Key steps for VPN on Server2008R2. HELP!

[hardrockRam]

Hi

I need to access my server at home from my laptop. I therefore need a VPN.

I am a semi beginner at networking in general, but I have learned a lot the last couple of months. I have recently set up domains with W2k8 at work (10 computers) and at home (3 computers). Before that I used regular workgroup to connect computers. I have never been near a VPN before, not even used it. So thats my current lvl

The problem is that all the guides on the web is either to simple and does not cover everything, or they are to complicated, especially when it comes to security. The guides at Technet shows a setup with several servers with different roles, including one that works as a router between internet and home network, but I cannot afford several servers (poor student), and I can neither change the router. Some network guy told me that VPN on W2k8 is very easy, and I don`t need several servers.

1. I rent a small apartment with one shared router (This one: http://www.dlink.com/products/?pid=446) and a regular dynamic IP to the internet.

I have full control over the router, and it has IPsec and PPTP passthrough as options.

2. The server (which also is my workstation) is the only computer I need access to. I want to connect to it through my laptop.

3. I just need to access my files over internet with reasonable security. I have only one server, and it has to be behind the router. The server also works as DC.

My primary problem is the router. I have set IPsec and PPTP passthrough to "enabled", but I don`t know what it means, other than that IPsec and PPTP are protocols for VPN over internet. I don`t know how it redirects (NAT) from the public IP address to the right local (server: 192.168.0.245), or if it does it at all.

I am also somewhat unsure about which roles I need to install in addition to RRAS, and if I need to install routing (since I have a router already).

I would be grateful beyond all if someone could give me a general guide for VPN on my current network setup. Everyone says VPN is easy, and that makes me feel stupid, broken and without self esteem. It`s ruining my sex life to

[johnhc]

hardrockRam, here is a Wiki on VPN. The site is DD-WRT, which offers firmware for various routers, so the Wiki is pointed toward their code, but it also provides links to other sites and articles. DD-WRT also has a great forum for getting answers on routers. Enjoy, John.

[hardrockRam]

Thansk for the link, but I din`t get any wiser

The router is not the problem really. I understand that my post became a bit long, and its not so easy to understand what the problem is.

What I need to know is what roles I need and some key steps in the setup of Windows 2008, so that it fits my network. (server behind a regular router basically)

I am also unsure about how I reach the server from the internet, since the router performs NAT.

[todarsey]

Is the router you are talking about at work or home? The router at work is the one you need to worry about. If it is a decent small business router, you can easily set up a PPTP that will allow you to log into your network and access your files. I am more familiar with the Linksys RV042 which will do it no problem or you can use 2 of these to create a constant VPN tunnel between work and home.

If you are dead set on using your 2k8 server, the first thing you have to do is allow what ever port it is that VPN uses (I can't remember which one it is at the moment) through your router.

[hardrockRam]

The router is at home. It`s my own network I want to connect to from an internet location. I rent an apartment with a shared internet connection through the router. It`s this router I need to "get through" to get to my server.

I am pretty sure the router has the ability to set up IPsec and PPTP as protocols for VPN, since they both has an enabled \ disabled option in the Web GUI.

The laptop I want to use has W7, while the server I want to connect to is W2K8R2, which also works as a DC for my network.

My problems:

The roles and key configuration I need on W2K8R2 to allow for other computers to connect (preferably with the ability to log on with an account in AD), and some general guidelines about the router setup.

[JasonShaw9745]

Does your server have two nics by chance? Is your server setup as an AD domain? Which edition of Windows 7 does your laptop run? Trust me....I am going somewhere with this...

[JasonShaw9745]

I recommend using Direct Access for your laptop. Windows 2008R2 includes all features needed to deploy. I have included a link to a deployment guide from Microsoft that should help you along.

We covered Direct Access with Windows 2008R2 in my MCITP boot camp and it sounds like that would be the best setup for you from your posts. If you want additional information, I recommend CED Solutions out of Atlanta/Marietta Ga for training. Instructors are very informative and well-versed in all aspects of the latest Microsoft OS. Great facility, Great people!

J Shaw

quote name='hardrockRam' timestamp='1294022303' post='951638']

The router is at home. It`s my own network I want to connect to from an internet location. I rent an apartment with a shared internet connection through the router. It`s this router I need to "get through" to get to my server.

I am pretty sure the router has the ability to set up IPsec and PPTP as protocols for VPN, since they both has an enabled \ disabled option in the Web GUI.

The laptop I want to use has W7, while the server I want to connect to is W2K8R2, which also works as a DC for my network.

My problems:

The roles and key configuration I need on W2K8R2 to allow for other computers to connect (preferably with the ability to log on with an account in AD), and some general guidelines about the router setup.

[paraffin]

Why don't you use RDP? All you have to do is port forward 3389 which any router will do nowadays..

Or you could just use something like Team Viewer or LetMeIn..

[paraffin]

Since you asked this question I decided to setup a VPN server for myself as my work have recently locked down Internet Access so I use this as a workaround at lunch..

I have posted a video on my blog regarding the setup and its very easy as I found out..

Setting up a VPN Server 2008

Hope it helps