I will be showing us how to install and configure a Windows Server 2012 VPN connection. This post would focus on simple basic setup for a test environment with a single NIC on the Internal network behind a firewall.
Steps:
- Start the Server Manager
- Click Add Roles and Features from the Manage Menu
- On Add Roles and Features wizard begins and click Next
- Select the Role-based or feature-based installation option and click Next
- If you have more than one server managed via the server manager console, then select the desired server you’d like to install Routing and Remote Access on
- From the Roles lists select Remote Access, click Add Features on the popup window
- Click Next
- No additional features required at this point, click Next
- Have a quick read on what DirectAccess & RRAS VPN is, then click Next
- Select DirectAccess and VPN (RAS), click Next
- Click Next after reading this if you care
- Accept default selections and click Next
- Review the confirmation page and click Install to begin
- When installation is completed, click Close
Go to Page2: Post deployment and configuration
In continuation of our VPN setup from page1, I will conclude the VPN setup in this post by running the post deployment task and configuring the settings.
Steps:
- From the Server Manager screen, click on the warning sign and click ‘Open the Getting Started Wizard’
- On Configure Remote Access, click Deploy VPN Only. Note if you are deploying this on a domain based environment, then select either Deploy both DirectAccess and VPN or Deploy DirectAccess Only
- From the Routing and Remote Access mmc, right-click on the server and click ‘Configure and Enable Routing and Remote Access’
- Click Next on the wizard
- Select Custom Configuration
- Select VPN access
- On completion, click Finish
- Click Start service to start the RRAS service
- Wait for the service to startup
- After the service had started, you should have your Routing and Remote Access service configured
Next Steps: We need to configure the following additional tasks
1. Add IPv4 IP address range that would be assigned to each client machines as they connect to the VPN
- From the Routing and Remote Access mmc, right-click on the server and click ‘Properties’
- Under properties screen click IPv4 tab, select Static address pool, click Add and enter the desired IP address range on the windows popup
- Click OK to close
2. Enable Remote Access for users
- On a domain based network, open the properties of a domain user account via Active Directory Users and Computer mmc. Click on Dail-in, under Network Access Permission click Allow access (Note: on a workgroup server, you can enable this on local users account via Computer Management/Local Users and Groups/Users OU)
3. Configure Windows Firewall
- To allow routing and Remote Access on local windows firewall, from Start screen, type ‘Firewall’, click Settings on the searched result, then click ‘Allow an App through Windows Firewall’.
- Locate Routing and Remote Access and ensure Domain, Private and Public are checked
4. Configure Perimeter Firewall
- Based on the type of firewall you have, ensure the following ports are allowed traffic to the RRAS server:
PPTP Connections:
TCP 1723
TCP 1723
L2TP/IPSec Connections:
TCP 1701
UDP 500
TCP 1701
UDP 500
SSTP Connections:
TCP 443
TCP 443
Setup a Windows Server 2012 VPN
This page will conclude the deployment and configuration of Routing and Remote Access VPN setup on Windows Server 2012 and we will look at configuring the client machines to connect to the RRAS server.
Steps:
- On your Windows 7 (which I am working on) or Windows 8 machine, go to Control Panel, select Network and Sharing Center
- Click Setup a new connection or network
- Click Connect to a workplace
- Click Use my internet connection (VPN)
- Click I’ll setup an Internet connection later
- Enter either the local IP address of the RRAS server or the corresponding Public IP address for outside connection. Then check Allow other people to use this connection if you wish
- Enter client user name, password and domain. Note this user account must have been granted Dial-in permission via user AD properties. Click Create
- Click Close on completion
- From the desktop, click on the network icon, right-click on newly created VPN icon and click Properties
- Click on Security tab, select Optional encryption under Data encryption. Select Allow these protocol and check MS-CHAP v2. Click OK to accept changes
- Click back on the network icon, right-click on VPN Connection and click Connect
- On the popup dialog box, enter the username, password and ensure the specified domain is correct. Click Connect
- Wait for the connection to establish
- When connection is established, the connection screen would disappear. Click back on the network icon and your VPN Connection should now show Connected
That is all folks hope yours was successful
This was absolutely fantastic, thank you very much for helping me get this up and running!
ReplyDeleteSory, how to get user and password for windows 7?
ReplyDeletethe user's password is password you set in Active directory users&groups, or localy from Users on your server...
ReplyDeleteGood job about vpn...
ReplyDeletevpn connection
Thanks for useful manual.It works good.
ReplyDeletetop10-bestvpn.com
Thanks for great installation guide.VPN works fine.
ReplyDeleteGood manual for VPN connection on Windows Server2012.
10webhostingservice.com
This comment has been removed by the author.
ReplyDeleteHey friend you can go to: www.cdekey.com. to get one, you can find all versions of product keys for windows, it works well and the price is surprisingly cheap.
ReplyDeleteHey friend you can go to www.mororless.com to get one, you can find all versions of product keys for windows, it works well and the price is surprisingly cheap!
ReplyDeleteHi, I followed this guide and ran into this issue. can you help please ? http://serverfault.com/questions/746707/cannot-ping-host-name-on-server-2012-vpn
ReplyDeleteWindows10KeySale.com
ReplyDeleteVisit the site Windows10KeySale.com . I believe you will get what you want on the site. Besides, keep in mind that you also can communicate with them about the technicalproblem. They can help you with patient explanation and warm service.
Windows10KeySale.com
Quite informative post on windows server vpn. Couple of months ago, I had started using services of reputed and best windows vpn service provider that are providing fast speed and uninterrupted services. Glad to get such good services at such great prices.
ReplyDeleteI really like your take on the issue. I now have a clear idea on what this matter is all about..
ReplyDeletecompany
thank you for a great post.
ReplyDeletehide my ass reviews
Hi! Thanks for the great information you havr provided! You have touched on crucuial points!
ReplyDeletebuy here
Factually stated, about 75% of Devices are Operated using Windows. FastestVPN offers Best VPN for Windows for complete anonymity to the users of Windows.
ReplyDeleteCyber Monday Special Deal - Get Ivacy VPN on this cyber monday for Just $1.34/Month
ReplyDeleteCyber Monday VPN Deal
Use promo code icm10 for discount price.
I went over this website and I believe you have a lot of wonderful information, saved to my bookmarks nord vpn free trial
ReplyDeleteHere you will learn what is important, it gives you a link to an interesting web page: windows 10
ReplyDelete