Tag: routing

Installation Windows Server 2016 VPN

How to Install VPN on Windows Server 2016

This post shows you how you can install a VPN Server on Windows Server 2016 Step-by-Step. It shows you how you can easily setup a VPN server for a small environment or for a hosted server scenario. This blog post covers how you can use Windows Server VPN.

This is definitely not a guide for an enterprise deployment, if you are thinking about a enterprise deployment you should definitely have a look at Direct Access.

I already did similar blog posts for Windows Server 2008 R2, Windows Server 2012 and Windows Server 2012 R2.

You can simply follow this step by step guide:

Install the Windows Server VPN Role

First install the “Remote Access” via Server Manager or Windows PowerShell.

Install Remote Access Role VPN

Select the “DirectAccess and VPN (RAS)” role services and click next.

DirectAccess and VPN (RAS)



How to Install VPN on Windows Server 2008 R2

This HowTo should show you how to install a VPN Server on Windows Server 2008 R2. This is a HowTo for a small environment or a stand-alone hosted Server.

  1. Install the Role “Network Policy and Access Services” with the Server Manager
    Install Role Network policy and Access ServicesInstall Role Network policy and Access Services
  2. Select the Role Services “Routing and Remote Access Services”
    Install Role Network policy and Access ServicesInstall Role Network policy and Access Services
  3. Configure and Enable Routing and Remote Access in the Server Manager.
    Configure and Enable Routing and Remote AccessConfigure and Enable Routing and Remote Access
  4. Choose “Custom Configuration” if you just have one Network Interface in the Server
    Custom Configuration
  5. Choose “VPN access”
    VPN access
  6. Finish and click next
    VPN accessVPN access
  7. Allow access for users “Network Access Permission”. You can set that in de Dial-In Tab under the User Premission.
    User Permission Dial-In Access
  8. Open Ports in your FirewallFor PPTP: 1723 TCP 47 GRE
    For L2TP over IPSEC: 1701 TCP 500 UDP
    For  SSTP: 443 TCP

Optional: If you don’t have a DHCP Server in your local network you have to add a static address pool. This could be if you have a stand-alone Server by your provider.

  1. Right click on “Routing and Remote Access” and open Properties
    Add Static address pool
  2. Click on the IPv4 Tab and check “Static address pool”
    Add Static address pool
  3. Add a static address pool of private IP addresses
    Add Static address pool
  4. Add secondary IP Address to the Server network interface which is in the same subnet as this pool.

I also have other posts for about installing VPN on Windows Server: