Configuring a Windows 2000 VPN Server

The following describes the basic steps for configuring a Windows2000 server to allow VPN access.

Installing IIS

Before you can install Windows2000 VPN Server, you need to have IIS installed. It comes as part of the Server installation. You also need to have Windows2000 Server.

1. Go to Start / Programs / Administrative Tools / Routing and Remote Access
2. Right click on the Server name
3. Select Configure and Enable Routing and Remote Access
4. At the Setup Wizard, click on the Next button
5. Select Virtual private network (VPN) server
6. Click on the Next button
7. Select all the Protocol(s) needed by the clients
8. Select the network adapter that is connected to the Internet
9. Select how you want IP addresses assigned (either DHCP or Specified)
10. Click on the New button
11. Specify the range of IP addresses you want to use
12. Generically you can select NO for setting up a RADIUS server
13. This will finish the install of the VPN server


Configuring the User Accounts

You need to configure Users to have dial-in Access

1. Right click on My Computer 
2. Select Manage
3. Select Users
4. Click on the Dial-in tab
5. Check Allows Access

Additional Ports

If the same server is acting as your Proxy, you may need to open up necessary ports as well

1. Right click on the IP Routing / General section
2. Select Properties
3. Click on Input Filters
4. This will bring up the Default Ports installed for VPN
5. Click on the Add button
6. Select TCP then UDP for the ports you want to add.
7. Common ones are:

21    FTP
53    DNS
80    Web

8. Repeat the same steps for the Output Filters
9. If the VPN server is behind a router, Port Mapping will need to be done on the router. Standard port usage is 1723. You might also need to configure your router for PPTP Passthrough. Port usage for IPSec is 500, 50-51. These ports will have to be forwarded to the VPN server’s IP

This site is copyrighted. No portion may be reproduced without my written permission.