Overview

Introduction

The Configuring VPN Reconnect module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises:

  • Prepare System Requirements for VPN Reconnect
  • Configure Routing Remote Access Server and Network Policy Server
  • Configure Windows VPN Client

Exercise 1 - Prepare System Requirements for VPN Reconnect

Windows Server 2012 supports VPN reconnect feature through the Routing and Remote Access Services. One of the protocols supported by RRAS is Internet Key Exchange v2 (IKEv2) which has the capability to restore lost VPN connection called VPN reconnect.

VPN reconnect enables Windows clients like portable computers or mobile devices to seamlessly reconnect to VPN server if they temporarily lose connectivity. This can happen if the client moves from one network access point or network location to another.

VPN reconnect requires RADIUS. Network Policy Server (NPS) is Microsoft’s implementation of Remote Authentication and Dial-in User Service (RADIUS) that can centralize the authentication, authorization and accounting of VPN dial-in users.

NPS is useful in networks where more than one VPN server is deployed and the system adminstrator would like to have a dedicated server responsible for processing authentication of VPN dial-in users. NPS can enforce strict user policies by using authorization where users must meet a criteria before being allowed access to VPN services. Similarly, NPS can be used for accounting purposes as it can record the number of minutes that a user spends during their VPN connection.

In this exercise, you will first setup the system requirements to support VPN reconnect.

Exercise 2 - Configure Routing Remote Access Server and Network Policy Server

In the previous exercise, you prepared the system requirements for supporting VPN reconnect feature in Windows Server 2012 R2. The tasks performed earlier were required for a successful implementation of VPN reconnect. These tasks were the following: installed Internet Information Services, installed and configured Active Directory Certificate Services Web Enrolment service, created a customized certificate template and requested a customized certificate for the server that will be designated as VPN server.

In this activity, you will install and initialize Routing and Remote Access. Then configure a network access policy in Network Policy Server

Exercise 3 - Configure Windows VPN Client

All Windows workstations have the capability to dial-in to a VPN server using its native VPN client software.

In the previous exercise, you installed and configured VPN services on Windows Server 2012. To validate the VPN settings that were setup on the server, you will create a VPN client connection using Windows 10.

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.