Configuring a Virtual Private Network (VPN) on Windows Server 2012

Does any employee, manager or director of your organization wanted to use their files, applications, printers and other resources of the office from outside (Home, out of country or on the road) or have you ever faced a situation where you wanted to connect your sub branches to your main branch securely.
None of the above tasks can be done without using a VPN, and as IT personnel, it is your job to plan, configure and maintain a VPN server + VPN client in your organization if needed. in this post, we will learn Step - by - Step configuration of a VPN server using Windows Server 2012 and then, will have a look at client side configuration using windows 8.1. However, before that you will have to understand what a VPN is. It is 100% grunted that until the end of this post you would be able to understand what a VPN is and how to configure it using Windows Server 2012 and windows 8.1. So do not Stop Reading.

What is a VPN?

A Virtual Private Network (VPN) is a network technology that creates a secure network connection over a public network such as the internet or a private network owned by a service provider. Large corporations, educational institutions, and government agencies use VPN technology to enable remote users, securely connect to their private network.
A VPN can connect multiple sites over a large distance just like a Wide Area Network (WAN). VPNs are often used to extend intranets worldwide to disseminate information and news to a wide user base. Educational institutions use VPNs to connect campuses that can be distributed across the country or around the world.
In order to gain access to the private network, a user must be authenticated using a unique identification and a password. An authentication token is often used to gain access to a private network through a personal identification number (PIN) that a user must enter. The PIN is a unique authentication code that changes according to a specific frequency, usually every 30 seconds or so.

Installing and Configuring VPN on Windows Server 2012

Follow the following steps to configure VPN on a Windows Server 2012
  1. Go to "Server Manager" from the left side pane click on "Dashboard" and then from right side windows click on "Add Roles and Features" which will open the Add Roles and Features Wizard for you.
  2. In Add Roles and Features Wizard click on "Next".
  3. Select "Role-based or Features-based installation" radio button and then click "Next".
  4. Select the "Select a Server from the server pool" radio button then select the server you want to make it VPN server and then click "Next".
  5. Now search for "Network Policy and Access Services" role, extend it and then check the "Network Policy Server" checkbox. After that search for "Remote Access" role extend it and then check the "Direct Access and VPN (RAS)" and "Routing" checkboxes and then click "Next".
  6. Do not select or check any check box from the features menu and click on "Next".
  7. At last, click on "Install" and wit for the installation to get finished. Then click on "Close" once installation is finished. 
  8. Now from "Server Manager" click on "Tools" and then click on "Network Policy Server".
  9. From the left side pan extend "Policy" and then click on "Network Policies".
  10. From the right side pan right click on "Connection to Microsoft Routing and Remote Access Server" and then click on "Properties".
  11. Select the "Grand access. Grand access if the connection request matches this policy" radio button and then click "Ok". Then do the same process with the "Connections to other access servers" as well. Then close the "Network Policy Server" console.
  12. From "Server Manager" click on "Tools" and then click on "Routing and Remote Access".
  13. From the left side pan right click on server name and click on "Configure and Enable Routing and Remote Access".
  14. From the opened wizard click on "Next", select the "Remote access (dial-up or VPN)" radio button and then click "Next".
  15. Check the "VPN" checkbox and click "Next".
  16. Now select the network adapter, which is connected with internet, uncheck the checkbox "Enable Security on the selected interface by setting up static packet filters". then click "Next".
  17. Select the "Automatically" radio button and click "Next".
  18. We do not have RADIUS server configured in our network so we select "No use Routing and Remote Access to authenticate connection requests" radio button and click "Next".
  19. And at last click on "Finish", "Ok", "Ok" and then wait for installation to get completed.
that is all and you are done with your configuration on server side.

Client side configuration windows 8.1

Now you have to establish a VPN network between a user and a server. To do so you should do some configuration on client side as well so follow the following steps.
  1. Open "Network and Sharing Center".
  2. Click on "Set up a new connection or network" which will open a wizard for you.
  3. choose "connect to a work place" and click "Next".
  4. click on "Use my internet connection (VPN)", in the internet address textbox give the IP address of the server you want to connect to then assign a name for the connection, uncheck all the check boxes except "Remember my credentials".
  5. From "Network and Sharing Center" click on "Change Adapter Settings", right click on the created VPN connection and then click on "Properties".
  6. From the top click on "Security" tab, select the "Allow these protocols" radio button uncheck all the checkboxes except "Microsoft CHAP version 2(MS-CHAP v2)" and click "OK".
  7. Now right click on the created VPN connection and click on "connect/disconnect".
  8. you will be prompt to enter the uesrname and password assigned by server. give username and password of your server and click "Ok".


For the test purpose I recommend, you should turn off the windows firewalls on both the windows server 2012 and windows 8.1 sides. and this is also recommended that you should have at least two Network Interface Cards to Practice it. one for Internet and the second one for your LAN connection but if you are practicing it using virtual machine you can add as many NIC's as much you want.

I hope you have learned something from this a little bit long tutorial. Feel free to give comments and feedback. Until next tutorial have a nice time.

best regards
Ahmad Waleed Khaliqi

Post a Comment

Previous Post Next Post

Ads Unit Top

Ads Botom