be a matter of running the connect computer wizard again?
Using remotewebaccess.com and Let's Encrypt may not work because you do not own the domain. Though I think it would technically be possible to run Certify the Web for someone.remotewebaccess.com and generate a certificate I don't think it is a good idea because you don't own it.
Get your self an FQDN like yourcompany.com and get a static IP address for your Internet connection. Remote users would need to change the URL they connect to, like https://remote.yourdomain.com/remote and the VPN connection on the client must also be changed to remote.yourdomain.com.
I'm in the same situation as Michael - the remotewebaccess.com domain is awful in that the server has to be restarted every day - in fact it doesn't seem to be working at all anymore for VPN access. We own a domain and I've asked them to add an A record for remote.ourdomain.co.uk with our WAN IP and then try to run your Let's Encrypt tutorial but when I test the certificate it says that the url cannot be verified as accessible - are you able to offer any help with this?
Is port 80 and 443 open to the server? Please, check here http://www.canyouseeme.org/
Yes, both ports are open for our WAN IP. The system works with the default remotewebaccess - everything works on that except the VPN which fails due to the dodgy SSL certificate that Microsoft provides. Your certify the web program works fine if I add the remotewebaccess as the site binding and produces an SSL certificate but it fails when I try our own domain?
How long ago did you add the A record for your domain? It can take up to 24 hours to propagate.
That might just be it! I just checked on a dns propagation website and it is down so hopefully it will be up tomorrow and all will work out. Thanks for getting back to me so quickly.
Thanks for your help, it was just the A record propagation and it works now - one last question... the tutorial mentions an auto-renewal script with powershell but in your program I can't see the option to tick for RDP gateway. Has this changed since you wrote the tutorial?