Implementing VPN Solutions Part 1

Practice Labs Module
Time
1 hour
Difficulty
Intermediate

The "Implementing VPN Solutions Part 1" module provides you with the instruction and server hardware to develop your hands-on skills in the defined topics. This module includes the following exercises: Installing and Configuring a VPN Service, Configuring a Windows VPN Client, Configuring L2TP.

Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Overview

Introduction

The Implementing VPN Solutions Part 1 module provides you with the instruction and server hardware to develop your hands-on skills in the defined topics. This module includes the following exercises:

  • Installing and Configuring a VPN Service
  • Configuring a Windows VPN Client
  • Configuring L2TP

Lab time: It will take approximately 1 hour to complete this lab.

Exam Objectives

The following exam objectives are covered in this lab:

  • Implementing Remote Access in a Workstation to Server Setup
  • Configuring Different Protocol Options, Like PPTP and L2TP
  • Implementing VPN Server Requirements
  • Implementing VPN Client Configuration

Exercise 1 - Installing and Configuring a VPN Service

Windows Server 2016 includes the Routing and Remote Access Service (RRAS) network service. The RRAS supports remote user or site-to-site connectivity by implementing virtual private networks (VPNs) or dial-up connections.

In this exercise, you will install the RRAS on a Windows Server 2016 device, prepare the secondary network interface for VPN service, and configure the server’s system settings.

You will configure the system settings of the RRAS by setting up the VPN ports and verifying that these accept incoming connections. You will then give permission to a domain user to dial-in to the server using Active Directory Users and Computers.

The Point to Point Tunnelling Protocol (PPTP) is a VPN protocol that you will use for this first exercise. PPTP requires a username and password to authenticate the user accounts that dial-in to a VPN server. This protocol is widely supported by a variety of vendors because of its simplicity and ease of implementation. PPTP can be a security risk for a variety of reasons; however, if the username and password are compromised.

Exercise 2 - Configuring a Windows VPN Client

Every Windows workstation has the capability to dial-in to a VPN server using its native VPN client software.

In the previous exercise, you installed and configured VPN services on Windows Server 2016. To validate the VPN settings that were set up on the server, you will create a VPN client connection on Windows 10.

Exercise 3 - Configuring L2TP

Layer 2 Tunneling Protocol (L2TP) is a VPN protocol that provides restrictive authentication. It this requires machine certificates to be issued to a VPN server and client by a trusted Certification Authority (CA).

The certificate must be installed on a VPN server and client in order for a VPN session to be successfully established. The machine certificate provides an additional layer of security, in addition to the mandatory username and password that must be entered on a VPN client when initiating a connection to a VPN server.

If a CA server is not available on the network, a preshared key or password can be used to provide an additional layer of security beyond the username and password.

In this exercise, you will enable L2TP on the PLABDC01 server and the PLABWIN10 device.

Learning Partner
Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.