Get started Bring yourself up to speed with our introductory content.

How to set up a domain controller for a Vista VPN

The first step in setting up a VPN on a Windows Server 2008 for Vista is to set up a domain controller, as explained in this tip.

In the first step to setting up a Vista VPN, we configure the infrastructure server to act as a domain controller for a new forest. For the purposes of this tutorial, we create a domain named Prior to performing the steps listed below, you must install Windows Server 2008 Enterprise Edition and configure the server's NIC to use a static IP address.

As we install the Active Directory services, Windows will also install the Domain Naming Service (DNS), as the Active Directory is completely dependent on the DNS services. Because this will be a lab setup and we will be running the DNS, DHCP and Certificate services all on the same server, your server's TCP/IP configuration should be set to use the server's own IP address as the DNS server address.

To install the Active Directory services and the Domain Naming Services, follow these steps:

  1. Log on as an Administrator.
  2. Verify that the Remote Procedure Call (RPC) and the Remote Procedure
    Vista VPN setup guide, part 2
    Learn how to configure Windows Vista workstations in part 2 of our Vista VPN setup guide.
    Locator services are running.
  3. Insert your Windows installation DVD.
  4. Enter the DCPROMO command at the Run prompt.
  5. When the Active Directory Domain Services Installation Wizard begins, click Next to bypass the wizard's Welcome screen.
  6. Read the compatibility warning message on the following screen and click Next.
  7. Choose the Create a New Domain in a New Forest option and click Next.
  8. Enter CONTOSO.COM into the FQDN field and click Next.
  9. Set the forest functional level to Windows Server 2008 and click Next.
  10. On the following screen, verify that the DNS Server check box is selected and click Next.
  11. If you receive a warning message stating that the computer has dynamically assigned IP addresses, click Yes to ignore the message. Even if you have assigned a static IP address, you will receive this message because the server's IPv6 address is being assigned dynamically.
  12. When you see a warning message indicating that a delegation for a DNS server cannot be created, click Yes to continue.
  13. Click Next to accept the database paths.
  14. Enter a directory services restore mode password and click Next.
  15. You will now see a summary screen. Assuming that the summary information appears to be correct, click Next.
  16. The Active Directory installation process will now begin.
  17. When the installation process completes, click Close.
  18. Reboot the server.

Vista VPN setup guide, part 1

  Set up a domain controller
  Install DHCP services
  Install Active Directory Certificate Services
  Install IIS
  Request a machine certificate
  Install the Routing and Remote Access Service role
  Configure the VPN server
  Publish the Certificate Revocation List
  Make the CRL accessible

Brien Posey
About the author
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as the CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at .

Dig Deeper on MSPs and cybersecurity

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.