The Sysadmins

Tips and tricks from the Sysadmins

Server 2012 PPTP VPN With 1 NIC

The process for setting up a PPTP VPN in Server 2012 with 1 network card is very similar to that of Server 2008 R2. Please be aware that PPTP is vulnerable to dictionary attack and should be considered unencrypted. There is a great post explaining why here.

Server Side (Server 2012)

  • Head to Server Manager, click on Manager, Add Roles and Features
  • Role-based or feature-based installation
  • Make sure the server you want to install the RRAS role is selected
  • Select Remote Access
  • View items and click add features
  • Next as you do not need to add any features
  • Tick DirectAccess and VPN (RAS)
  • This shows the Role services which are requested and then added
  • When the feature installation is complete click close
  • Select Remote Access in Service manager
  • Right click the Server with the Remote Access role install and choose Remote Access Management
  • Select Run the Getting Started Wizard
  • Select Deploy VPN Only, the familiar RRAS console will appear
  • Right click the server and choose configure and enable routing and remote access
  • If you select “Remote Access” give the following error “Less than two network interfaces were detected on this machine. For standard VPN server configuration at least two network interfaces need to be installed
  • Select Custom Configuration to get around this, then select VPN Access, follow it through to the end
  • Right click Routing and remote access and select properties
  • Browse to the IPv4 tab and assign a static pool of IPs for the remote clients
  • Now load up ADUC (Active Directory Users and Computers) and double click the user you wish to give access
  • Select the Dial-in tab and set the Network Access permission to Allow Access

Switch to 720 for a better experience.

Client Side (Windows 8)

  • Tap the Winkey and type VPN, press the down arrow and enter, select Set up a virtual private network (VPN) connection
  • Type the IP of the server hosting the PPTP VPN server (or more likely the public address forwarding to the PPTP Server) and give the connection a name
  • Click on the network icon in the tray, right click the PPTP connection and choose view connection properties
  • Head to the Security tab and select PPTP (Windows will work this out if you don’t, so it’s not really that necessary
  • Go to Networking, IPv4, Properties, Advanced and unselect Use default gateway on remote computer
  • Click the network icon in the tray, select the PPTP VPN connection and collect
  • Type your credentials
  • In the video I typed ncpa.cpl to get quick access to the connection details, note I was allocated one of the IPs from the pool we configured on the PPTP server
  • You should be good to go!

Switch to 720 for a better experience.

Networking

  • Enable forwarding for TCP Port 1723 (PPTP) to your Windows 2012 Server
  • The firewall must support GRE

4 Comments

  1. its very helpful..thanx..:)

  2. How can you setup VPN clients to use the remote gateway with traffic routed. IE, how do you get NAT setup properly on RRAS without a LAN NIC? It doesn’t seem to work with the loopback adapter either. Can you make this work?

  3. If you install both the Routing and Remote Access Role/features you can configure NAT in RRAS and leave the “use remote gateway” checked on the clients. This will route all the client internet traffic through the VPN rather than it’s own interface.

  4. Make sure PPTP traffic is allowed on your home/remote router!!! otherwise it will fail to connect.

Leave a Reply

Your email address will not be published.

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.