This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi all,
I've mostly setup a W2012 Server R2 machine. Now I'm into setting up the VPN.
I've followed the (somewhat) simple tasks of adding the role etc. But I get the feeling that
is not a complete effort. I'm new to building/setting up a VPN. Sorry for my (gross?) ignorance.
If anyone has a (simple?) (concise?) link that describes the entire process of setting up and proving
a VPN please lay it on me. Something like: I. add the vpn role II. add the users to the VPN
III setup domain(?? required?) IV open ports on x equipment. V. install x software on wkstation. VI. login with vpn user info using x software on wkstn.
That would be (I suppose) ideal.
A few months ago I tried to setup a VPN on a W2003 server (hahaha). It had never been a "domain" machine.
The effort gave it a name of "<theservername>.<theorganizationname>.local" where as (for the last, ohhh, 13 years)
the previous url had just been <theservername>. It had always been only available via IIS on a lan.
The result was a debacle in down-time. Recovery successful, but very painful even with Carbonite backups.
otw and anyway:
My last few steps from a "instructional" found on-line for "installing a VPN on W2012" were:
12. Click on the Open Getting Started Wizard to complete the VPN configuration.
13. Select Deploy VPN Only
14. This opens the MMC for Routing and Remote Access
15. Right click the server and select Configure and Enable Routing and Remote Access
16. This launches the Setup Wizard
17. Since their is only one network interface you will need to choose Custom Configuration.
Next
18. Check VPN Access. Next
19. Finish the Wizard.
Those instructs weren't exactly what i saw as i progressed but I do believe I got to every
where I needed to go. One difference above is this server has 2 nics -- nic1 is dedicated to a VM. Nic2 will be the VPN
and other server user's in/out access.
When i try to access the VPNserver via W7 wkstn I followed the task of estblshing a new cx:
"Set connecton to workplace". That cx is in place. Repeated attempts to connect with
different properties/parameters etc. yields only failure.
I've been attempting to use the only login available on the server at this point:
\win2012VPNmachine\administrator
the vpn type had been Automatic. I also tried via the (local) ip (192.168.1.75).
And I tried all of the specific vpn types. None worked and depending on the attempt gen'd 800, 807, 810 or 0x800b0109 errors. PPTP seems like the type-of-choice from the posts/links I've read.
I don't know if the topology matters:
Ultimately this server will be in an office where: ISP is Charter/TimeWarner. The modem is theirs.
The server will sit connected to a Dell Managed Switch (ours) which in turn connects to the modem.
My current, test, environment: both machines are on a LAN behind an ISP modem/router, no switch.
Is this the kind of situation where cisco anyconnect could be/is useful?
I tried using Anyconnect but got nothing but rejects.
Finally, I turned off the firewalls on wkstn and server, attempted using w2012 admin/pw and got an
812 ("< prevented policy conflict on your rasvpn server. auth method...>").
from reading other links on this forum. It seems like I need to setup policies, open port(s) and/or users
but where/how?
At this point I'm not going crazy fancy. Just the minimum baby steps to get a VPN in the office
available simply, securely, outside the office.
Thanks for any pointers.
Welcome to our new Microsoft Q&A Platform.
>>If anyone has a (simple?) (concise?) link that describes the _entire_ process of setting up and proving a VPN please lay it on me.
The VPN server should be configured with two network interfaces; one internal and one external. This configuration allows for a better security posture, as the external network interface can have a more restrictive firewall profile than the internal interface. A server with two network interfaces requires special attention to the network configuration. Only the external network interface is configured with a default gateway. Without a default gateway on the internal network interface, static routes will have to be configured on the server to allow communication to any remote internal subnets.
For how to configure VPN in Windows Server 2012 R2, please refer to the following link:
http://techgenix.com/configure-vpn-windows-server-2012-r2/
Please note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
For your reference:
Understanding VPN configuration in Windows Server 2012 R2 Essentials