Now that the RRAS role is installed, we must configure the VPN server. One aspect of the configuration process that you may not expect is that we have to configure
- Open the Server Manager and navigate through the console tree to Server Manager | Roles | Network Policy and Access Services | Routing and Remote Access.
Vista VPN setup guide, part 2 Learn how to configure Windows Vista workstations in part 2 of our Vista VPN setup guide.
- Right-click on the listing for Routing and Remote Access, and then choose Configure and Enable Routing and Remote Access from the resulting shortcut menu.
- Windows will now launch the Routing and Remote Access Server Setup Wizard. Click Next to bypass the wizard's introductory screen.
- The next screen is the Configuration screen. Choose the Virtual Private Network (VPN) Access and NAT option, and click Next.
- The next screen will ask you which of the server's NICs are attached to the Internet. Select the NIC that is connected to the network perimeter and click Next.
- You will now see a screen asking you how IP addresses should be assigned to remote clients. Assuming that your network has a DHCP server in place, choose the option to assign IP addresses automatically, and click Next.
- Windows should now display a screen asking if you want to use RRAS to authenticate connection requests, or if you would rather forward requests to a RADIUS server for authentication. Since we haven't set up a RADIUS server, choose the option to have the RRAS server authenticate connection requests. Of course, if you do happen to have a RADIUS server, you are certainly free to use it.
- Click Next, and you will see a screen displaying a summary of the options that you have chosen. Click Finish to close this screen.
- You will now see a warning message telling you that the relaying of DHCP messages requires a DHCP relay agent. Click OK to acknowledge this warning.
Vista VPN setup guide, part 1
Set up a domain controller
Install DHCP services
Install Active Directory Certificate Services
Request a machine certificate
Install the Routing and Remote Access Service role
Configure the VPN server
Publish the Certificate Revocation List
Make the CRL accessible
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as the CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at http://www.brienposey.com.
This was first published in May 2008