This HowTo should show you how to install a VPN Server on Windows Server 2008 R2. This is a HowTo for a small environment or a stand-alone hosted Server.
- Install the Role “Network Policy and Access Services” with the Server Manager
- Select the Role Services “Routing and Remote Access Services”
- Configure and Enable Routing and Remote Access in the Server Manager.
- Choose “Custom Configuration” if you just have one Network Interface in the Server
- Choose “VPN access”
- Finish and click next
- Allow access for users “Network Access Permission”. You can set that in de Dial-In Tab under the User Premission.
- Open Ports in your Firewall
For PPTP: 1723 TCP 47 GRE
For L2TP over IPSEC: 1701 TCP 500 UDP
For SSTP: 443 TCP
Optional: If you don’t have a DHCP Server in your local network you have to add a static address pool. This could be if you have a stand-alone Server by your provider.
- Right click on “Routing and Remote Access” and open Properties
- Click on the IPv4 Tab and check “Static address pool”
- Add a static address pool of private IP addresses
- Add secondary IP Address to the Server network interface which is in the same subnet as this pool.
Thanks Thomas you rock!
Thanks! Could you explain how do i make authentication? so that people that connect to my server via wireless antenna, since this will be a hotspot server need to make an account.. need sql for that? can it be done directly? thanks!
thank you and please tell me what other procedures i do for connect my lap to our server through vpn
You have to create a New VPN Connection in the Network and Sharing Center
Thanks for the excellent guide Thomas. I got this working for administrators now.
I also need to give “normal users” access to this; but if I do that I’m getting the following message: RAS 800 or RAS 812.
Can you please help me out?
Thanks Thierry
Fantastic, easy to follow guide!
I’ve got it all setup but can’t seem to access the internet through my VPN. Any suggestions?
Thanks sir…..!
It’s so easy to understand..
no problem
Cool Website!
Like This Yoo
Your instructions work for a standalone PPTP and L2TP VPN server but on a standalone server I can’t add a certificate for the SSL Certificate Binding property under the Security tab. I’m resigned to the idea that Microsoft won’t accomodate a stand alone SSTP VPN server under its Network Policy and Remote Access Service. Do you know if this is true? Also if I try to set up a VPN server on an Amazon EC2 Windows 2008 R2 instance, I’m limited to a single NIC and am not allowed to add a secondary IP address to it. Any ideas as to whether a stand alone Windows VPN server in this scenario is do able or not is appreciated.
I’m in a migration process. I hope this will help to setup the VPN.
Thank You Sir, this could really help to me..
for the ports can u specify if i need to put same as inbound and private port??
Pingback: How to Install VPN on Windows Server 2012 | Thomas Maurer ™
Hi Thomas.i just to know how many client server connection will be allowed if win 2008 server act as a vpn server.
We have a DSL modem in our office, a wireless ASUS router and a file server. I need to provide 5 people access through VPN to a share on the file server (2008 r2). The router supports VPN server. So, i have set it up to allow up to 10 clients and has an ip pool assigned to VPN clients. Do i also need to setup VPN access per your article on the server? If yes, then do the logins for the VPN server on the router (username and password) need to be the same as the computer account logins?
hi thanks
error 812???????
radious port set ????
my network workgroup
Very nice,.., Easy to understand.,,.,.:)
Thanks Thomas !
Tried it but server crashed. Meaning nobody could have access to shared drives .
Did you place the server in the DMZ or did you open the listed ports towards your internal server.
If you placed the server in the DMZ, did you do it with one network connection (only DMZ) or with 2 connections (one DMZ one Internal Network)?
With best regards
Markus