How to install and configure Remote Access (VPN) on Windows Server 2012 R2 (Step by Step guide)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello friends the snick from adobe solutions and today i'm going to show you how to install and configure remote access on Windows Server 2012 r2 we all know that the PPN server is a core solution that is implemented in Windows servers from a long time ago with older versions of the Windows Server and in our days a lot of corporations and environments need this remote access for their users to perform their day-to-day tasks so in this video I'm going to install the remote access role on Windows Server 2012 r2 then I'm going to configure the remote access role for VPN only after we configure this I'm going to switch to the remote taxes Raticate remote access console and I'm going to configure all the settings that are needed for my users to be able to connect to my VPN server after that I'm going to switch to a Windows 10 client machine and in there I'm going to configure a VPN connection so we can test out to confirm that my VPN server is working fine before we switch to the demo I just want to provide you some tips and tricks depending on the tunnel tunneling protocol that you're going to use for your VPN server you need to take care of and you need to open some ports on your firewalls on or or on your routers and as I said depending on the tunneling protocol you have several different options and you can see the ports that are needed in my case I'm going to use the PPTP protocol and it requires port 17 23 TCP and the protocol 47 the GRE and I seen a lot of issues with the GRE protocol a lot of internet providers are blocking this pass-through so if you have any problems with connecting to your VPN server from home for example you need to see if your internet provider your ISP is blocking this for you and another tip and trick in order for you to connect to the VPN server your administrator needs to provide you with the needed access the needed permissions to perform a Dow n so let's start with the demonstration so first what we need to do is we need to install the remote access role so I'm going to log in to my Windows Server 2012 r2 I'm going to start by adding this role to to my server and as you all know you can add and remove roles from the manager into the server manager dashboard and from here I'm going to click Next select the server scroll down a bit and here you can see the remote access role and basically this remote access role provides a lot of functionalities like direct access VPN or web application proxy and a lot of other things so I'm going to select this role and click Next I don't need any features because the RO is going to select the features by itself they need at once and here it there is a small description of what you can deal with the remote access role there are a lot of things that can be done here so I'm going to the additional role services that I want to install and I'm going to configure is the first one which is the direct access and VPN rest and it's going to ask me if I will allow for additional features to be added so I'll add the features and press next and I'm going to click install and wait for the wizard to finish adding the remote access VPN server now that the installation has finished successfully it will say that additional configurations are required and from here you can lunge the getting started wizard or you can close this window and right here you will see an exclamation mark and basically it's the same wizard but from a different perspective so I'm going to select this wizard and we'll wait for it to fully load in so as you can see you have three options here you can deploy both direct access and VPN you can deploy only direct axis or only VPN so for the purpose of this video I'm going to deploy a VPN only and if you want in the future I can show you how to deploy the direct access as well but the direct axis is really a cool feature it's basically a VPN that's automatically and automatically connect your users to your environment so they don't need to create any additional VPN configurations on their site in order for them to connect basically automatic ultimately connects the users to your environment so I'm going to deploy VPN only and in here you can see that now I can see the routing and remote access console and from from the left side of the screen I can see that there is a down arrow which is a red arrow and what it says is I need to perform additional configurations in order for me to power on and start the service so I'm going to right click here and configure and enable routing and remote access so another small wizard will appear and when I click Next I have different options that I can configure again the options are depending on the what you want to implement in your environment you need to check them one by one and see what fits best for you but in my case I'm going to deploy only VPN and that's why I'm going to choose custom configuration so in the custom configuration I can deploy a specific set set of for tools that I can install and configure on my routing and remote access server but I'm going to select the VPN access only for now and click Next and you can see by clicking finish it will say that it will ask me if I want to start the service so I'm going to start the service now okay and now on the left side you see that the arrow change to a green up arrow which is a good sign is basically saying that my server is up and running at the moment and if I go through the different options that I have I will see different for example the ports that are available for me to use and the different tunneling protocols that I can configure and the network interfaces of course I can see my dedicated external card that is used for the VPN connection the internal connection we loop back as well and from the third the third option I can see the remote access clients basically when a client connects to this server you will see the connection right here and you can check the status of the connection you can close the connection so you will disconnect basically this user from using the server at the moment and under I P v4 I can see other information for the routing and how it's done but in order for me to fully configure the server so that it when when a user tries to connect to this server it can receive an IP address and if you have a DHCP currently configured on the server you can you can use the DGP to give out addresses or you can configure a DGP relay agent but in my case I don't have a DHCP server here so I'm going to open the properties and under ipv4 you can see that the dynamic cause protocol is currently selected but if you want a static address pool to be given to the users you can add the static pool from here so what that's what I'm going to do now so I'm going to click Add and specify at the start and the end I P addresses that they want to give to my client so for example I will give static IP address that is currently in mine my range and I'm going to allow only five users to be able to connect with VPN so this is another way for me you can see number of addresses five you this is another way for me to restrict the users alongside with permissions of course and now that I've configured only five addresses only five connections will be available for this server to give out so I'm going to close that and basically the configuration of the routing and remote access server is this done the other thing that I mentioned in the presentation is that you need to open depending on the protocol that the users are going to use you need to open different ports on your firewall or router to allow the connection to hit the server so as I'm going to use this in a local environment I don't need to configure that but you need to bear that in mind now the time on my local machine I'm going to use another user to log into that machine and that's the account for J Thompson ok for Jessie Thompson and she's going to be a user that is going to use VPN connection from home and I'm going to pause the video until the initial login and the initial configuration of her profile is done so so we can keep the video short now that the profile loaded successfully what I'm going to do is I'm going to right click on the internet access icon on the bottom right side and open network and sharing center and from here I can set up a new connection or network so I'm going to click that and select set up a dial-up or VPN connection to your workspace so I'm going to click Next and I'm going to use Internet in order for me to connect to my my server so under the Internet address as I said I'm going to use a local VPN in order for me to test out and show I'll show you how to configure the VPN but basically this will work with an Internet Internet address I cannot refer you to hit the VPN server so I'm going to specify my local which is 192.168.1 for 2.26 and you can name the VPN connection I'm going to name that work VPN and from here you have different options to remember the credentials or allow other people which is not really secure so I'm going to just create the VPN connection and now that I've created the VPN connection and there is a thing that I like to do basically and that is when I create a VPN connection in order for the users not to use the default gateway of my environment I go ahead and deselect an option which is right here under the advanced tcp/ip settings which is used default gateway on remote network so I'm going to deselect that click OK ok ok so now GC is set up to connect to my VPN server so I'm going to right double-click on on that of course you can go ahead from here and it will show the VPN work connection that with it and it will open basically the same window where you can connect to that VPN so I'm going to specify at the account for Jessie Thompson and her password and click OK so now it's basically saying that it cannot connect to the work VPN and it's in the two remote access connection was denied because the username and password combination you provided is not recognized or they selected authentication protocol is not permitted on the remote server actually the main problem with that is I did not add it Jessie to the allowed users to make a VPN connection so what I'm going to do is I'm going to switch to my domain controller I'm going to open Jessie's account and allow her to make a connection on the VPN before I switch to my domain controller I just want to show you a basic troubleshooting step that it's a good idea for you to perform in order to find out what is preventing the users from connecting to your server so I'm going to open Event Viewer and when I expand the windows locks and go under system I will see that I have warnings and these warnings when I click on them I can see that the account chooser for Jim Thompson connected on port VPN does not have remote access privileges so this is a basic troubleshooting guide that can help you resolve issues with your VPN server for example here you will find when a user and an internet provider is blocking the GRE packets 47 from their environment the PPTP pass through they will show here as a warning message and you will know that this is the problem with the user now thats I'm on my domain controller I'm going to open tools and then Active Directory users and computers and under my NLB lab domain and my oh you an OB solutions I have a no you users with Jesse Thompson's account so I'm going to right click and open properties of that account and when I go in at the tap dial-in I will see that the first option the network access permissions is currently set on control access to the MPC network policy basically I don't have an MPC server network policy server at the moment well to detect and see if my users are compliant so what I'm going to do is I'm going to click on the allow access for the J Thompson user and click apply so now when I go to my Windows Server Windows 10 machine and click close that message and try to connect again with her account and the password I will see that the connection worked and I'm currently connected to the NLB a lab environment with VPN connection so I can see that I'm currently using the PPTP port which I want to see and if I run a CMD and open that and show the IP config settings I will see that the PPP adapter work VPN currently gave me the IP address of 192 168 1 4 2 2 3 1 which is the first address that I gave to my VPN users when they connect to my environment so I can see that and I can confirm that my VPN server is up and running and my users can connect to my corporate environment using that so this ends up the demonstration of how you can configure install and configure VPN server in Windows 2012 r2 I hope you liked the video if you liked it press the like button if you don't like it press the dislike button and give me a comment what can be improved so I can take this into consideration thank you very much for viewing and see you soon

Info

Channel: NLB Solutions

Views: 286,598

Rating: undefined out of 5

Keywords: VPN Server, RAS Server, RRAS Windows Server 2012 R2, VPN Windows Server 2012 R2, how to configure VPN Server, how to configure RAS server, 2012 R2 VPN, Windows 10 VPN, Install VPN server, Install VPN Windows Server 2012 R2

Id: -E1GvdJCoX0

Channel Id: undefined

Length: 16min 58sec (1018 seconds)

Published: Sun Apr 24 2016