Windows Server 2012

Enable Diagnostic Logging in Windows Server 2012 R2 Routing and Remote Access


In today’s Ask the Admin, I’ll show you how to enable verbose logging in Windows Server 2012 R2 Routing and Remote Access (RRAS).

I’ve recently been using Windows Server’s Routing and Remote Access service to establish a VPN connection between an Azure virtual network and a physical site. And while the set up process is relatively easy, debugging can be a headache when things go wrong, as Windows isn’t known for its useful log information. Detail log tracing can also be enabled for Azure VPN gateways. For details, see Troubleshooting Azure VPNs on the Petri IT Knowledgebase.

The first step I needed to take was enable diagnostic logging in RRAS because the Event Log by default only contains a basic set of events that don’t shed much light when there are connection issues. Don’t forget that once you’ve resolved your connection problems, you’ll want to disable diagnostic logging due to the extra overhead it creates.

Sponsored Content

What is “Inside Microsoft Teams”?

“Inside Microsoft Teams” is a webcast series, now in Season 4 for IT pros hosted by Microsoft Product Manager, Stephen Rose. Stephen & his guests comprised of customers, partners, and real-world experts share best practices of planning, deploying, adopting, managing, and securing Teams. You can watch any episode at your convenience, find resources, blogs, reviews of accessories certified for Teams, bonus clips, and information regarding upcoming live broadcasts. Our next episode, “Polaris Inc., and Microsoft Teams- Reinventing how we work and play” will be airing on Oct. 28th from 10-11am PST.

Enable RRAS logging

Log in to Windows Server 2012 R2 as an administrator and follow the instructions below. The Routing and Remote Access server role must already be installed.

  1. Open Server Manager using the tile on the Start screen.
  2. Click Tools in the top right corner of Server Manager, select Routing and Remote Access from the drop-down menu.
  3. The Routing and Remote Access MMC will connect to the RRAS service running on the local server. Right click the local RRAS server in the top left of the Routing and Remote Access MMC and select Properties from the context menu.
  4. In the Properties dialog, switch to the Logging tab.
  5. On the Logging tab, check Log additional Routing and Remote Access information (used for debugging).
  6. Click OK in the Properties dialog.
Enable diagnostics logging in Windows Server 2012 R2 Routing and Remote Access (Image Credit: Russell Smith)
Enable diagnostics logging in Windows Server 2012 R2 Routing and Remote Access (Image Credit: Russell Smith)

If you are debugging a VPN or other interface, you might want to now manually start it by right clicking the interface name and selecting Connect from the context menu. To see the list of interfaces, click Network Interfaces on the left of the Routing and Remote Access MMC.

Locating the logs

Diagnostic logging writes data to various different files, which you can find in the %windir%/tracing folder. Check for log data in the PPP.log, RASMAN.log, IASHLPR.log, RASAPI32.log, and RASIPCP.log files. Don’t forget that there might also be some useful information in Event Viewer, which can be accessed from the Tools menu in Server Manager. By default, RRAS logs errors and warnings only, but you can change this to Log all events in the same place that we enabled diagnostic logging.


Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

IT consultant, Contributing Editor @PetriFeed, and trainer @Pluralsight. All about Microsoft, Office 365, Azure, and Windows Server.
External Sharing and Guest User Access in Microsoft 365 and Teams

This eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

You will learn:

  • Who should be allowed to be invited as a guest?
  • What type of guests should be able to access files in SharePoint and OneDrive?
  • How should guests be offboarded?
  • How should you determine who has access to sensitive information in your environment?

Sponsored by: