How to Install VPN using RRAS (Remote and Routing Access)


You must have heard about the VPN. VPN is a Virtual Private Network that provides security and privacy to your private and public networks. It creates a secure connection over public network. You can connect multiple systems to VPN server and use VPN’s bandwidth for public network connection.

There are various VPN protocols for secured communication viz. IPSec, SSL and TLS, PPTP and L2TP. Of which PPTP (Point-to-Pont Tunneling Protocol) is widely used protocol. It is one of the easiest protocol to setup and maintain as compared to other protocols.

A VPN is most efficient and inexpensive way to build a secured private network. Though, it is a most inexpensive, it requires fair amount of technical expertise to implement it successfully.

There are various paid VPN softwares in the market. But, if you are running windows server, you can use RRAS to configure your own VPN server without any additional cost. This article will walk you through to install VPN using Remote & Routing Access and connect to it from your local system (With working Internet Access). (The steps are performed on Windows server 2012 R2 OS)

    1. Login to your server through Remote Desktop in which you want to install VPN.
    2. Open Server Manager and click on Add roles and features.
      Add Role
    3. Follow the steps for the installation wizard. Select ‘Role-based or feature-based installation‘ Installation Type.Installation Type
    4. In server selection field, check ‘Select a server from the server pool‘. You will see your server with computer name in server pool.Server Selection
    5. Select “Remote Access” role in Server roles and click on Next.Remote Access Role
  1. Do not make any changes in Features and click on Next.
    In Role services, select DirectAccess and VPN, Routing services and click on Next.Role Service Selection
  2. Review installation page and click on install once you are ready.
    Once the installation is completed, click ‘Open the Getting Started Wizard‘.Result Wizard
  3. You will see ‘Configure Remote Access‘ wizard. Click on Deploy VPN only.Configure Remote Access
  4. You will see Routing and Remote Access MMC. Right click on your server name and click on ‘Configure and Enable Routing and Remote Access‘.Routing and Remote Access
  5. Now, follow the installation wizard instruction. Click Next on Welcome wizard.RRAS Setup Wizard
  6. In configuration wizard, select ‘Virtual Private Network (VPN) access and NAT‘ and click on Next.Select Service Combination
  7. In VPN Connection, select the network interface which has public IP address with proper Internet connection and click on Next.Network Interface Selection
  8. In IP Address Assignment, select ‘From a specified range of addresses‘ and click on Next.IP Address Assignment
  9. In Address Range Assignment, click on New and add local IP address range (Here make sure that the Start IP address is same as your Internal network’s primary IP address). This will be used to allocate IP address to remote clients who connect to this VPN server. Once you have added IP range, click on Next to proceed.Address Range Assignment
  10. In Managing Multiple Remote Access Server, select ‘No, use Routing and Remote Access to authenticate connection requests‘ and click on Next.Multiple Remote Access Servers
  11. In completing wizard, click on Finish. You will be prompted with a message for DHCP relay agent, simply click on Ok for this message.

Now, you will need to allow your RDP port in NAT services and ports. Follow the below mentioned steps for the same.

    1. In Routing and Remote Access, expand the server → IPV4 → NAT.NAT Configuration
    2. Right click on External Network, go to properties → Services and ports.Services and Ports
    3. Click on Add, enter the description for this service, enter the RDP port and IP address of the VPS and click on Ok.Add Service

NOTE 1: If this service is not added then you will not be able to access your server via RDP.

NOTE 2: If you have firewall installed on your server, you will need to allow 1723 TCP port for PPTP.

Now, let’s tweak the setting of the user which will be used to make VPN connection from client/remote machine.

  1. Go to Administrative tools → Computer Management → Local Users and Groups → Users.
  2. Right click on the user(which you want to set for VPN connection) and click on properties.
    Computer Management
  3. Go to Dial-in tab, select ‘Allow access‘ in ‘Network Access Permission’ option and click on Apply.User Properties

Your VPN server is ready for client/remote connections.

Now, let’s see how to configure client machine to connect to VPN server.

    1. Open Network and Sharing Center of your local system. Click on  ‘Set up a new Connection or Network‘.
      Network and Sharing Center
    2. Click on Connect to a workplace.Setup Connection or Network
    3. Click on Use my Internet connection (VPN)Connect to Workplace
  1. Enter IP address of VPN server (External network’s Primary/static IP which has Internet connection) and click on next.Connect to Workplace - VPN details
  2. Enter the login details of VPN server and click on Connect.Connect to Wokplace - VPN login access
  3. And your local machine is connected to VPN server. If you check your IP address from any online tool, you will see that your IP address is from VPN server and not from local ISP.Network and Sharing Center

This is all. Now, your client machine will have the internet access via VPN. However, should you find any difficulty, feel free to raise your query here in this blog.

(Visited 122,879 times, 10 visits today)

Latest Comments

  1. Hardik V. October 11, 2016
    • Rahul V October 11, 2016
  2. Muhammad November 26, 2016
  3. Rahul Vaghasia November 28, 2016
  4. Phil April 7, 2017
    • Rahul V April 19, 2017
  5. Henry April 19, 2017
    • Rahul V April 25, 2017
  6. Jimmy April 26, 2017
    • Rahul V April 26, 2017
  7. Eddard Antico April 26, 2017
  8. Prasanta Shee September 14, 2017
    • Jason-Pat September 14, 2017
  9. Microsoft Support UK July 9, 2018
  10. Vendy September 12, 2018
  11. Greg Hickman March 20, 2019
  12. Nathan Raymond April 9, 2019
  13. SANTOSH PATNAIK January 1, 2020
  14. Mic July 20, 2020
    • Jason-Pat August 28, 2020
  15. Maximiliano Ramos August 27, 2020
    • Jason-Pat August 28, 2020
  16. Hamed September 13, 2020
    • Jason-Pat September 21, 2020
  17. internetprices November 25, 2020
  18. Pierpaolo Basile February 15, 2021
  19. Jason-Pat February 27, 2021

Leave a Reply

AlphaOmega Captcha Classica  –  Enter Security Code

This site uses Akismet to reduce spam. Learn how your comment data is processed.