How To Setup Vpn On Windows 7 Home Premium

In this tutorial you will find step by instructions to setup an L2TP VPN Access Server on Windows Server 2016. The Virtual Private Network (VPN) allows yous to securely connect to your individual network from Internet locations and it is protecting y'all from Internet attacks and data interception.To install and configure the L2TP/IPSec VPN access on Server 2016 it's a multi step process, because you take to configure several settings on the VPN server'due south side to accomplish the successful VPN operation.

How to Install a L2TP/IPSec VPN Server 2016 with Custom Preshared Key.

In this stride by step guide, we go through the L2TP VPN Server 2016 setup using the Layer Two Tunneling Protocol (L2TP/IPSEC) with a custom PreShared key, for a more than secure VPN connection.

Stride 1. Install the Routing and Remote Access Function on Server 2016.

Stride 2. Configure and Enable Routing and Remote Access on Server 2016.

Step 3. Configure the Preshared Key for the L2TP/IKEv2 connections.

Step 4. Open the Required Ports in Windows Firewall.

Pace five. Configure the VPN Server to Allow the Network Access.

Step six. Enable L2TP/IPsec Connections Backside NAT.

Step 7. Bank check that the Required L2TP Services are running.

Step 8. Select the VPN Users.

Step 9. Configure Internet access provider's Firewall to Allow the L2TP VPN Access.

Step x. Setup the L2TP/IPSec VPN Connection on Clients.

Step i. How to Add Remote Access (VPN Access) role on a Server 2016.

The offset step to setup a Windows Server 2016, every bit a VPN server is to install the Remote Access office {Direct Access & VPN (RAS) services} to your Server 2016. *

* Info: For this example we're going to setup VPN on a Windows Server 2016 motorcar, named "Srv1" and with IP Accost "192.168.1.8".

1. To install VPN role on Windows Server 2016, open 'Server Director' and click on Add Roles and Features.

2. At the first screen of 'Add Roles and Features sorcerer', leave the Office-based or feature-based installation option and click Adjacent.

3. At the next screen, get out the default option "Select server from the server pool" and click Side by side.

4. Then select the Remote Access function and click Side by side.

5. At 'Features' screen go out the default settings and click Next.

6. At 'Remote Access' information screen, click Adjacent.

vii. At 'Remote Services', choose the Direct Access and VPN (RAS) role services so click Side by side.

8. Then click Add together Features.

ix. Click Next once more.

10. Go out the default settings and click Side by side (twice) at 'Web Server Office (IIS)' and 'Function Services' screens.

11. At 'Confirmation' screen, select Restart the destination server automatically (if required) and click Install.

12. At the final screen, ensure that the installation of the Remote Access function is successful and Close the wizard.

13. And so (from Server Manager) Tools card, click on Remote Admission Direction.
xiv. Select Straight Admission and VPN on the left and and so click to Run the Getting Started Wizard.

xv. And then click Deploy VPN only.

16. Continue to step-2 beneath to configure Routing and Remote Access.

Pace two. How to Configure and Enable Routing and Remote Admission on Server 2016.

The next pace is to enable and configure the VPN access on our Server 2016. To exercise that:

1. Correct click on the Server'southward proper name and select Configure and Enable Routing and Remote Access. *

* Notation: Y'all tin can also launch Routing and Remote Admission settings, by using the following manner:

one.Open Server Managing director and from Tools menu, select Computer Direction.
2. Expand Services and Applications
3. Right click on Routing and Remote Access and select Configure and Enable Routing and Remote Admission.

two. Click Next at 'Routing and Remote Admission Server Setup Magician'.

three. Choose Custom configuration and click Next.

4. Select VPN access just in this case and click Next.

5. Finally click Cease.

6. When prompted to Start the service click Start.

7. Now you volition see a green arrow abreast your Server'southward name (east.k. "Svr1" in this example).

Step iii. How to Enable Custom IPsec policy for L2TP/IKEv2 connections.

Now its fourth dimension, to allow a custom IPsec Policy on Routing and Remote Access server and to specify the custom Preshared fundamental.

one. At Routing and Remote admission panel, right click on your server's name and select Properties.

ii. At Security tab, choose Allow custom IPsec policy for L2TP/IKEv2 connection and and so type a Preshared key (for this case I type: "TestVPN@1234").

3. And so click the Authentication Methods button (to a higher place) and make sure that the Microsoft encrypted hallmark version 2 (MS-CHAP v2) is selected and and so click OK.

4. Now select the IPv4 tab, select Static accost pool and click Add.
5. Here blazon the IP Address Range that will be assigned to VPN connected clients and click OK (twice) to close all windows.

e.1000. For this example we're going to use the IP address range: 192.168.1.200 – 192.168.1.202.

6. When you are prompted with the popular up bulletin: "To enable custom IPsec policy for L2TP/IKEv2 connections you must restart Routing and Remote Access", click OK.

7. Finally right click on your server (e.g. "Svr1") and select All Tasks > Restart.

Stride 4. Open up the Required Ports in Windows Firewall.

one. Go To Control Panel > All Control Panel Items > Windows Firewall.
2. Click Avant-garde settings on the left.

iii. At the left, select the Inbound Rules.
4a. Double click at Routing and Remote Admission (L2TP-In)

4b. At 'Full general' tab, choose Enabled, Allow the connexion and click OK.

5. Now, right click at Inbound Rules on the left and select New Rule.

6. At the offset screen, select Port and click Next.

7. Now select the UDP protocol type and at 'Specific local ports' field, type: l, 500, 4500.
When washed click Adjacent.

8. Leave the default setting "Allow the Connection" and click Adjacent.

9. At the next screen, click Next again.

10. At present, type a name for the new rule (e.g. "Allow L2PT VPN") and click Finish.

xi. Close the Firewall settings.

Step v. How to Configure the Network Policy Server to Allow the Network Access.

In order to allow the VPN users to access the network through the VPN connection, proceed and modify the Network Policy Server as follows:

ane. Right click on Remote Admission Logging and Policies and select Launch NPS

2. At the 'Overview' tab, select the post-obit settings and click OK:

• • Grant access: If the connection asking matches this policy.
  • Remote Access Server (VPN-Dial upward)

iii. Now open the Connections to other access servers policy, select the same settings and click OK.

• • Grant access: If the connectedness request matches this
    policy.
  • Remote Access Server (VPN-Dial
    up)

four. Close the Network Policy Server settings.

Pace half-dozen. How to Enable L2TP/IPsec Connections Backside NAT.

By default, modernistic Windows Clients (Windows 10, eight, seven or Vista) and the Windows Server 2016, 2012 & 2008 operating systems do not support L2TP/IPsec connections if the Windows figurer or the VPN server are located behind a NAT. To bypass this problem you accept to change registry as follows, in the VPN Server and the Clients:

1. Simultaneously press the Windows + R keys to open run command box.
2. Type regedit and printing Enter.

3. At the left pane, navigate to this primal:

• HKEY_LOCAL_MACHINE\System\CurrentControlSet\Sevices\PolicyAgent

4. Right click on PolicyAgent and select New –> DWORD (32 fleck) Value.

five. For the new central name type: AssumeUDPEncapsulationContextOnSendRule and press Enter.

* Note: The value must be entered as shown to a higher place and with no space.

six. Double click on this new DWORD key and enter for Value data: ii

seven. Close Registry Editor. *

* Important: To avoid bug when connecting to your VPN server from a Windows customer estimator (Windows Vista, seven, 8, 10, and 2008 Server), y'all must apply this registry fix to clients as well.

8. Reboot the machine.

Pace 7. Verify that IKE & IPsec Policy Agent services are running.

Later the restart, go to services control panel and make certain that the following services are up and running. To do that:

1. Simultaneously press the Windows + R keys to open run command box.
ii. In run control box, type: services.msc and printing Enter.

3. Brand sure that the following services are running: *

1. 1. IKE and AuthIP IPsec Keying Modules
   2. IPsec Policy Agent

* Notes:
1. If the to a higher place services are non running, then double click on each service and ready the Startup Type to Automatic. And then click OK and restart the server.
2. You must ensure that the in a higher place services are also running in the Windows customer automobile.

Stride 8. How to Select which users will accept VPN Access.

At present it's time to specify which users volition exist able to connect to the VPN server (Dial-IN permissions).

1. Open Server Director.
2. From Tools bill of fare, select Active Directory Users and Computers. *

* Note: If your server doesn't belong to a domain, and so go to Figurer Direction -> Local Users and Groups.

3. Select Users and double click on the user that you lot want to permit the VPN Access.
4. Select the Dial-in tab and select Allow admission. Then click OK.

Pace 9. How to Configure Firewall to Let L2TP VPN Access (Port Forwarding).

The next stride is allow the VPN connections in your Firewall.

1. Login to router'due south web interface.
2. Within the Router configuration setup, forward the ports 1701, l, 500 & 4500 to the IP accost of the VPN Server. (See your Router's manual on how to configure Port Forward).

• For example, if the VPN Server has the IP address "192.168.1.viii" and then yous have to frontward all the in a higher place mentioned ports to that IP.

Boosted Help:

• In club to be able to connect to your VPN server from a distance you accept to know the public IP Address of the VPN server. To discover the pubic IP Address (from the VPN Server PC) navigate to this link: http://www.whatismyip.com/
• To ensure that you can ever connect to your VPN server it is improve to take a Static Public IP Address. To obtain a Static Public IP Address y'all must contact your internet service provider. If y'all don't want to pay for a static IP Address, then you tin setup a free Dynamic DNS service (e.g. no-ip .) on your router's (VPN Server) side.

Step 10. How to Setup the L2TP VPN Connection on a Windows Customer Figurer.

The final step is to create a new L2TP/IPSec VPN connexion to our VPN Server 2016 on the client computer, by following the instructions below:

• Related commodity: How to Setup a PPTP VPN Connectedness on Windows x.

Attention: Before you go along to create the VPN Connection, proceed and apply the registry fix in step-vi above, on the client figurer too.

1. Open up Network and Sharing Center.
2. Click Prepare a new connection or network

3. Select Connect to workplace and click Side by side.

four. Then select Use my Internet connection (VPN).

v. On the next screen blazon the VPN's server public IP Address and the VPN Port that you lot take assigned on the router side and then click Create.

eastward.grand. If the external IP address is: 108.200.135.144,  and so blazon: "108.200.135.144" at Net Accost box and at 'Destination name' filed, type whatever name you want (e.g. "L2TP-VPN").

6. Type the username and the password for the VPN connection and click Connect.

7. If you setup the VPN on a Windows vii client car it will try to connect. Press Skip and and then click Close, considering you lot need to specify some additional settings for the VPN connection.

8. On Network and Sharing centre click on Change adapter settings on the left.
9. Correct click on the new VPN connection (e.grand. "L2TP-VPN") and select Properties.
10. Select the Security tab and cull Layer 2 (Tunneling Protocol with IPsec (L2TP/IPsec) then click on Advanced settings.

11. In 'Advanced settings' type the Preshared key (e.g. "TestVPN@1234" in this instance) and click OK

12. Then click on Allow these protocols and select the Microsoft CHAP Version two (MS-CHAP v2)

thirteen. So select the Networking tab. We will double click on Internet Protocol Version four (TCP/IPv4) to open its Backdrop.
14. For Preferred DNS server blazon the Local IP Address of the VPN Server (e.g. "192.168.ane.8" in this case). *

* Notation: This setting is optional, and so employ it only if you needed.

15. Then click the Advanced button and uncheck the Employ default gateway on remote network because we want to separate our PC Net browsing from VPN connectedness.
16. Finally click OK continually to close all windows.

17. Now double click on the new VPN connection and click Connect, to connect to your workplace.

That's information technology! Let me know if this guide has helped you by leaving your annotate about your experience. Delight similar and share this guide to aid others.

If this article was useful for you, please consider supporting us by making a donation. Even $1 can a brand a huge divergence for united states in our endeavor to proceed to help others while keeping this site gratis:

If you want to stay constantly protected from malware threats, existing and hereafter ones, nosotros recommend that you install Malwarebytes Anti-Malware PRO by clicking beneath (we practice earn a commision from sales generated from this link, but at no additional cost to y'all. We take feel with this software and nosotros recommend it considering it is helpful and useful):

Full household PC Protection - Protect upwards to 3 PCs with NEW Malwarebytes Anti-Malware Premium!

Source: https://www.wintips.org/how-to-setup-vpn-server-2016-with-a-custom-ipsec-for-l2tp-ikev2/

Posted by: cookgiviss74.blogspot.com

Share this post