Checklist: Implementing a VPN Remote Access Server Design
Updated: April 30, 2010
Applies To: Windows Server 2008, Windows Server 2008 R2
Note
Complete the tasks in this checklist in order. When a reference link takes you to a procedure, return to this topic after you complete the steps in that procedure so that you can proceed with the remaining tasks in this checklist.
.gif)
Checklist:
Implementing a VPN Remote Access Server Design
| Task | Reference | |
|---|---|---|
.gif) |
Review key concepts and design considerations for VPN-based remote access. |
|
|
Install the Routing and Remote Access role service on the VPN server. |
|
|
Configure TCP/IP on network interfaces on the VPN server that are connected to the public and private networks. |
|
|
Enable the VPN server to forward packets between remote access clients and the intranet. |
|
|
Configure name resolution so that remote access clients can resolve the names of computers on the private network. |
|
|
Enable the VPN server to relay Dynamic Host Configuration Protocol (DHCP) messages between DHCP clients and DHCP servers on different IP networks. |
|
|
Configure packet filters on the VPN server to allow only desired network traffic. |
|
|
Configure routing on the VPN server so that the server can forward traffic from remote access clients to locations on the private network. |
|
|
Configure remote access policies to enable only authorized users and computers to access the private network through the VPN server. |
|
If required by your design, configure PPTP for use by remote access clients. |
||
If required by your design, configure L2TP/IPsec for use by remote access clients. |
||
If required by your design, configure SSTP for use by remote access clients. |
||
If required by your design, configure VPN Reconnect using IKEv2 for use by remote access clients. |
||
|
Implement security. |
|
|
Verify the VPN connection from a remote access client. |
.gif)