Install the Remote Access Server Role
We will be doing this through a GUI. Open Server Manger and click on Manage and select Add Roles and Features.
A wizard comes up, select Next and click on Roles based or feature based installation and click on Next.
On the next page select the destination server, which is the local machine.
Select the Remote Access Role on the next page and click on Next.
It will by default install the required features like .NET framework, click on Next. The next page will give you a brief introduction about the Remote Access role, go through it and click on Next.
On the next page, select Direct Access and VPN Role services because this is what we are interested in. It will prompt to install the required features, click on Add Features and Next.
It also requires Web Server to be installed, you are fine by just selecting the defaults and clicking on Next.
Click on Install and wait for the installation to complete.
Configure the Remote Access Server Role
Now that we are done with installing the Server Role, we need to go enable it and provide a few details to start accepting the incoming connections.
From Administrative Tools, select Remote and Routing Access. A window comes up, right click on the server and select Configure and Enable and Remote and Routing Access.
A wizard pops up and follow along.
Select Custom Configuration and click on Next.
On the next page, select VPN server and click on Finish.
Next step will be to start the services.
Now Right click on the server and click on Properties to configure the IP addresses that it will give out once the connections are made.
Now you will need to allow the connections coming in on the Windows Firewall. Go to start and type Firewall and select the third option as shown below.
Make sure that the connections are allowed for Remote Access as seen below.
That’s it! You are done. Before you can receive connections you will have to configure your Firewall.
Configure Perimeter Firewall
Based on the type of firewall you have, ensure the following ports are allowed traffic to the RRAS server:
I hope this was informative and thank you for reading!