Setting up a Virtual Private Network (VPN) on a Windows Server can provide you with enhanced security and privacy. VPNs are a vital component in modern networking and having one on your server can bring many benefits such as encrypted connections, access to restricted content, and more.
In this comprehensive guide by SRVPS, we’re going to walk you through the process of setting up a VPN on a Windows Server step by step. Before we get started, make sure you have a Windows Server up and running. If you don’t have one yet, visit srvps.com/vps/ to purchase your own virtual server with the ability to choose from various countries.
To begin, ensure that you have the following:
- An active Windows Server. If you need a virtual server, SRVPS offers reliable Windows Virtual Servers.
- Administrative access to the server.
- A stable Internet connection.
Step 1: Installing the VPN Role on Your Windows Server
- Launch the Server Manager: To start, click on the
Startbutton and select
Server Manager. This application allows you to manage your server roles and features.
- Access the Add Roles and Features Wizard: In the Server Manager dashboard, you’ll find a menu on the top right corner. Click on
Manageand from the drop-down list, select
Add Roles and Features. This will open the
Add Roles and Features Wizard.
- Navigate through the Wizard: You’ll be presented with a
Before you beginpage that offers some information about the wizard. Read through and click
Role-based or feature-based installationfor installation type and click
- Select the Server: In the
Server Selectiontab, choose the server on which you want to install the VPN role and click
- Select the Server Role: In the
Server Rolestab, you will see a list of roles that can be installed on your server. Scroll down and locate
Remote Access. Check the box next to it. A new window will pop up with additional features that are required for Remote Access. Click
- Confirm Installation Selections and Install: Finally, you’ll be directed to the
Confirmationpage where you can review your choices. Once satisfied, click
Installto start the process. The installation time may vary depending on your server’s specifications.
Congratulations! You have successfully installed the VPN role on your Windows Server. You can now proceed to the next step which involves configuring the VPN.
Step 2: Configuring the VPN Role on Your Windows Server
- Open Routing and Remote Access: To begin, you need to access the
Routing and Remote Accesstool. From the
Server Managerdashboard, find the
Toolsmenu in the upper right corner. Click on it and select
Routing and Remote Accessfrom the drop-down list.
- Enable Routing and Remote Access: In the new window, you’ll see your server listed in the left pane. Right-click on the server name and select
Configure and Enable Routing and Remote Access. This will open up a new wizard that guides you through the configuration process.
- Choose Your Configuration: A new wizard window will open. Select
Network address translation (NAT)option if your server is connected directly to the Internet. If it isn’t, select
Secure connection between two private networks. Click
- Select Your Internet-facing Interface: The wizard will now ask you to choose the network interface that is connected to the Internet. Select the appropriate interface from the drop-down list and click
- Specify IP Address Assignment: Here, you can either allow the server to automatically assign IP addresses, or you can specify a range of addresses manually. Make your choice and click
- Enable RADIUS Server (Optional): If you want to integrate with an existing enterprise-wide authentication system (like a RADIUS server), you can enable it here. If not, just click
- Complete the Wizard: Review your settings in the summary page. If everything is correct, click
Finishto complete the setup.
You’ve successfully configured the VPN role on your Windows Server. The next step is to configure the necessary policies and access rights to allow VPN connections.
Step 3: Granting Access to Your VPN on Windows Server
- Navigate to Network Policy Server: Start by accessing the Network Policy Server (NPS). You can do this by going to your
Server Manager, clicking on
Tools, and then selecting
Network Policy Serverfrom the dropdown menu.
- Create a New Network Policy: In the NPS console, in the left pane, navigate to
Policies, and then click on
Network Policies. In the main pane, right-click in the open area and select
Newto create a new network policy.
- Set Policy Details: A New Network Policy wizard will open. Enter a descriptive policy name, leave the type of network access server as
Remote Access Server (VPN-Dial up), and then click
- Specify Conditions: In the
Specify Conditionspage, click
Add. In the
Select conditiondialog box, scroll down and click on
Tunnel Type. Select
Layer Two Tunneling Protocol (L2TP)and
Point-to-Point Tunneling Protocol (PPTP), then click
- Configure Access Permissions: In the
Access Permissionpage, ensure
Access grantedis selected for the network policy to determine whether to grant the connection request. Click
- Configure Authentication Methods: In the
Authentication Methodspage, select the authentication methods required for the network policy. For VPN connections, select
Microsoft Encrypted Authentication version 2 (MS-CHAP-v2)and click
- Configure Constraints: In the
Configure Constraintspage, you can leave the default settings and click
- Configure Settings: In the
Configure Settingspage, leave the default settings and click
- Finish Creating Network Policy: Review your settings in the
Completing New Network Policypage, then click
Congratulations! You’ve successfully set up and configured a VPN on your Windows Server. Now you’re ready to start using your VPN to secure and manage your network traffic.