You are on page 1of 7

SETUP VPN on a Windows 2003 (WhS) Server:

Fist of all you will need to DISABLE the ICS/FIREWALL on the server. TURN OFF ICS/FIREWALL START -> RUN > Services.msc

RIGHT CLICK -> Select PROPERITES and then Stop the service and set Startup type on the General tab to DISABLED

Now we can start setting up the RAS (Routing and Remote Access) Programs -> Administrative Tools -> Routing and Remote Access. Select Configure and Enable Routing and Remote Access

VPN Wizard:

Click NEXT

Select Custom configuration then NEXT

Select VPN Access only and then NEXT

Complete the Routing and Remote Access Wizard, by clicking Finish

You will get a prompt to start the service. Click YES

The RAS Service starts

The RAS screen will now look like this:

Next we MUST setup what is assigning DHCP addresses. This will be the router in most WhS (workgroup) installs, so next we.... ASSIGN DHCP RELAY AGENT SOURCE Click on IP Routing to open the tree to the next level and then Right click on DHCP Relay Agent then select properties for the drop down menu.

Next Add in the source of the DHCP server, ie Routers internal IP.(This will be the default gateway address of the clients/server LAN connection)

My router is a BT HomeHub, so the default IP address is, then click add to add to the list. - ENABLE USER FOR REMOTE ACCESS: SETUP USER ACCOUNT ACCESS Now you must enable a USER ACCOUNT with the rights to be able to Dial-in, so next RIGHT CLICK on My Computer and select MANAGE In Computer Management console, select the Local Users and Groups Select Users and RIGHT CLICK on the user account and select PROPERTIES Go to the Dial-in TAB and select Allow access in the Remote Access Permission (Dial-in or VPN) section.

You can mess with the Remote Access Policy but that is for more advanced user to play with. Before we setup the VPN port forwarding on the router, you can test the VPN internally on the network, as this will verify if RAS is working, as there should be no external firewalls blocking the way. (Unless you have an over protective Firewall/Anti-Virus solution on the internal network, but is not necessary) SEE OTHER GUIDES FOR VPN SETUPS ON VISTA/XP

- CONFIGURE ROUTER PORTS: Setup Port Forwarding to Server IP TCP 1725 TCP 2048