A Virtual Private Network (VPN) can be used to connect your private network with a different network across public network (Internet). A VPN can allow users to securely access their company’s files and computers while they are somewhere other than their work place. In fact, VPNs extend private networks over the Internet and connect geographically different sites (internal networks) to each other with a secure way.
If you have a dedicated Windows 2003 server with one network card and you want to setup a VPN connection in order to connect and access server or network files from everywhere, then you can follow this guide to find out how you can do that.
How to Enable VPN service in Windows 2003 Server with one Network card.
Step 1. Enable Routing and Remote Access
1. From Control Panel, open Administrative Tools.
2. Double-click to open Routing and Remote Access.
3. Right-click on your server name (on the left pane) and select “Configure and Enable Routing and Remote Access”.
4. At ”Routing and Remote Access Server Setup Wizard” welcome screen, press “Next”.
5. Select “Custom configuration” and press “Next”.
6. Select “VPN access” and click “Next”.
7. Click “Finish”
8. Click “Yes” to start Routing and Remote Access service.
Step 2. Assign IP addresses for VPN users.
Now you have to assign which IP Addresses will be given to connected VPN users.
1. Right-click on your server name (on the left pane) and select “Properties”
2. At “IP” tab, select “Static address pool” and click “Add”.
3. Type which IP addresses (Start & End IP address) are available to be given to VPN clients upon connection and click “OK”.*
* Note: The available IP Addresses must be at the same network range as your network is.
4. Click “OK” again.
Step 3. Select VPN Users
Now you must specify which user(s) may have VPN access. To do that:
1. From Control Panel, open Computer Management. *
* Note: If your server is a part of Active Directory (Domain), then you have to perform this job from “Active Directory Users and Computers”.
2. From the left pane under “System Tools” expand “Local Users and Groups” > “Users”.
3. Select each user that you want to give VPN access and double-click on it to open its properties.
4. At the “Dial In” tab, check “Allow Access” and click “OK”.
Step 4. Open VPN port in your network firewall (router).
One final step: If your server is behind a Firewall or Router, then you must map the port 1723 (PPTP) to your VPN server’s internal IP Address.
By default Windows 2003 Server uses the following two (2) tunneling protocols to secure VPN data:
- Point-to-Point Tunneling Protocol (PPTP): Provides data encryption using Microsoft Point-to-Point Encryption.
- Layer Two Tunneling Protocol (L2TP): Provides data encryption, authentication, and integrity using IPSec.
The most secure of them is the L2TP protocol, but sometimes it is complicated in setup on the VPN clients side.
In the case that you want to disable the usage of PPTP protocol and use only the L2TP protocol to have stronger security, then:
1. Open Routing and Remote Access and under “Server” name, right-click on “Ports” and click “Properties”.
2. Highlight the “WAN Miniport (PPTP)” and click “Configure”.
3. Set the “Maximum ports” value to zero (0) and click “OK” twice to exit.