VPN on Windows Server

What is a VPN?

VPN stands for Virtual Private Network. This is a virtual version of a secure physical network that us usually connected to over the internet.
The VPN can allow you to connect into your domain network from anywhere in the world.

Why would you use a VPN though your server?

There are some really good reasons to start using a VPN.
It secures your traffic, because all of the traffic that goes though your VPN is encrypted all of your browsing is secure and safe from potential hackers that are on the “Free WiFi” you are using.
Access your network from anywhere, when connecting to a VPN on windows server you can have all of your network shared folders or enterprise software able to run from anywhere in the world with an internet connection. This can be really useful for remote workers or even people that need to jump into the network to finish off a document at home.
Configuring the VPN on Windows Server
To configure a VPN on Windows Server 2012 R2 you will need to install the “Remote Access” role on your server. To do this follow these steps:
  • Open Server Manager
  • Select Add Roles and Features
  • Select Role or Feature based installation
  • Select your server
  • Tick the Remote Access Role
  • Hit the next button until you get to “Role Services”
  • Select “Direct Access and VPN(RAS)” and hit next through the rest of the steps
  • Hit the install button
  • Then close the screen
Once the installation of the Remote Access role is finished you will need to configure the role. It will prompt you to do this in the server manager, when it does select to start the Getting Started Wizard.
This will open up a new dialog box, follow these steps to configure the Remote Access:
  • You will need to select Remote Access and VPN then select nex
  • Then you will need to put in the external IP address that people will be connecting through
  • Select next through the rest of the steps
This should be done automaticcaly but it is good to check just to make sure. To check that Remote Access is allowed through firewall on the server, to do this you will need to:
  • Search for firewall in the start menu
  • Open the option to allow an app through the firewall
  • Scroll down to Remote Access
  • Make sure that all three options are ticked
Now you will need to give the users permission to log into the VPN. This part is done in Active Directory Users and Groups, you will need to:
  • Open Active Directory Users and Groups console
  • Create a group for this(I like to call it VPNUsers but it doesn’t really matter)
  • Give the group VPN permission
  • Add users to the group
Now for the final stage, you will need to test the VPN. To do this you will need to get a Windows computer and add a VPN connection to the external IP address of the network.
You will use your domain credentials to login to the VPN. This will give you full access to the network including shares and any other internal applications.
Be aware that it will most likely run slower depending on the type of Internet connection you are using or your office has.
To learn more about VPN and other Server Technologies, please consider the IT Futures Microsoft Windows Server 2012 R2 Training Course.
Posted in: