Skip to content
Set up an L2TP VPN Server on Windows Server 2012
Configuring Windows Server 2012 R2 (VPN Server configuration)
Configuring Windows Server 2012 R2 (VPN Server configuration)
This step will allow us to configure the server to accept incoming connections. During the installation,add also the roles/features/Role Services that are proposed after selecting the ones in the instructions below.
- In Server Administrator, open the Add Roles and Features Wizard.
- SelectRemote Access role.
- AddRemote Access Management Tools feature. Enable Remote Server Administration Tools it not installed.
- AddDirectAccess and VPN (RAS) role service.
- The installation will take a few minutes. Once completed, clickOpen the Getting Started Wizard.
- Configure Remote Access will appear. SelectDeploy VPN only.
- Routing and Remote Access should start, if it doesn’t, go in Server Administrator > Tools > Routing and Remote Access.
- Right click on the server name and selectConfigure and Enable Routing and Remote Access.
- The setup Wizard will start. Click Next.
- SelectCustom configuration and click Next.
- SelectVPN Access andNAT.
- Click Finish.
- After clicking finish you might receive a warning message telling you that the Wizard is unable to make any change on the Firewall. Don’t worry about this, we’ll configure the firewall later on.
- Click Start service.
- Right click again on the server name and selectProperties.
- In General, leave everything by default.
- In the Security tab, clickAllow custom IPsec policy for L2TP/IKEv2 connection and type your preshared key. In the example below the key isMyKEY. Make sure you use something a bit more complex than that. 🙂
- In IPv4 tab, make sureEnable IPv4 Forwarding is enabled and select aStatic address pool (or use the DHCP option if you have DHCP enabled). ThenclickAdd in order to add a scope (in the screenshot below I’m using a range of 3 addresses, from 192.168.10.100 to 102).
- The other tabs are left to their default values/selections.
- Click Apply, you will be asked to restart Routing and Remote Access service, go ahead with it.
- The configuration is nearly completed, right click on Ports and select Properties.
- You will see a list of devices and their protocol. Double click on PPTP and deselect everything in order to disable this protocol (you may leave the Max ports to 128). Then, if you want, double click on the others as per my screenshot reduce the number of ports associated to them. I put them down to 5, you will need to do decrease or increase the number based on the number of connections you will be accepting.
- Last step for the VPN setup: restart the Routing and Remote Access service. You can do it by right clicking on the server name >All Tasks >Restart.
Contents
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept