VPS Hosting Blog | VPS & Cloud Hosting | Windows Reseller

How to Install VPN using RRAS (Remote and Routing Access)

You must have heard about the VPN. VPN is a Virtual Private Network that provides security and privacy to your private and public networks. It creates a secure connection over public network. You can connect multiple systems to VPN server and use VPN’s bandwidth for public network connection.

There are various VPN protocols for secured communication viz. IPSec, SSL and TLS, PPTP and L2TP. Of which PPTP (Point-to-Pont Tunneling Protocol) is widely used protocol. It is one of the easiest protocol to setup and maintain as compared to other protocols.

A VPN is most efficient and inexpensive way to build a secured private network. Though, it is a most inexpensive, it requires fair amount of technical expertise to implement it successfully.

There are various paid VPN softwares in the market. But, if you are running windows server, you can use RRAS to configure your own VPN server without any additional cost. This article will walk you through to install VPN using Remote & Routing Access and connect to it from your local system (With working Internet Access). (The steps are performed on Windows server 2012 R2 OS)

  1. Login to your server through Remote Desktop in which you want to install VPN.
  2. Open Server Manager and click on Add roles and features.
  3. Follow the steps for the installation wizard. Select ‘Role-based or feature-based installation‘ Installation Type.
  4. In server selection field, check ‘Select a server from the server pool‘. You will see your server with computer name in server pool.
  5. Select “Remote Access” role in Server roles and click on Next.
  6. Do not make any changes in Features and click on Next.
    In Role services, select DirectAccess and VPN, Routing services and click on Next.
  7. Review installation page and click on install once you are ready.
    Once the installation is completed, click ‘Open the Getting Started Wizard‘.
  8. You will see ‘Configure Remote Access‘ wizard. Click on Deploy VPN only.
  9. You will see Routing and Remote Access MMC. Right click on your server name and click on ‘Configure and Enable Routing and Remote Access‘.
  10. Now, follow the installation wizard instruction. Click Next on Welcome wizard.
  11. In configuration wizard, select ‘Virtual Private Network (VPN) access and NAT‘ and click on Next.
  12. In VPN Connection, select the network interface which has public IP address with proper Internet connection and click on Next.
  13. In IP Address Assignment, select ‘From a specified range of addresses‘ and click on Next.
  14. In Address Range Assignment, click on New and add local IP address range (Here make sure that the Start IP address is same as your Internal network’s primary IP address). This will be used to allocate IP address to remote clients who connect to this VPN server. Once you have added IP range, click on Next to proceed.
  15. In Managing Multiple Remote Access Server, select ‘No, use Routing and Remote Access to authenticate connection requests‘ and click on Next.
  16. In completing wizard, click on Finish. You will be prompted with a message for DHCP relay agent, simply click on Ok for this message.

Now, you will need to allow your RDP port in NAT services and ports. Follow the below mentioned steps for the same.

  1. In Routing and Remote Access, expand the server → IPV4 → NAT.
  2. Right click on External Network, go to properties → Services and ports.
  3. Click on Add, enter the description for this service, enter the RDP port and IP address of the VPS and click on Ok.

NOTE1: If this service is not added then you will not be able to access your server via RDP.

NOTE2: If you have firewall installed on your server, you will need to allow 1723 TCP port for PPTP.

Now, let’s tweak the setting of the user which will be used to make VPN connection from client/remote machine.

  1. Go to Administrative tools → Computer Management → Local Users and Groups → Users.
  2. Right click on the user(which you want to set for VPN connection) and click on properties.
  3. Go to Dial-in tab, select ‘Allow access‘ in ‘Network Access Permission’ option and click on Apply.

Your VPN server is ready for client/remote connections.

Now, let’s see how to configure client machine to connect to VPN server.

  1. Open Network and Sharing Center of your local system. Click on  ‘Set up a new Connection or Network‘.
  2. Click on Connect to a workplace.
  3. Click on Use my Internet connection (VPN)
  4. Enter IP address of VPN server (External network’s Primary/static IP which has Internet connection) and click on next.
  5. Enter the login details of VPN server and click on Connect.
  6. And your local machine is connected to VPN server. If you check your IP address from any online tool, you will see that your IP address is from VPN server and not from local ISP.

This is all. Now, your client machine will have the internet access via VPN. However, should you find any difficulty, feel free to raise your query here in this blog.

(Visited 22,548 times, 114 visits today)