Implementing RRAS and remote access policy

Hello to all of you,
I'm upgrading my infrastructure to windows server2012 R2 and now I'm doing the VPN server .
I need to grant access to the network only to the IT department people .
In the past I manually went in ADUC remote access permission and check the box "Allow Access" but now I want to use security group and use the remote access policy.
Can you confirm that this is the right way and if you can recommend a simple step by step installation.
Thank you
Carlo



not much changes though by adding roles for Remote Access, DirectAccess and VPN (RAS), IP and Domain Restrictions, IIS Management Scripts and Tools, Network Policy and Access Services Tools, and Windows Internal Database.to win2012
http://blogs.technet.com/b/sbs/archive/2014/05/19/configuring-vpn-on-windows-server-2012-r2-essentials.aspx
you can check for the events for RemoteAccess-MgmtClient and RemoteAccess-RemoteAccessServer on the Event Viewer.



not much changes though by adding roles for Remote Access, DirectAccess and VPN (RAS), IP and Domain Restrictions, IIS Management Scripts and Tools, Network Policy and Access Services Tools, and Windows Internal Database.to win2012
http://blogs.technet.com/b/sbs/archive/2014/05/19/configuring-vpn-on-windows-server-2012-r2-essentials.aspx
you can check for the events for RemoteAccess-MgmtClient and RemoteAccess-RemoteAccessServer on the Event Viewer.



Hello,
thank you for your message but I'm looking for a documentation on how to setup a VPN server to allow staff to remote access using RRAS and as a requirement I need to allow only people belonging to a specific security group.

thank you
Carlo



if you are referring to this
If you will like to authenticate the remote access users using work-group credentials – then RRAS server need not be joined to domain.

“Yes, set up this server to work with a RADIUS server”. Select this option, if you will like to use Radius based authentication. In this scenario there are two options: RADIUS server installed on some other machine or on the RRAS server machine.
(Configuring RRAS as a VPN server) http://blogs.technet.com/b/rrasblog/archive/2009/03/25/remote-access-deployment-part-2-configuring-rras-as-a-vpn-server.aspx ...

and
Click on “Policies” node, then click on ”Network Policies” node. Network policies allow you to designate who is authorized to connect to the network and the circumstance under which they can or cannot connect....

Condition: If ALL the conditions match against the connection request, NPS uses this policy to authorize the connection request, else skips this policy and evaluates other policies (if configured)
“Operating System” – specifies the OS for remote access client computer to match this policy
“Windows Groups” – This condition specifies the remote access user’s group inside Active directory.
(Configuring RADIUS Server for remote access) http://blogs.technet.com/b/rrasblog/archive/2009/03/25/remote-access-deployment-part-3-configuring-radius-server-for-remote-access.aspx





Share this

Related Posts

There was an error in this gadget