Donate Us : paypal.me/MicrosoftLab
Setting Up VPN Authentication Via RADIUS combine NPS in Windows Server 2012 R2
1. Prepare
- DC11 : Domain Controller (pns.vn), IP 10.0.0.11 | DC12 : RADIUS Server, IP 10.0.0.12 | DC13 : VPN + NPS server, IP 10.0.0.13 and 10.0.2.13
- DC14 : File Server, IP 10.0.0.14, Gateway 10.0.0.13 | WIN1091 : Client, IP 10.0.2.91, Gateway 10.0.2.13
2. Step by step : Setting Up VPN Authentication Via RADIUS combine NPS, WIN1091 access to File Server using HiepIT account
- DC14 : Create and share a folder named DATA
- DC12 : Install and configure "Network Policy and Access Services"
+ Server Manager - Manage - Add Roles and Features - Next to Server Roles : Select "Network Policy and Access Services" - Add Features - Next to Install
+ Server Manager - Tools - Network Policy Server - Right-click NPS (Local) - Register server in Active Directory - Standard Configuration
- RADIUS server for Dial-Up or VPN Connections - Configure VPN or Dial-Up - Type of connections : Choose "Virtual Private Network (VPN) Connections"
- RaDIUS clients : Add... - Friendly name : RADIUS Client, Address (IP or DNS) : 10.0.0.13 - Verify... - Resolve, Type password and confirm
- Specify User Groups : Add... : GIT - Finish
- DC13 : Install and configure routing
+ Server Manage - Manage - Add Roles and Features - Next to Server Roles : Select "Remote Access" - Next to Role Services - Select Routing - Add Features - Next to Install
+ Tools - Routing and Remote Access - Right-click DC13 (local) : Configure and Enable Routing and Remote Access - Choose "Remote access (dial-up or VPN)" - Select VPN
- Network interfaces : Internet (10.0.2.13) - Choose "From a specified range of addresses" - New ... - Start IP 10.0.10.100 End IP 10.0.10.200
- Choose "Yes, set up this server to work with a RADIUS server" - Primary RADIUS server : 10.0.0.12, Shared secret : Type password - Finish
+ Right-click DC13 - All Tasks - Restart
- WIN1091 : Test VPN
+ Right-click icon network - Open Network and Sharing Center - Setup a new connection or network - Connect to a workplace
- Use my Internet connection (VPN) - I'll set up an Internet connection later - Internet address : 10.0.2.13 - Create
+ Right-click VPN Connection - Security tab - Type of VPN : Point to point Tunneling Protocol (PPTP) - Authentication : Choose "Allow the protocols",
- Select "Microsoft CHAP Version 2 (MS-CHAP v2)"- Right-click VPN Connection - Connect - Connect - Type HiepIT account
![- ОБУЧЕНИЕ - Cделать прошивку в редакторе самостоятельно [ Тюнинг Stage 1 ]](https://s2.save4k.su/pic/2PUcheTshC0/mqdefault.jpg)
