Simple Step - Implementing VPN in Windows Server 2012 R2 - Just A Random - Microsoft Server - Client Tech - Info

10/18/2016 Simple Step : Implementing VPN in Windows Server 2012 R2 | Just a random "Microsoft Server / Client Tech" info..
Just a random ʺMicrosoft Server / Client Techʺ info..
ʺFeeding Your Training and Technology Obsessionsʺ
Simple Step : Implementing VPN in Windows Server
2012 R2
November 21, 2014
VPN provides secure access to organizations’ internal data and applications to clients and devices that
are using the Internet.
To properly implement and support a VPN environment within your organization, you must
understand how to select a suitable tunnelling protocol, configure VPN authentication, and configure
the server role to support your chosen configuration.
As in previous versions of Windows Server, there are two types of VPN connection available
in Windows Server 2012 R2 :
• Remote access
• Site‑to‑site
Remote Access VPN Connections
Remote access VPN connections enable your users who are working offsite, such as at home, at
a customer site, or from a public wireless access point, to access a server on your organization’s private
network by using the infrastructure that a public network, such as the Internet, provides.
Site‑to‑Site VPN Connections
Site‑to‑site VPN connections, which are also known as router‑to‑router VPN connections, enable
your organization to establish routed connections between separate offices or with other organizations
over a public network while helping to maintain secure communications. A routed VPN connection
across the Internet logically operates as a dedicated wide area network (WAN) link. When networks
connect over the Internet, a router forwards packets to another router across a VPN connection. To the
routers, the VPN
connection operates as a data‑link layer link.
So in my post this time, lets go through a simple step how you can implement VPN in your
infrastructure and for this demo purposes, i will continue using the same VM that i had for my
DirectAccess implementation.
Please do refer to my previous DirectAccess post on what kind of VM’s that i use to implement this
VPN.
h Ⰰps://mizitechinfo.wordpress.com/2014/11/20/step‑by‑step‑implementing‑basic‑directaccess‑in‑
windows‑server‑2012‑r2/ (h Ⰰps://mizitechinfo.wordpress.com/2014/11/20/step‑by‑step‑implementing‑
basic‑directaccess‑in‑windows‑server‑2012‑r2/)
For more information about VPN / Remote Access, please do log in to : h Ⰰp://technet.microsoft.com/en‑
https://mizitechinfo.wordpress.com/2014/11/21/simplestepimplementingvpninwindowsserver2012r2/ 1/28
For more information about VPN / Remote Access, please do log in to : h Ⰰp://technet.microsoft.com/en‑
us/library/dn383589.aspx (h Ⰰp://technet.microsoft.com/en‑us/library/dn383589.aspx)
Lets get started with our VPN configuration.
1st, lets review some of the Routing & Remote Access se Ⰰings and do dome some changes on the
RRAS.
1 – Log in to LON‑RTR server, open Server Manager, click Tools and then click Remote Access
Management Console…
(h Ⰰps://mizitechinfo.files.wordpress.com/2014/11/116.png)
2 – In the Remote Access Management Console, click DirectAccess and VPN, and from the Actions pane,
under the VPN section, click Enable VPN…
3 – In the Enable VPN box, click OK…
3 – In the Enable VPN box, click OK…
4 – Verify that the configuration was applied successfully and then click Close…
5 – Next, switch to Server Manager, click Tools and then click Routing and Remote Access…
6 – Next, in the Routing and Remote Access console, expand LON‑RTR, right‑click ports, click
Properties…
7 – Verify that 128 ports exist for SSTP, IKEv2, PPTP, and L2TP, then double‑click WAN Miniport (SSTP)
…
8 – In the Maximum ports box, type 5, and then click OK…
9 – In the Routing and Remote Access message box, click Yes…
10 – Repeat the same step no.8 & 9 for IKEv2, PPTP, and L2TP, then click OK…
11 – Next, right‑click LON‑RTR (local), click Properties…
12 – In the General tab, verify that IPv4 Remote access server is selected…
13 – Next, click Security, and then verify that Certificate 131.107.0.10 is selected for SSL Certificate
Binding, and then click Authentication Methods…
14 – In the Authentication Methods box, verify that EAP is selected as the authentication protocol and
then click OK…
15 – Next, click the IPv4 tab, and then verify that the VPN server is configured to assign IPv4 addressing
15 – Next, click the IPv4 tab, and then verify that the VPN server is configured to assign IPv4 addressing
by using Dynamic Host Configuration Protocol (DHCP), click OK to close the Properties interface…
2nd, before we proceed, please make sure that you verify the certificate requirements for IKEv2 and
SSTP in LON‑RTR Server…
1 – In LON‑RTR Server, open MMC, click File and then click Add/Remove Snap‑in…
2 – In the Add/Remove Snap‑in interface, click Certificates, click Add, select Computer account, and then
click Next…
3 – Click Local computer and then click Finish…
4 – To close the Add or Remove Snap‑in, click OK…
5 – Next, expand Certificates (Local Computer), expand Personal, and then click Certificates.
— Notice that certificate 131.107.0.10, this certificate is for Server Authentication (this is required for
Secure Socket Tunneling Protocol (SSTP) and Internet Key Exchange version 2 (IKEv2) VPN
connectivity).
3rd, its time now for us to configure the Remote Access Server…
1 – Still in the LON‑RTR server, open Server Manager, on the Tools menu, click Network Policy Server.
..
2 – In the Network Policy Server console, expand Policies, and then click Network Policies.
– Right‑click the policy at the top & bo Ⰰom of the list, and then click Disable…
3 – Next, in the navigation pane, right‑click Network Policies, and then click New…
4 – In the New Network Policy wizard, in the Policy name box, type Adatum VPN Policy, then in the
Type of network access server list, click Remote Access Server(VPN‑Dial up), and then click Next…
5 – On the Specify Conditions interface, click Add…
6 – In the Select condition interface, click Windows Groups, and then click Add…
7 – In the Windows Groups interface, click Add Groups…
8 – Type IT, and then click OK (you can choose your own group that you prefer)…
9 – In the Windows Groups interface, verify that ADATUM\IT is listed, and then click OK…
10 – In the Specify Conditions interface, click Next…
11 – In the Specify Access Permission interface, click Access granted, and then click Next…
12 – On the Configure Authentication Methods interface, make sure that you clear the Microsoft
Encrypted Authentication (MSCHAP)
check box, and then to add EAP Types, click Add…
13 – On the Add EAP Types interface, select Microsoft Secured password (EAP‑MSCHAP v2), and then
click OK…
14 – repeat the same step above but this time choose Microsoft: Smart Card or other certificate, then click
Next…
15 – On the Configure Constraints interface, click Next…
16 – On the Configure Se Ⰰings interface, click Next…
17 – On the Completing New Network Policy interface, click Finish…
Till this step, we’ve successful modified the remote access server configuration to provide VPN
connectivity.
4th, so now lets verify our VPN connectivity in our Windows 8.1 client…
1 – On the Windows 8.1 client PC, open Network and Sharing Center, then click Set up a new connection
or network…
2 – Next, on the Choose a connection option interface, click Connect to a workplace, and then click
Next…
3 – On the How do you want to connect? interface, click Use my Internet connection (VPN)…
4 – On the Connect to a Workplace interface, click I’ll set up an Internet connection later…
4 – On the Connect to a Workplace interface, click I’ll set up an Internet connection later…
5 – In the Internet address box, type 131.107.0.10 (LON‑RTR IP Address)…
— In the Destination name box, type HQ VPN, select Allow other people to use this
connection checkbox, and then click Create…
6 – Next, right‑click HQ VPN connection and select Properties…
7 – In the HQ VPN Properties, click the Security tab, select Allow these protocols, ensure that Microsoft
7 – In the HQ VPN Properties, click the Security tab, select Allow these protocols, ensure that Microsoft
CHAP version 2 (MSCHAP
v2) is selected, and then click OK…
8 – Next, right click HQ VPN, and then click Connect…
9 – In the Network list, under HQ VPN, click connect…
10 – In the sign‑in dialog box, type the domain user from IT department and then click OK…
11 – Verify that you are connected to Adatum by using a PPTP connection, right click HQ VPN and then
11 – Verify that you are connected to Adatum by using a PPTP connection, right click HQ VPN and then
click Status…
Orait, that all for now, we’ve connected to HQ VPN successfully…
box, type Pa$$w0rd, and then click OK.
About these ads (https://wordpress.com/abouttheseads/)
TVUnterschrank aus Palis…
TVUnterschrank aus Palisander
mit geräumiger Ablagefläche (H
19,5 x B 33 x T 27 cm), einem …
399 €
Kaufen
Würfel aus Palisander Kw…
From → Windows Server 2012 R2
Leave a Comment
Blog at WordPress.com.

Simple Step - Implementing VPN in Windows Server 2012 R2 - Just A Random - Microsoft Server - Client Tech - Info

Diunggah oleh

Informasi Dokumen

Deskripsi Asli:

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Simple Step - Implementing VPN in Windows Server 2012 R2 - Just A Random - Microsoft Server - Client Tech - Info

Diunggah oleh

Hak Cipta:

Format Tersedia

10/18/2016 Simple Step : Implementing VPN in Windows Server 2012 R2 | Just a random "Microsoft Server / Client Tech" info..

Anda mungkin juga menyukai