Windows Server 2012 R2 Vpn Client

VPN provides secure access to organizations' internal data and applications to clients and devices that are using the Internet.

To properly implement and support a VPN environment within your organization, you lot must understand how to select a suitable tunnelling protocol, configure VPN authentication, and configure the server part to back up your chosen configuration.

Equally in previous versions of Windows Server, at that place are two types of VPN connection bachelor in Windows Server 2012 R2 :
• Remote admission
• Site-to-site

Remote Access VPN Connections

Remote access VPN connections enable your users who are working offsite, such as at dwelling house, at a customer site, or from a public wireless access indicate, to access a server on your organisation'south private network by using the infrastructure that a public network, such as the Net, provides.

Site-to-Site VPN Connections

Site-to-site VPN connections, which are also known as router-to-router VPN connections, enable your organisation to found routed connections betwixt divide offices or with other organizations over a public network while helping to maintain secure communications. A routed VPN connection across the Internet logically operates as a dedicated wide area network (WAN) link. When networks connect over the Internet, a router forwards packets to another router beyond a VPN connection. To the routers, the VPN
connection operates as a data-link layer link.

Then in my post this time, lets become through a uncomplicated step how you can implement VPN in your infrastructure and for this demo purposes, i will continue using the same VM that i had for my DirectAccess implementation.

Delight do refer to my previous DirectAccess post on what kind of VM'due south that i utilise to implement this VPN.

https://mizitechinfo.wordpress.com/2014/11/xx/step-past-stride-implementing-basic-directaccess-in-windows-server-2012-r2/

For more information most VPN / Remote Admission, please exercise log in to : http://technet.microsoft.com/en-us/library/dn383589.aspx

Lets get started with our VPN configuration.

1st, lets review some of the Routing & Remote Admission settings and do dome some changes on the RRAS.

ane – Log in to LON-RTR server, open Server Manager, click Tools and then click Remote Access Management Console…

2 – In the Remote Admission Management Console, click DirectAccess and VPN, and from the Actions pane, under the VPN department, click Enable VPN…

three – In the Enable VPN box, click OK…

4 – Verify that the configuration was applied successfully then click Close…

v – Next, switch to Server Manager, click Tools and then click Routing and Remote Access…

6 – Side by side, in the Routing and Remote Access console, aggrandize LON-RTR, right-click ports, click Properties…

seven – Verify that 128 ports exist for SSTP, IKEv2, PPTP, and L2TP, then double-click WAN Miniport (SSTP)…

8 – In the Maximum ports box, type 5, and then click OK…

ix – In the Routing and Remote Access message box, click Yes…

ten – Repeat the aforementioned step no.viii & 9 for IKEv2, PPTP, and L2TP,  then click OK…

11 – Next, right-click LON-RTR (local), click Properties…

12 – In the General tab, verify that IPv4 Remote admission server is selected…

13 – Adjacent, click Security, and and so verify that Certificate 131.107.0.10 is selected for SSL Certificate Bounden, and then click Hallmark Methods…

14 – In the Hallmark Methods box, verify that EAP is selected as the hallmark protocol and and then click OK…

xv – Next, click the IPv4 tab, and so verify that the VPN server is configured to assign IPv4 addressing by using Dynamic Host Configuration Protocol (DHCP), click OK to shut the Backdrop interface…

2nd, earlier nosotros proceed, delight make sure that you verify the document requirements for IKEv2 and SSTP in LON-RTR Server…

1 – In LON-RTR Server, open MMC, click File and then click Add/Remove Snap-in…

2 – In the Add/Remove Snap-in interface, click Certificates, click Add, select Computer account, and and so click Next…

3 – Click Local computer and then click Finish…

iv – To close the Add or Remove Snap-in, click OK…

five – Side by side, expand Certificates (Local Computer), expand Personal, and then click Certificates.

— Notice that certificate 131.107.0.10, this certificate is for Server Authentication (this is required for Secure Socket Tunneling Protocol (SSTP) and Internet Key Commutation version 2 (IKEv2) VPN connectivity).

3rd, its time at present for us to configure the Remote Access Server…

1 – Notwithstanding in the  LON-RTR server, open Server Managing director, on the Tools menu, click Network Policy Server. ..

2 – In the Network Policy Server console, expand Policies, and then click Network Policies.

– Right-click the policy at the meridian & bottom of the list, and then click Disable…

3 – Adjacent, in the navigation pane, right-click Network Policies, and then click New…

4 – In the New Network Policy sorcerer, in the Policy proper noun box, type Adatum VPN Policy, then in the Type of network access server listing, click Remote Access Server(VPN-Dial up), so click Next…

5 – On the Specify Conditions interface, click Add…

6 – In the Select condition interface, click Windows Groups, and then click Add…

7 – In the Windows Groups interface, click Add Groups…

8 – Type Information technology, and then click OK (yous can choose your own group that y'all prefer)…

9 – In the Windows Groups interface, verify that ADATUM\It is listed, and then click OK…

10 – In the Specify Weather interface, click Adjacent…

11 – In the Specify Access Permission interface, click Access granted, and and so click Side by side…

12 – On the Configure Authentication Methods interface, make sure that you articulate the Microsoft Encrypted Hallmark (MSCHAP)
check box, and then to add EAP Types, click Add…

13 – On the Add EAP Types interface, select Microsoft Secured countersign (EAP-MSCHAP v2), and then click OK…

14 – repeat the same step above but this time choose Microsoft: Smart Card or other certificate, so click Adjacent…

15 – On the Configure Constraints interface, click Next…

xvi – On the Configure Settings interface, click Next…

17 – On the Completing New Network Policy interface, click Cease…

Till this step, nosotros've successful modified the remote admission server configuration to provide VPN connectivity.

4th, so now lets verify our VPN connectivity in our Windows 8.1 customer…

1 – On the Windows 8.1 customer PC, open Network and Sharing Center, then click Set upwards a new connection or network…

2 – Next, on the Choose a connection option interface, click Connect to a workplace, and then click Next…

iii – On the How practice y'all want to connect? interface, click Use my Internet connectedness (VPN)…

four – On the Connect to a Workplace interface, click I'll set upward an Cyberspace connection after…

five – In the Internet address box, type 131.107.0.ten (LON-RTR IP Address)…

— In the Destination name box, type HQ VPN, select Permit other people to use this connection checkbox, and and so click Create…

6 – Next, correct-click HQ VPN connection and select Properties…

7 – In the HQ VPN Backdrop, click the Security tab, select Let these protocols, ensure that Microsoft CHAP version two (MSCHAP
v2) is selected, and and so click OK…

8 – Next, right click HQ VPN, so click Connect…

9 – In the Network list, nether HQ VPN, click connect…

ten – In the sign-in dialog box, type the domain user from It section then click OK…

11 – Verify that you are connected to Adatum by using a PPTP connection, right click HQ VPN and and so click Status…

Orait, that all for now, we've continued to HQ VPN successfully…

box, blazon Pa$$w0rd, and and then click OK.

Windows Server 2012 R2 Vpn Client,

Source: https://mizitechinfo.wordpress.com/2014/11/21/simple-step-implementing-vpn-in-windows-server-2012-r2/

Posted by: catojects1988.blogspot.com

Share this post