Hinweis
Für den Zugriff auf diese Seite ist eine Autorisierung erforderlich. Sie können versuchen, sich anzumelden oder das Verzeichnis zu wechseln.
Für den Zugriff auf diese Seite ist eine Autorisierung erforderlich. Sie können versuchen, das Verzeichnis zu wechseln.
Applies To: Windows 7, Windows Server 2008 R2
| Task | Reference |
|---|---|
Review key concepts. |
|
Gather required information. |
|
Configure TCP/IP on the network adapters of the RRAS server. |
|
Install RRAS. |
|
Enable RRAS and configure it as a VPN server. |
|
If your RRAS server is behind a perimeter firewall, or is running a host-based firewall such as Windows Firewall with Advanced Security, then configure the required firewall rules to permit virtual private network (VPN) network traffic through the firewall to the RRAS server. |
|
If your RRAS server is not behind a perimeter firewall, and is not running a host-based firewall such as Windows Firewall with Advanced Security, then configure static packet filters to permit only the required VPN network traffic to the RRAS server. |
|
Configure the types of VPN connections and the number of each type that your VPN server supports. |
|
Specify either DHCP or configure a static pool of IP addresses for VPN clients. |
|
If you are using DHCP to supply IP addresses to remote clients, and the DHCP server is not located on the same IP subnet as the RRAS server, then configure a DHCP relay agent that forwards broadcast DHCP requests and responses through routers to the DHCP server. |
|
If you are using Network Policy Server (NPS) to centrally manage policies for your RRAS servers, then configure dial-in properties and network policies for dial-in permission, authentication, and encryption settings. |
See "Checklist: Configure NPS for Dial-Up and VPN" in Network Policy Server Help. |
Adjust logging levels for RRAS and for each routing protocol. |
|
(Optional) Create a Connection Manager profile to manage the client connection experience for your users and simplify troubleshooting client connections. |
Connection Manager Administration Kit (https://go.microsoft.com/fwlink/?linkid=136440) |
If your RRAS configuration requires any certificates for authentication, for example, when you use Internet Key Exchange version 2 (IKEv2) or Secure Socket Tunneling Protocol (SSTP)-based VPN connections, then you must have a source for the certificates. Install Active Directory Certificate Services (AD CS) on a server on your network as an alternative to purchasing certificates from third-party root certification authorities (CAs). |
Active Directory Certificate Services (https://go.microsoft.com/fwlink/?linkid=136444) |
To support SSTP or IKEv2 certificate-authenticated VPN connections, you must install a computer certificate with the Server Authentication or All-Purpose Enhanced Key Usage (EKU) property installed on your RRAS server. |
|
If you initially configured your RRAS server to support Internet Protocol version 4 (IPv4) only, you can add support for Internet Protocol version 6 (IPv6) remote access. |
|
(Optional) Configure your VPN server to use Network Access Protection (NAP) to enforce health requirement policies. |