How to Install VPN on Windows Server 2008 R2

This HowTo should show you how to install a VPN Server on Windows Server 2008 R2. This is a HowTo for a small environment or a stand-alone hosted Server.

  1. Install the Role “Network Policy and Access Services” with the Server Manager
    Install Role Network policy and Access ServicesInstall Role Network policy and Access Services
  2. Select the Role Services “Routing and Remote Access Services”
    Install Role Network policy and Access ServicesInstall Role Network policy and Access Services
  3. Configure and Enable Routing and Remote Access in the Server Manager.
    Configure and Enable Routing and Remote AccessConfigure and Enable Routing and Remote Access
  4. Choose “Custom Configuration” if you just have one Network Interface in the Server
    Custom Configuration
  5. Choose “VPN access”
    VPN access
  6. Finish and click next
    VPN accessVPN access
  7. Allow access for users “Network Access Permission”. You can set that in de Dial-In Tab under the User Premission.
    User Permission Dial-In Access
  8. Open Ports in your Firewall

    For PPTP: 1723 TCP 47 GRE
    For L2TP over IPSEC: 1701 TCP 500 UDP
    For  SSTP: 443 TCP

Optional: If you don’t have a DHCP Server in your local network you have to add a static address pool. This could be if you have a stand-alone Server by your provider.

  1. Right click on “Routing and Remote Access” and open Properties
    Add Static address pool
  2. Click on the IPv4 Tab and check “Static address pool”
    Add Static address pool
  3. Add a static address pool of private IP addresses
    Add Static address pool
  4. Add secondary IP Address to the Server network interface which is in the same subnet as this pool.