Setting up a VPN Connection

macally

macally

macally

Associate
Joined
9 Aug 2011
Posts
137
A friend has asked me to set them up a network consisting of a low end HP Tower Server running Windows SBS2011 and a couple of computers running Windows 7 Professional. He also wants to be able to connect to the server from home and has said a company he used to work for had VPN access.

Is VPN access the best way to go and if it is, do I need to get a VPN Firewall or will any Firewall be sufficient?

I'm ok with setting up servers and everything but never set up VPN access before.

Thanks
 
Yes VPN is the way to do it.

On SBS (and WHS for that matter) the network policy and access services is already installed as a role. You need to add the a role service under it called Routing and Remote Access role (just add the remote access part) and then set it up.

If your SBS server is your DHCP server then all you need to do is set up an appropriate access policy. If it isn't then you will also need to set up a static pool of IP addresses the VPN service can assign to VPN users (under Routing and Remote Access, right click, properties, IPv4 tab)

I have the screenshots for how to configure this under WHS 2011, but have yet to do a formal how-to. I think I will have time to do this next week.
 
tbz_ck said:
Yes VPN is the way to do it.

On SBS (and WHS for that matter) the network policy and access services is already installed as a role. You need to add the a role service under it called Routing and Remote Access role (just add the remote access part) and then set it up.

If your SBS server is your DHCP server then all you need to do is set up an appropriate access policy. If it isn't then you will also need to set up a static pool of IP addresses the VPN service can assign to VPN users (under Routing and Remote Access, right click, properties, IPv4 tab)

I have the screenshots for how to configure this under WHS 2011, but have yet to do a formal how-to. I think I will have time to do this next week.
Click to expand...

With the greatest respect, doing anything manually in SBS normally breaks something. Best place to enable VPN dial in is in the SBS Console under Network / Connectivity, Configure a Virtual Private Network connection.

Then just forward the ports on your router to the SBS servers IP's address.
 
tribz said:
With the greatest respect, doing anything manually in SBS normally breaks something. Best place to enable VPN dial in is in the SBS Console under Network / Connectivity, Configure a Virtual Private Network connection.

Then just forward the ports on your router to the SBS servers IP's address.
Click to expand...

Ahhh yes, I forgot about the SBS console method and you are right, he should do it that way. That said, all its really doing is what I outlined manually (namely its creating a PPTP VPN and opening port 1723 on the firewall/router, then creating a network access policy and a connection request policy (if required))

If he wants more granularity (e.g. allowing encryption strengths or disabling MS-CHAP v1 etc) then he's still going to have to go into NPS and fiddle :)
 
You must log in or register to reply here.
Back
Top Bottom