Thursday, May 23, 2013

Setup a Windows Server 2012 VPN



I will be showing us how to install and configure a Windows Server 2012 VPN connection. This post would focus on simple basic setup for a test environment with a single NIC on the Internal network behind a firewall.
Steps:
- Start the Server Manager
Windows DHCP Server
- Click Add Roles and Features from the Manage Menu
Windows DHCP Server
- On Add Roles and Features wizard begins and click Next
Windows DHCP Server
- Select the Role-based or feature-based installation option and click Next
Windows DHCP Server
- If you have more than one server managed via the server manager console, then select the desired server you’d like to install Routing and Remote Access on
Windows DHCP Server
- From the Roles lists select Remote Access, click Add Features on the popup window
Remote Access VPN
- Click Next
Remote Access VPN
- No additional features required at this point, click Next
Remote Access VPN
- Have a quick read on what DirectAccess & RRAS VPN is, then click Next
Remote Access VPN
- Select DirectAccess and VPN (RAS), click Next
Remote Access VPN
- Click Next after reading this if you care :)
Remote Access VPN
- Accept default selections and click Next
Remote Access VPN
- Review the confirmation page and click Install to begin
Remote Access VPN
- When installation is completed, click Close
Remote Access VPN
Go to Page2: Post deployment and configuration
In continuation of our VPN setup from page1, I will conclude the VPN setup in this post by running the post deployment task and configuring the settings.
Steps:
- From the Server Manager screen, click on the warning sign and click ‘Open the Getting Started Wizard’
Remote Access VPN
- On Configure Remote Access, click Deploy VPN Only. Note if you are deploying this on a domain based environment, then select either Deploy both DirectAccess and VPN or Deploy DirectAccess Only
Remote Access VPN
- From the Routing and Remote Access mmc, right-click on the server and click ‘Configure and Enable Routing and Remote Access’
Remote Access VPN
- Click Next on the wizard
Remote Access VPN
- Select Custom Configuration
Remote Access VPN
- Select VPN access
Remote Access VPN
- On completion, click Finish
Remote Access VPN
- Click Start service to start the RRAS service
Remote Access VPN
- Wait for the service to startup
Remote Access VPN
- After the service had started, you should have your Routing and Remote Access service configured
Remote Access VPN
Next Steps: We need to configure the following additional tasks
1. Add IPv4 IP address range that would be assigned to each client machines as they connect to the VPN
- From the Routing and Remote Access mmc, right-click on the server and click ‘Properties’
Remote Access VPN
- Under properties screen click IPv4 tab, select Static address pool, click Add and enter the desired IP address range on the windows popup
Remote Access VPN
- Click OK to close
Remote Access VPN
2. Enable Remote Access for users
- On a domain based network, open the properties of a domain user account via Active Directory Users and Computer mmc. Click on Dail-in, under Network Access Permission click Allow access (Note: on a workgroup server, you can enable this on local users account via Computer Management/Local Users and Groups/Users OU)
Remote Access VPN
3. Configure Windows Firewall
- To allow routing and Remote Access on local windows firewall, from Start screen, type ‘Firewall’, click Settings on the searched result, then click ‘Allow an App through Windows Firewall’.
Remote Access VPN
- Locate Routing and Remote Access and ensure Domain, Private and Public are checked
Remote Access VPN
4. Configure Perimeter Firewall
- Based on the type of firewall you have, ensure the following ports are allowed traffic to the RRAS server:
PPTP Connections:
TCP 1723
L2TP/IPSec Connections:
TCP 1701
UDP 500
SSTP Connections:
TCP 443

Setup a Windows Server 2012 VPN


This page will conclude the deployment and configuration of Routing and Remote Access VPN setup on Windows Server 2012 and we will look at configuring the client machines to connect to the RRAS server.
Steps:
- On your Windows 7 (which I am working on) or Windows 8 machine, go to Control Panel, select Network and Sharing Center
Remote Access VPN
- Click Setup a new connection or network
Remote Access VPN
- Click Connect to a workplace
Remote Access VPN
- Click Use my internet connection (VPN)
Remote Access VPN
- Click I’ll setup an Internet connection later
Remote Access VPN
- Enter either the local IP address of the RRAS server or the corresponding Public IP address for outside connection. Then check Allow other people to use this connection if you wish
Remote Access VPN
- Enter client user name, password and domain. Note this user account must have been granted Dial-in permission via user AD properties. Click Create
Remote Access VPN
- Click Close on completion
Remote Access VPN
- From the desktop, click on the network icon, right-click on newly created VPN icon and click Properties
Remote Access VPN
- Click on Security tab, select Optional encryption under Data encryption. Select Allow these protocol and check MS-CHAP v2. Click OK to accept changes
Remote Access VPN
- Click back on the network icon, right-click on VPN Connection and click Connect
Remote Access VPN
- On the popup dialog box, enter the username, password and ensure the specified domain is correct. Click Connect
Remote Access VPN
- Wait for the connection to establish
Remote Access VPN
- When connection is established, the connection screen would disappear. Click back on the network icon and your VPN Connection should now show Connected
Remote Access VPN
That is all folks :) hope yours was successful

19 comments:

  1. This was absolutely fantastic, thank you very much for helping me get this up and running!

    ReplyDelete
  2. Sory, how to get user and password for windows 7?

    ReplyDelete
  3. the user's password is password you set in Active directory users&groups, or localy from Users on your server...

    ReplyDelete
  4. Thanks for useful manual.It works good.
    top10-bestvpn.com

    ReplyDelete
  5. Thanks for great installation guide.VPN works fine.
    Good manual for VPN connection on Windows Server2012.
    10webhostingservice.com

    ReplyDelete
  6. This comment has been removed by the author.

    ReplyDelete
  7. Hey friend you can go to: www.cdekey.com. to get one, you can find all versions of product keys for windows, it works well and the price is surprisingly cheap.

    ReplyDelete
  8. Hey friend you can go to www.mororless.com to get one, you can find all versions of product keys for windows, it works well and the price is surprisingly cheap!

    ReplyDelete
  9. Hi, I followed this guide and ran into this issue. can you help please ? http://serverfault.com/questions/746707/cannot-ping-host-name-on-server-2012-vpn

    ReplyDelete
  10. Windows10KeySale.com

    Visit the site Windows10KeySale.com . I believe you will get what you want on the site. Besides, keep in mind that you also can communicate with them about the technicalproblem. They can help you with patient explanation and warm service.

    Windows10KeySale.com

    ReplyDelete
  11. Quite informative post on windows server vpn. Couple of months ago, I had started using services of reputed and best windows vpn service provider that are providing fast speed and uninterrupted services. Glad to get such good services at such great prices.

    ReplyDelete
  12. I really like your take on the issue. I now have a clear idea on what this matter is all about..
    company

    ReplyDelete
  13. Hi! Thanks for the great information you havr provided! You have touched on crucuial points!
    buy here

    ReplyDelete
  14. Factually stated, about 75% of Devices are Operated using Windows. FastestVPN offers Best VPN for Windows for complete anonymity to the users of Windows.

    ReplyDelete
  15. Cyber Monday Special Deal - Get Ivacy VPN on this cyber monday for Just $1.34/Month

    Cyber Monday VPN Deal

    Use promo code icm10 for discount price.

    ReplyDelete
  16. I went over this website and I believe you have a lot of wonderful information, saved to my bookmarks nord vpn free trial

    ReplyDelete
  17. Here you will learn what is important, it gives you a link to an interesting web page: windows 10

    ReplyDelete