How to Set Up VPN on a Windows Server – A Comprehensive Guide
Posted on | Meysam Sadeghi |
Setting up a Virtual Private Network (VPN) on a Windows Server can provide you with enhanced security and privacy. VPNs are a vital component in modern networking and having one on your server can bring many benefits such as encrypted connections, access to restricted content, and more.
In this comprehensive guide by SRVPS, we’re going to walk you through the process of setting up a VPN on a Windows Server step by step. Before we get started, make sure you have a Windows Server up and running. If you don’t have one yet, visit srvps.com/vps/ to purchase your own virtual server with the ability to choose from various countries.
Prerequisites
To begin, ensure that you have the following:
- An active Windows Server. If you need a virtual server, SRVPS offers reliable Windows Virtual Servers.
- Administrative access to the server.
- A stable Internet connection.
Step 1: Installing the VPN Role on Your Windows Server
- Launch the Server Manager: To start, click on the
Start
button and selectServer Manager
. This application allows you to manage your server roles and features. - Access the Add Roles and Features Wizard: In the Server Manager dashboard, you’ll find a menu on the top right corner. Click on
Manage
and from the drop-down list, selectAdd Roles and Features
. This will open theAdd Roles and Features Wizard
. - Navigate through the Wizard: You’ll be presented with a
Before you begin
page that offers some information about the wizard. Read through and clickNext
. ChooseRole-based or feature-based installation
for installation type and clickNext
. - Select the Server: In the
Server Selection
tab, choose the server on which you want to install the VPN role and clickNext
. - Select the Server Role: In the
Server Roles
tab, you will see a list of roles that can be installed on your server. Scroll down and locateRemote Access
. Check the box next to it. A new window will pop up with additional features that are required for Remote Access. ClickAdd Features
thenNext
. - Confirm Installation Selections and Install: Finally, you’ll be directed to the
Confirmation
page where you can review your choices. Once satisfied, clickInstall
to start the process. The installation time may vary depending on your server’s specifications.
Congratulations! You have successfully installed the VPN role on your Windows Server. You can now proceed to the next step which involves configuring the VPN.
Step 2: Configuring the VPN Role on Your Windows Server
- Open Routing and Remote Access: To begin, you need to access the
Routing and Remote Access
tool. From theServer Manager
dashboard, find theTools
menu in the upper right corner. Click on it and selectRouting and Remote Access
from the drop-down list. - Enable Routing and Remote Access: In the new window, you’ll see your server listed in the left pane. Right-click on the server name and select
Configure and Enable Routing and Remote Access
. This will open up a new wizard that guides you through the configuration process. - Choose Your Configuration: A new wizard window will open. Select
Network address translation (NAT)
option if your server is connected directly to the Internet. If it isn’t, selectSecure connection between two private networks
. ClickNext
. - Select Your Internet-facing Interface: The wizard will now ask you to choose the network interface that is connected to the Internet. Select the appropriate interface from the drop-down list and click
Next
. - Specify IP Address Assignment: Here, you can either allow the server to automatically assign IP addresses, or you can specify a range of addresses manually. Make your choice and click
Next
. - Enable RADIUS Server (Optional): If you want to integrate with an existing enterprise-wide authentication system (like a RADIUS server), you can enable it here. If not, just click
Next
. - Complete the Wizard: Review your settings in the summary page. If everything is correct, click
Finish
to complete the setup.
You’ve successfully configured the VPN role on your Windows Server. The next step is to configure the necessary policies and access rights to allow VPN connections.
Step 3: Granting Access to Your VPN on Windows Server
- Navigate to Network Policy Server: Start by accessing the Network Policy Server (NPS). You can do this by going to your
Server Manager
, clicking onTools
, and then selectingNetwork Policy Server
from the dropdown menu. - Create a New Network Policy: In the NPS console, in the left pane, navigate to
Policies
, and then click onNetwork Policies
. In the main pane, right-click in the open area and selectNew
to create a new network policy. - Set Policy Details: A New Network Policy wizard will open. Enter a descriptive policy name, leave the type of network access server as
Remote Access Server (VPN-Dial up)
, and then clickNext
. - Specify Conditions: In the
Specify Conditions
page, clickAdd
. In theSelect condition
dialog box, scroll down and click onTunnel Type
. SelectLayer Two Tunneling Protocol (L2TP)
andPoint-to-Point Tunneling Protocol (PPTP)
, then clickOK
. ClickNext
. - Configure Access Permissions: In the
Access Permission
page, ensureAccess granted
is selected for the network policy to determine whether to grant the connection request. ClickNext
. - Configure Authentication Methods: In the
Authentication Methods
page, select the authentication methods required for the network policy. For VPN connections, selectMicrosoft Encrypted Authentication version 2 (MS-CHAP-v2)
and clickNext
. - Configure Constraints: In the
Configure Constraints
page, you can leave the default settings and clickNext
. - Configure Settings: In the
Configure Settings
page, leave the default settings and clickNext
. - Finish Creating Network Policy: Review your settings in the
Completing New Network Policy
page, then clickFinish
.
Congratulations! You’ve successfully set up and configured a VPN on your Windows Server. Now you’re ready to start using your VPN to secure and manage your network traffic.