Checklist: Implementing a VPN Remote Access Server Design
Updated: April 30, 2010
Applies To: Windows Server 2008, Windows Server 2008 R2
Note
Complete the tasks in this checklist in order. When a reference link takes you to a procedure, return to this topic after you complete the steps in that procedure so that you can proceed with the remaining tasks in this checklist.
Checklist:
Implementing a VPN Remote Access Server Design
Task | Reference | |
---|---|---|
Review key concepts and design considerations for VPN-based remote access. |
VPN Remote Access Design in the Routing and Remote Access Services Design Guide |
|
Install the Routing and Remote Access role service on the VPN server. |
||
Configure TCP/IP on network interfaces on the VPN server that are connected to the public and private networks. |
||
Enable the VPN server to forward packets between remote access clients and the intranet. |
||
Configure name resolution so that remote access clients can resolve the names of computers on the private network. |
||
Enable the VPN server to relay Dynamic Host Configuration Protocol (DHCP) messages between DHCP clients and DHCP servers on different IP networks. |
||
Configure packet filters on the VPN server to allow only desired network traffic. |
||
Configure routing on the VPN server so that the server can forward traffic from remote access clients to locations on the private network. |
||
Configure remote access policies to enable only authorized users and computers to access the private network through the VPN server. |
||
If required by your design, configure PPTP for use by remote access clients. |
||
If required by your design, configure L2TP/IPsec for use by remote access clients. |
||
If required by your design, configure SSTP for use by remote access clients. |
||
If required by your design, configure VPN Reconnect using IKEv2 for use by remote access clients. |
||
Implement security. |
||
Verify the VPN connection from a remote access client. |