Get Connected to a Windows Server 2003 VPN in This Step-By-step

7/30/2019 Get Connected to a Windows Server 2003 VPN in This Step-By-step

1/14

Page 1onnected to a Windows Server 2003 VPN in this step-by-step

7/22/2010 8:22:05 AMarticles.techrepublic.com.com/5100-10878_11-5814036.html?tag=rbxccnbtr1

chRepublic : A ZDNet Tech Community

et connected to a Windows Server 2003 VPN in this step-y-step

Scott Lowe MCSE | Aug 01, 2005 8:44:00 PM

gs:VPNs, Network security , TELECOMMUNICATIONS, NETWORKING, SECURITY..., Microsoft Windows Server, Microsoft Windows Server

03, Microsoft Windows, Scott Lowe MCSE, VPN, wizard, network connection, network

keaway: Connect to a Windows Server 2003-based PPTP virtual private network (VPN) with this step-by-step user installation and

figuration guide.

eople who read this, also read...

IT Done: Provide VPN services using Windows Server 2003

naging Routing And Remote Access in Windows Server 2003

nfigure a Windows Server 2003 VPN on the server side

w do I... Configure Windows Small Business Server 2003 R2 Remote Access?

nfigure Windows Server 2003 to act as a router


2/14



ce you get a Windows Server 2003 PPTP-based VPN up and running, you'll probably want to connect clients to the new service. For this

cle, I'm connecting to a Windows Server 2003 server that has the Remote Access role enabled, and that accepts incoming PPTP connections.

ther, I've made sure that the user account I'm using to connect has been granted remote dial-in privileges. Steps to configure all of this, and


3/14



re, are found in this article's companion piece. Finally, I'm using a Windows XP Professional SP2 machine for the connection, although these

ps will work with pre-SP2 systems.

etwork Connections is where it's at

started by visiting Start | Control Panel | Network Connections. Now, you need to create a new network connection. To do this, either go to

| New Connection, or click the Create a new connection option in the left hand pane, as shown below in FigureA.

FigureA

Whichever method you choose, the result isthe same the new connection wizard starts

the first screen of the wizard, which contains just information about the wizard's purpose, click Next.

first useful screen of the wizard asks you to determine exactly what kind of network connection you'd like to create. For this article, you 're

necting to a VPN, so choose the "Connect to the network at my workplace" option. It doesn't really matter where your VPN resides. Click Next

en you're ready.

FigureB

Choose yournetwork connection type

re are two ways that you can connect to your workplace(1) dial-up; or (2) VPN. For this step, select the Virtual Private Network connection


4/14



on and click the Next button.

FigureC

Choose the VirtualPrivate Network connection option for thisstep

next step of the wizard asks you to name the new connection. You can use just about anything you want here since this just helps to keep

k of what's what on your client machine. A name is useful if you have more than one VPNconnection to manage.

FigureD

Name your connection to help keep trackof it

next step of the wizard asks you to decide which users should be able to use this new connection. Do you want it available for just the use of

currently logged in user, or should it be available for any user? Keep in mind that, even if a connection is available to a logged in user that


5/14



don't want connected to the VPN, user must still provide valid credentials to actually attach to the VPN services. For this example , I 've

bled the VPN connection for myuse only.

FigureE

Who should be able to startthis connection?

ally, you're finished creating the initial connection, as evidenced by a screen that looks like the one shown in FigureF. Click Finish.

FigureF

Your newconnection is created

onfigure the connection

Network Connection Wizard just creates the initial connection with common parameters. Now that it's created, you need to make

difications based on your environment. In particular, I've often run into trouble with Network Connection Wizard-created VPN connections'

ault gateway settingmore on that in a bit.

soon as you're done with the Network Connection Wizard, the new connection pops up so that you can connect to the remote VPN server.


6/14



example, shown below in FigureG , contains the username and password, which I provided.

FigureG

Don't hitthat Connect button quite yet

ore you hit the Connect button, take a little time to adjust the client settings. To do so, click the Properties button. I will go through most of

screens, and provide explanation where I recommend that you change the default settings.

neral tab

re isn't much to change here, except if you need to change the name or IP address of the server to which you will connect. You can also

figure this connection to dial a different connection before attempting to connect to the VPN. This is useful for clients that need to establish a


7/14



-up connection before connecting to the VPN as it reduces the number of steps the remote user must take to attach to your server. Also

ated on this tab is a checkbox that enables the network adapter icon to appear in the system tray whenever this connection is active.

rt version: You don't need to make changes here if you provided all of the necessary information during the wizard.

ptions tab

Options tab provides choices for how to handle the initial connection and any subsequent redial attempts. The word "dial" on this screen is a

e misleading since the options aren't strictly for modem-only users.

this screen, you can dictate whether the system should provide you with information about the connection status and how user names,

swords and domain names should be handled. Further, you can tell Windows what to do if the connection is droppedshould it be

omatically redialed or not, for example?

Figure I

The Options tab provides different ways of handling authenticationand redialing


curity tab

you can imagine, this is where you specify security settings for the connection. If you set up your VPN server as per the instructions in the

vious article, you shouldn't need to change these settings. If you want to increase security, though, select the "Advanced (custom settings)"


8/14



on and make sure those match your server setup. I won't be going into these options in this article, however. This article series' scope is

ply to get a PPTP server up and running and accepting connections from clients.

e option I never recommend that you enable is the " Automatically use my Windows logon name and password (and domain if any)" option

ce it can result in a big, gaping security hole. Basically, if you forget to log out, or whatever, anyone that walks up to the client computer could

nect to your organization's network and dowhat they will. It' s not that much work to type a user name and password.

FigureJ

The security tab has many different options for securing yourconnection


etworking tab

s tab provides a means for you to configure the various network options for this connection. The first option asks you about the type of VPN

which you're connecting. The default is Automatic meaning that Windows will determine whether the remote VPN is PPTP or L2TP. If you

nt, you can set this specifically to PPTP.

he bottom of this window, you can change network settings, including IP addressing information. One setting, in particular, deserves

ntion: the choice of whether the VPN connection will use the default gateway of the remote network as its own default gateway. Most of the

e, users will be connecting from home, from a hotel , or from a cybercaf of some kindand they will probably be using a high-speed Internet

nection.

default, Windows configures new connections with the option enabled that uses the default gateway on the remote network. This can often

se problems with confused traffic, and you might find that a connected client is only able to use resources on the remote network when this

nabled. This setting may be required if you need to access resources on different subnets at your company. For example , if your VPN client

an IP address on the 192.168.32.0 network, and you need to access resources from 172.16.1.0, you will either need to use the remote


9/14



work's default gateway, or locally configure a number of static routes, which canbe a pain. In these cases, use the remote network's default

eway and disconnect if you have trouble accessing Internet resources.

ou're on a smaller network, or only need to access resources on the local subnet, disable this gateway feature. To do so, select "Internet

tocol (TCP/IP)" from the item list at the bottom of the window and click Properties. On the resulting TCP/IP configuration page, click


10/14



vanced. On the Advanced settings window, uncheck the box " Use default gateway on remote network".

FigureK

If youwant to change the gateway setting, select TCP/IP and click Properties

FigureL

Next, click the Advanced button

FigureM


11/14



Finally, deselect thischeckbox

rt version: If you need to access resources on multiple networks at your company, use the remote gateway. If not, don't use the remote

eway.

dvanced tab

Advanced tab does not have any options that would be useful for a typical connection. You can configure the Windows firewall and Internet


12/14



nnection Sharing from this tab, though.

FigureN

The Advanced tab isused a lot for VPN connections

onnect!

w that you're connection is configured, you can click the Connect button on the main window. After you do so, you can select the connection


13/14



Network Connections and view its properties. You will get screen similar to the ones shown below in Figures O and P.

FigureO

The clienthas been connected to theserver for a couple of minutes

FigureP

And here are the details for the connection

works

s download provided a quick overview for getting a Windows Server 2003-based PPTP VPN up and running quickly and easily. It's not the


14/14



st secure VPN in the world, but it works, and is simple, which is sometimes all that's needed.

eople who read this, also read...

IT Done: Provide VPN services using Windows Server 2003

naging Routing And Remote Access in Windows Server 2003

nfigure a Windows Server 2003 VPN on the server side

w do I... Configure Windows Small Business Server 2003 R2 Remote Access?

nfigure Windows Server 2003 to act as a router

rint/View all Posts

omments on this articleMissing a step? DemRoyer | 08/12/05

2003/XP VPN Setup fwang@... | 12/27/ 06

RE: Get connected to a Windows Server 2003 VPN in this step-by-step f.parkins@... | 09/18/07

RE: Get connected to a Windows Server 2003 VPN in this step-by-step skipclay@... | 03/28/ 08

RE: Get connected to a Windows Server 2003 VPN in this step-by-step ranamy | 08/ 18/09

Updates

Contacts

ld you like your own dynamicWorkspace on TechRepublic?

e two minutes and set up a TechRepublic member profile.

ld you like your own dynamicWorkspace on TechRepublic?

e two minutes and set up a TechRepublic member profile.

pular on CBS sites: FantasyBaseball | iPad | Video Game Reviews | Cell Phones | NFL Draft

out CBS Interactive | Jobs | Advertise | Mobile | Site Map

010 CBS Interactive Inc. All rights reserved. | Privacy Policy (updated)| Terms of Use

Get Connected to a Windows Server 2003 VPN in This Step-By-step

Documents

Transcript of Get Connected to a Windows Server 2003 VPN in This Step-By-step