VPN (Virtual Private Networks) is an essential line of communication for mobile workers and home or remote office employees to use in order to gain access to resources that are located back on their company’s internal network. Small Business Server includes all of the components that are necessary to support the server side of VPN access equation.
In Small Business Server 2008, the process is simple and can be completed in less that 5 to 10minutes using the built-in Remote Access wizards. Here’s how:
In the Windows SBS Console that automatically launches on each session, do the following:
- Select the Network tab.
- Jump to the Connectivity tab in the back.
- In the main section, observe the list of connections (their Names, Descriptions and their status) to make sure you’re familiar with them.
- In the right hand pane, under Tasks, please select the option “Configure a Virtual Private Network” (this will launch the Setup Virtual Private Networking wizard).
- Select “Allow users to connect to the server by using a VPN”, then click Next.
- The Wizard will then continue automatically with the process of configuring Virtual Private Networking on the server.
Additionally, the Wizard will also attempt to configure your Internet Router automatically, but this is dependent on your Firewall and/or Internet Router having the “Plug ’n’ Play” (PNP) option available and enabled in order for SBS to perform the auto-reconfiguration.
In most cases, you may need/want to manually configure the router/firewall by opening a “pinhole” for TCP port 1723 for Virtual Private Networking.
If the Wizard completes “successfully”, a confirmation is displayed. Likewise, if there are any problems or failures in configuring the VPN or the Firewall/Internet Router, then the Details on the failure(s) will be displayed on the closing page.
The Virtual Private Networking Wizard makes all this entire process fairly easy, but there is a lot more going on under the hood. For those who wish a additional insight as to how this process works in detail, let’s look a little deeper at what VPN Setup wizard is accomplishing:
- Enable virtual private networking (VPN).
- Create packet filters for Point-to-Point Tunneling Protocol (PPTP).
- Enable Point-to-Point Tunneling Protocol (PPTP) to pass through the Windows Firewall.
- Use DHCP to assign IP addresses to remote client computers.
- Configure the Remote Access Policy to allow members of the Windows SBS Virtual Private Networking Users security group to have remote access.
- Mobile client computers, such as laptops, that are currently connected to the local network can now be configured with the connection settings (by launching the Network Connection Wizard on each client computer).
- Remote client computers not currently connected to the local network should be “Joined” to the Domain and then later, configured with the connection settings to the VPN.
- Small Business Server 2008 Virtual Private Networking wizard finishes successfully.
At this point, you are done with the actual VPN activation on the Server.
However, there are two more steps to observe at this point: adjusting your Users profiles to allow them to access SBS 2008 remotely, and adding the “connectoid” to their computer to allow them to “dial” into the VPN server. I’ll cover those options in another post to come.