<<< Part 2 – How to Set Up a VPN
We started this series by talking about the extent to which censorship and site-blocking are common ways that the Internet is controlled around the world. For those who want to access sites that they otherwise could not, or those who wish to access the user experience in various areas (a great way to expand your comparison shopping by checking numerous regions), a VPN (virtual private network) is a viable solution. One way to surf the Internet encrypted and anonymously is with a more full-featured and robust option than a VPN service, a Windows cloud server.
Below we will discuss how to get the most out of a cloud server with a Windows operating system to get online from whatever nation you want.
Setting up a Windows cloud server for global VPN surfing
Here’s the basic step-by-step process to use a Windows cloud server as a form of VPN-as-a-service. Note that this guide is intended for a small project. If you need to install a VPN for an enterprise, consider DirectAccess, which Microsoft Hyper-V MVP and cloud architect Thomas Maurer says has been dramatically simplified in the Windows Server 2012 package.
- Sign up for a Windows cloud server. The setup is instantaneous, and you can potentially be inside your active server environment within 30 seconds.
- Set up a VPN on a cloud server running Windows Server 2012 (go here for help with Windows Server 2008 R2), via the instructions of Maurer, by first setting up the server role Remote Access, using either Server Manager or PowerShell.
- You should now be looking at the Role Services pane. Rather than “Routing,” choose the option “DirectAccess and VPN (RAS).”
- When the next window pops open, which should say, “Confirm installation selections,” keep everything as it’s set by default.
- Then you will add any features through the “Add Roles and Features Wizard.”
- Finally, switching over to the Getting Started Wizard, you can get into your VPN configurations.
- On the Configure Remote Access screen, either choose deployment of the VPN and DirectAccess or just the VPN, with the reason behind pairing the two technologies explored below in the “Why DirectAccess?” section.
- If you chose only the VPN, you will now see the Routing and Remote Access window. You should see your server and right-click on it, selecting the configuration and Enable Routing and Remote Access option.
- Now you are in a new wizard. Click Next.
- Assuming only one network interface is on the cloud server, select the option for Custom configuration.
- Choose VPN access. Proceed through the rest of the wizard, and the service should be running.
- Within your firewall, you need to forward the appropriate VPN ports to the Windows operating system, which include the following three:
• PPTP – Protocol 47 GRE and 1723 TCP
• L2TP (IPsec) – 500 UDP and 1701 TCP
• SSTP – 443 TCP. - Now you want to think about individual users. Everyone has to be given privileges to allow Remote Access. Within a server, you can do that through Computer Management (within Microsoft Management Console, a.k.a. MMC). If you’re working with a specific domain, you can change properties within Active Directory.
- At this point, you may be finished. However, you may also need to set up a static address pool if there is not a DHCP (dynamic host configuration protocol) server within the local network. That is often the case for companies using one Windows cloud server through a hosting company. To get started, right-click Remote Access Server, choosing Properties.
- Go into the IPv4 menu and choose the option “Static address pool.”
- Now set up whatever pool of IP addresses you want, such as 123.456.7.100 – 123.456.7.200.
- If you are using a cloud server with just one public IP, you want to add another IP address in the network interface that shares the subnet with the pool you just created.
Why DirectAccess?
DirectAccess is specifically designed to connect all devices to the business network whenever the Internet is available. It allows users to operate remotely as if they were at the workplace, immediately connecting to the business’s content and performance. Additionally, the client PCs are more easily controlled through upgrades and other forms of management. Typically DirectAccess is used in conjunction with a VPN.
Benefits of DirectAccess are as follows, per Microsoft:
- An automatic connection that requires no action by the user.
- Functional regardless of any firewalls.
- Configured for selected server access and IPsec directly with a network server.
- Allows more seamless encryption that is truly end-to-end.
- Permits administrators to manage remote PCs.
VPNs, on the other hand, should be used for the following scenarios:
- Earlier versions of Windows on client machines.
- Any devices that are not using Microsoft.
- Any devices that are not within your business’s domain.
- Other operating systems on the cloud server besides Windows Server 2008 R2 or Windows Server 2012.
Why get started today?
All your resources are on-demand with a Windows cloud server: you only pay for what you use. You are in a protected environment that is free of malware and viruses. You don’t have to worry about problematic files: when you have completed any surfing, just delete the live cloud server, and any infections are obliterated. For safe browsing and peace of mind, sign up for your Windows cloud server with Atlantic.Net now!
Atlantic.Net also offers managed, dedicated hosting, and HIPAA compliant hosting solutions – contact us today for a consultation.