Setup VPN (Virtual Private Network) using Windows 2003 Server

Open Routing and Remote Access from Administrative Tools.. Right-click the server and then click Configure and Enable Routing and Remote Access... Select Virtual Private Network [VPN] ac

Higher Education Commission

08/10/08

Setup VPN (Virtual Private Network) using Windows 2003 Server

Version Status: Issue 1.0

Date: October 08, 2008

HEC Ref: ICT-Univ-08-001

Document Revision History

Date Version Number Author/Editor Summary of main changes

Pre-Requisites

1 Two network interface cards

2 One static/NATed public IP on the outside NIC

3 One static private IP on the private NIC

Configuration

1 Open Routing and Remote Access from Administrative Tools

Note: you should disable Windows Firewall and Internet Connection sharing if you installed SP1 3 Click

2 Right-click the server and then click Configure and Enable Routing and Remote Access

3 Next on Welcome screen Select Virtual Private Network [VPN] access and NAT in the

Configuration of

4 In VPN Connection screen, select outside NIC which is connecting to the Internet

(Public/NATed)

5 IP Address Assignment option enables you to control the IP leased to the VPN clients

Recommended option is to specify a chunk of reserved IPs To add a IP range click NEW

6 Specify the IP Range and click OK then Next

7 Select the default option which is “Routing and Remoter Access authentication”

If you plan to have multiple remote Access servers on your network or already have RADIUS server installed you can select the RADIUS option

8 On the next confirmation page summarized configuration of VPN severs is displayed

Review and click Finish to complete the setup

If everything goes right the configuration wizard will conclude successfully

9 For VPN policies configuration open Routing and Remote Access from Administrative

Tools Expand the RAS Server and right click Remote Access Policies and Click New

9 Specify the self descriptive policy name on the next wizard screen and click Next

10 In the access methods option select VPN and click Next

11 Select the way you want to grant VPN access either user based or group based

Recommended method is using active directory ser groups Select Group and then click Add

12 Select the group name created for the VPN user from the active directory

This in this tutorial is “VPN” and click Next

13 On the the authentication method accept the choice MS-CHAPv2 and click Next

14 On the Ploicy Encryption Level Page accept all the three levels

15 On the page review the policy summery and click finish to end the configuration

Finally the Remote Access Server is ready to be tested

How to Configure VPN Connection

1 Click Start >All ProgramsÆAccessoriesÆCommunicationsÆNew Connection Wizard

2 Click Next

3 Select Connect to the network at my place

4 Select Virtual Private Network Connection

5 Specify the desired name for VPN connection

6 Use Name OR type the IP Address of the VPN Server (121.52.X.X)

121.52.X.X

7 Select the appropriate choice whether every one can use the connection or not

8 Check Add a shortcut to the connection to my desktop

The connection configuration is completed

How to connect using VPN Connection

1 Double click the VPN Connection shortcut (here named as HEC VPN)

The connection cal also be accessed by clicking

Start >All ProgramsÆAccessoriesÆCommunications and then double clicking the connection (here named as HEC VPN)

2 Specify the username and password and click Connect

Successful connection will be indicated by intimation balloon in the system tray (located at the right bottom corner of your screen)