How to Setup a VPN on Windows Server 2012

How to Setup a VPN on Windows Server 2012

Virtual Private Network (VPN) can be directly installed and configured on a Windows Server 2012 with no difficulties. To run a VPN solution in your initiative you should certainly look at Direct Access which is a lot simpler to install in Windows Server 2012. Below, are the steps one should take to install VPN on Windows 2012:

  • Install the Remote Access role through Server Manager.



More information can be found here on setting up Roles and Features in Server 2012


  • Check the box and select the DirectAccess and VPN (RAS) role.



  • Click “Next” to proceed, here you will be able to review the Roles and features being installed.  And choose to restart the server automatically if needed.  The installation process may take a little time to complete.



  • When the installation is finished the Getting Started Wizard link will appear in the installation reporting screen. Select the “Open the Getting Started Wizard” link to continue the configuration of   the VPN services.





  • Here you will be able to choose how to proceed with the VPN Setup. If you decide not to deploy DirectAccess, then select Deploy VPN only. By default it is recommended you deploy both.


  • After Selecting how you want to deploy your VPN the Routing and Remote Access window will open. Right click on your server and select “Configure and Enable Routing and Remote Access.” This will open up the Routing and Remote Access Server Setup Wizard.



  • Select the option for Custom configuration and click “Next” to proceed


  • Check the box for VPN access and click “Next” to proceed.




  • On the new screen you may click “Finish” and then “Start service” this will finish the installation and setup process.

  • You will need to ensure that the following ports on your firewall are open and are set to forward your Windows Server
    - For PPTP: 1723 TCP and Protocol 47 GRE (also known as PPTP Pass-through
    - For L2TP over IPSEC: 1701 TCP and 500 UDP
    - For SSTP: 443 TCP 


  • Users will need to have permission set for their user profile to allow Network Access. You can find these settings under the users properties under the “Dial-in” tab.


Hopefully with this article, you will be able to enable your users on VPN in a snap!

Posted in
Last update:
2015-12-03 20:39
Average rating:0 (0 Votes)