On the test I give an example of setting up a VPN server in Windows Server 2008 R2.
First of all, install the role:
1) Open the server manager and click on the link “Add role“.
2) Select the Network Policy and Access Services role and click “Next“.
3) Select “Remote Access” and click “Next“.
4) Click “Install” and after the installation is complete, click the “Close” button.
Now go to the setup:
1) Open the server manager, open the “Roles” branch, select the Network Policy and Access Services role, right-click on “Routing and Remote Access“, select “Configure and enable routing and remote access“.
2) In the first window click “Next“, in the next we’ll select “Custom configuration“, click the “Next” button, tick three items: Network Address Translation (NAT) and Local Area Networking (LAN routing), click Next and “Done“.
In the window that appears, click “Launch service“.
3) We’ll add an address pool for clients by opening the “Server Manager” – “Roles” – “Network Policy and Access Services“, right-click on “Routing and Remote Access” and select “Properties“.
In the “IPv4 tab, select” Static address pool “and add any range after clicking the “Add” button.
In order to be able to connect to a VPN server, for example, from the iPhone (via L2TP), in the “Security” tab, tick “Allow custom IPSec policies for L2TP connection” and specify the key .
4) Now configure permissions for users. Go to “Server Manager – Configuration – Local Users and Groups – Users“:
Open “Properties” of the desired user and on the Dial-in tab, where “Network Access permission” select “Allow access“.
5) Add NAT rules, the necessary routes and restart the service by right-clicking on “Routing and Remote Access” – “All Tasks” – “Restart “.
For the VPN to work, ports are used and should be opened:
TCP 1723 (for PPTP)
TCP 1701 and UDP 500 (for L2TP)
TCP 443 (for SSTP)
Done.
Connection logs can be seen in the C:\Windows\System32\LogFiles directory