INF204x Module 1, Lab 3 - Configure Windows 10 VPN

Similar documents
20411D D Enayat Meer

INF204x Module 2 Lab 2: Using Encrypting File System (EFS) on Windows 10 Clients

Module 3 Remote Desktop Gateway Estimated Time: 90 minutes

INF204x Module 1 Lab 1: Configuring and Troubleshooting Networking Part 1

INF204x Module 1 Lab 2: Configuring and Troubleshooting Networking Part 2

This course comes with a virtual lab environment where you can practice what you learn.

Module 4 Network Controller Estimated Time: 90 minutes

LAB 5 IMPLEMENTING WINDOWS IN AN ENTERPRISE ENVIRONMENT

Workshop on Windows Server 2012

Module 1 Web Application Proxy (WAP) Estimated Time: 120 minutes

Lab: Configuring and Troubleshooting DNS

Student Lab Manual MS101.1x: Microsoft 365 Security Management

This course comes with a virtual lab environment where you can practice what you learn.

In most cases, the userid is Adatum\Administrator and the password is Pa55w.rd, but read the instructions carefully.

List of Virtual Machines Used in This Lab

Student Lab Manual MS100.1x: Office 365 Management

Connecting to the NJITSecure wireless network.

Course CLD221x: Enabling Office 365 Clients

INF220x Security Practical Exercises

Securewireless Windows 7 Setup Guide

Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

Step-by-Step Guide to Ansur Executive 3.0 With or without Electronic Signatures

LAB MANUAL. Craig Zacker.

How to configure PPTP VPNs roadwarrior to gateway

Lab 7.5.1: Basic Wireless Configuration

Distributed Processing

Configuring an IMAP4 or POP3 Journal Account for Microsoft Exchange Server 2003

LAB 10 CONFIGURING VPN AND ROUTING

Client VPN OS Configuration. Android

Course CLD211.5x Microsoft SharePoint 2016: Search and Content Management

Lab - Remote Desktop in Windows 8

edp 8.2 Info Sheet - Integrating the ediscovery Platform 8.2 & Enterprise Vault

IT Essentials v6.0 Windows 10 Software Labs

Configuration Guide SuperStack 3 Firewall L2TP/IPSec VPN Client

Wireless Setup Instructions

ADSLNET INFORMATION AND TECHNOLOGIES. Document Purpose

G806+H3C WSR realize VPN networking

UK TV ACCESS SET UP GUIDE

Manual UCSFwpa Configuration for Windows 7

NetIQ Advanced Authentication Framework - Extensible Authentication Protocol Server. Administrator's Guide. Version 5.1.0

Windows Server 2012 Immersion Experience Enabling Secure Remote Users with RemoteApp, DirectAccess, and Dynamic Access Control

SET UP VPN FOR WINDOWS 10

July 9, Installation Guide

APSCN VPN Settings for Windows 7 2. APSCN VPN Settings for Windows XP 8. APSCN VPN Settings for MAC OS 15

Wave 5.0. Wave OpenVPN Server Guide for Wave 5.0

Configure Point to Point Tunneling Protocol (PPTP) Server on RV016, RV042, RV042G and RV082 VPN Routers for Windows

VPN Connection - Instructional Document

Hosted Microsoft Exchange Client Setup & Guide Book

VMware AirWatch Certificate Authentication for EAS with ADCS

Module 9. Configuring IPsec. Contents:

BSc Year 2 Data Communications Lab - Using Wireshark to View Network Traffic. Topology. Objectives. Background / Scenario

HTG XROADS NETWORKS. Network Appliance How To Guide: PPTP Client. How To Guide

Internet Access: Wireless WVU.Encrypted Network Connecting a Windows 7 Device

VMware AirWatch: Directory and Certificate Authority

Configuring 802.1X Authentication Client for Windows 8

Lesson 3: Identifying Key Characteristics of Workgroups and Domains

Step-by-Step Guide to Ansur Executive 3.0 Installation With or without Electronic Signatures

How to setup Remote VPN access using Windows Radius Server and Unifi USG/Controller

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Lab - Remote Desktop in Windows 7 and Vista

Table of Contents. VMware AirWatch: Technology Partner Integration

How to Configure Connection Fallback using Multiple VPN Gateways

Lab - Share Resources in Windows

Test Lab Guide: Windows Server 2012 Base Configuration

Table of Contents HOL-1757-MBL-6

Secure Access Configuration Guide For Wireless Clients

ESET SECURE AUTHENTICATION. Microsoft RRAS with NPS PPTP VPN Integration Guide

Wireless Installation Instructions for Windows Vista

SonicWALL Security Appliances. SonicWALL SSL-VPN 200 Getting Started Guide

Residence Towers Network Access for Windows XP / 2000 Computers

Microsoft Microsoft TS: MS Internet Security & Acceleration Server 2006, Configuring. Practice Test. Version:

Workspace ONE UEM Certificate Authentication for EAS with ADCS. VMware Workspace ONE UEM 1902

XIA Configuration Server

Evolution 2.0 & Affiniti AOS 1.5 Network Share Direct Connect

Installing the WinSCP Secure FTP Client

Wireless Setup Instructions for Windows 7

UC320 Lab 1: Initial UC320 Configuration

A guide to configure agents for log collection in Log360

NETWRIX PASSWORD EXPIRATION NOTIFIER

Pastel Evolution BIC Web Reporting User Guide

Implementing DVN. directpacket Product Guide

802.1x Radius Setup Guide Working AirLive AP with Win X Radius Server

RED IM Integration with Bomgar Privileged Access

Azure 209x Practical Exercises Overview

ONUnet ONU Setup Guide for Windows 7

Managing and Maintaining Windows 8

8.9.2 Lab: Configure an Ethernet NIC to use DHCP in Windows Vista

Instructions for connecting to winthropsecure

Connecting the DI-804V Broadband Router to your network

Integrated Information Technology Services (IITS)

Instructions for connecting to the FDIBA Wireless Network (Windows Vista)

V7610 TELSTRA BUSINESS GATEWAY

Setting Up Windows 2K VPN Connection Through The Symantec Raptor Firewall Firewall

Self-Service Password Reset

SharePoint AD Administration Tutorial for SharePoint 2007

The safer, easier way to help you pass any IT exams. Exam : Administering Windows Server Title : Version : V16.

WA2583 React JavaScript Programming. Classroom Setup Guide. Web Age Solutions Inc.

Networking Basics Sharing a network printer

29 March 2017 SECURITY SERVER INSTALLATION GUIDE

Lab - Remote Assistance in Windows

Transcription:

INF204x Module 1, Lab 3 - Configure Windows 10 VPN Estimated Time: 40 minutes Your organization plans to allow Windows 10 users to connect to the internal network by using the VPN client built into the operating system. Before you implement the VPN infrastructure, you need to evaluate VPN connectivity in a test environment. You will accomplish this by configuring Remote Access on a Windows Server 2012 R2 computer and setting up a VPN connection from a Windows 10 computer. Objectives After completing this lab, students will be able to: Configure Remote Access on Windows Server 2012 R2. Enable Remote Access for an Active Directory user account. Configure and test a VPN connection on a Windows 10 computer. Lab Environment The lab consists of two virtual machines: (prefer you remove the 403320- in front of the lab names) LON-WIN10 - Windows 10 Enterprise client (Adatum.com Active Directory domain member) with IPv4 address of 172.16.0.40 LON-DC1 Windows Server 2012 R2 Datacenter server (Adatum.com Active Directory domain controller) with IPv4 address of 172.16.0.10 Exercise 1: Configure Remote Access on Windows Server 2012 R2. In this exercise, you will step through configuring Remote Access on a Windows Server 2012 R2 computer. The main tasks for this exercise are as follows: 1. Install Remote Access server role on Windows Server 2012 R2 2. Configure Routing and Remote Access on Windows Server 2012 R2 3. Configure an Active Directory user to allow connectivity via VPN Task 1: Install Remote Access server role on Windows Server 2012 R2 1. Sign in to the Windows Server 2012 R2 lab virtual machine with the following credentials: USERNAME: ADATUM\Administrator PASSWORD: Pa$$w0rd 2. From the Manage menu in Server Manager, select Add Roles and Features. This will launch Add Roles and Features Wizard. 3. On the Before you begin page, click Next 4. On the Select installation type page, ensure that Role-based or feature-based installation option is selected and click Next. 5. On the Select destination server page, ensure that the local server is selected and click Next.

6. On the Server Roles page, select Remote Access checkbox and click Next If you receive this error message There may be a version mismatch between this computer and the destination server or vhd, deselect Remote Access checkbox, return to the previous page, and then try steps 5 and 6 again. 7. On the Select features page, click Next. 8. On the Remote Access page, click Next. 9. On the Select role services page, enable the DirectAccess and VPN (RAS) checkbox and click Next. 10. When prompted, in the Add Roles and Features Wizard dialog box, click Add Features. 11. Click Next 12. On the Confirm installation selections page, click Install and wait for the installation to complete. Typically, you would avoid installing Remote Access server role on a domain controller. We resort to this configuration due to simplified nature of our lab environment. Instead, you would use a dedicated server, residing preferably in a perimeter network. Task 2: Configure Routing and Remote Access on Windows Server 2012 R2 1. While logged on to Windows Server 2012 R2 computer, in the Server Manager console and click the Open the Getting Started Wizard on the Installation progress page of the Add Roles and Features Wizard. 1. In the Configure Remote Access window, click Deploy VPN only option. This will open the Routing and Remote Access console. 2. In the Routing and Remote Access console, right click the node representing the local server LON-DC1 and select Configure and Enable Routing and Remote Access. This will launch Routing and Remote Access Server Setup Wizard. 3. On the Welcome to the Routing and Remote Access Server Setup Wizard page, click Next 4. On the Configuration page, select Custom configuration and click Next. We must select Custom configuration in this case because our server contains single network adapter. Typically (with multiple network adapters), you would use the Remote access (dial-up or VPN) option. 5. On the Custom Configuration page, select the VPN access checkbox and click Next 6. On the Completing the Routing and Remote Access Server Setup Wizard page, click Finish. 7. If presented with the dialog box displaying the message Remote Access Service is unable to enable Routing and Remote Access in Windows Firewall service. In this case, RAS may not accept vpn connections. User Action: Manually open the port of Routing and Remote Access in the windows firewall, click OK. 8. When prompted, in the Routing and Remote Access dialog box, click Start service

9. In the Routing and Remote Access console, right click the node representing the local server LON-DC1 and select Properties from the context sensitive menu. 10. In the LON-DC1 (local) Properties dialog box, switch to the Security tab. 11. On the Security tab, click Authentication Methods 12. Take a note of the default authentication methods which are enabled: Extensible authentication protocol (EAP) Microsoft encrypted authentication version 2 (MS-CHAP v2) 13. Click OK 14. Switch to the IPv4 tab. 15. On the IPv4 tab, in the IPv4 address assignment section, select the Static address pool option. 16. Click Add 17. In the New IPv4 Address Range, type in the following: Start IP address: 192.168.0.1 End IP address: 192.168.0.255 This is the pool of IP addresses that will be assigned to the Remote Access server and VPN clients once the VPN connections are established. 18. Click OK twice. 19. In the Routing and Remote Access console, expand the IPv4 node and select the General node 20. In the details pane, right-click the Ethernet interface and select Properties from the context sensitive menu. 21. In the Ethernet Properties dialog box, uncheck the Enable IP router manager checkbox. This will allow us to verify VPN connectivity by pinging the Remote Access server from the VPN client via their VPN assigned IP addresses. 22. Click OK. 23. From the Tools menu in Server Manager launch Windows Firewall with Advanced Security. 24. In the Windows Firewall with Advanced Security, click Inbound Rules. 25. In the list of Inbound Rules, select the rules labeled Routing and Remote Access (GRE-In), Routing and Remote Access (L2TP-In), and Routing and Remote Access (PPTP-In). With all three rules select, click Enable Rule in the Action pane. Task 3: Enable Remote Access for an Active Directory user account 1. While logged on to Windows Server 2012 R2 computer, launch Active Directory Administrative Center from the Tools menu in Server Manager. 2. In the Active Directory Administrative Center window, expand Adatum (local) in the navigation pane.

3. Double-click the Users organizational unit. 4. Make sure that Administrator account is selected and click Properties in the Task pane. 5. In the Administrator dialog box, scroll down to the Extensions section. Click the Dial-in tab. 6. In the Network Access Permission, select Allow access and click OK. Typically, you would not enable remote access permissions for the built-in Administrator account, but grant it to unprivileged accounts instead. Once again, we resort to this configuration for the sake of simplicity. Results: After completing this exercise, you will have installed and configured Remote Access on a Windows Server 2012 R2, as well as enabled Remote Access for an Active Directory user account. Exercise 2: Configure and test a VPN connection on a Windows 10 computer In this exercise, you create, configure, and test a VPN connection on a Windows 10 computer. The main tasks for this exercise are as follows: 1. Create and configure a VPN connection on a Windows 10 computer. 2. Test a VPN connection from a Windows 10 computer Task 1: Create and configure a VPN connection on a Windows 10 computer 1. Sign in to the Windows 10 lab virtual machine using the following credentials: USERNAME: ADATUM\Administrator PASSWORD: Pa$$w0rd 2. Click the Start button and select Settings 3. In the Settings app, click Network & Internet 4. On the NETWORK & INTERNET page, click VPN. 5. In the VPN section, click + Add a VPN connection. 6. On the Add a VPN connection page, specify the following: VPN provider: Windows (built-in) Connection name: LON-DC1 Server name or address: 172.16.0.10 VPN type: Automatic Type of sign-in info: User name and password User name (optional): leave blank Password (optional): leave blank Remember my sign-in info: leave the default setting in place

7. Click Save. 8. Back in the VPN section, click LON-DC1 entry. Next click Advanced options. Examine options available in on Connection properties page. 9. In the Search the web and Windows area in the taskbar, type ncpa.cpl. This will open Network Connections window. Note that the window contains an extra entry labeled LON- DC1 of WAN Miniport (IKEv2) type. 10. Right-click LON-DC1 and select Properties from the context-sensitive menu. 11. In the LON-DC1 Properties dialog box, switch to the Security tab and configure the following: Type of VPN: Automatic Data encryption: Optional encryption (connect even if no encryption) Authentication: Click the Allow these protocols option. Next, click Microsoft CHAP Version 2 (MS-CHAP v2) and Automatically use my Windows logon name and password (and domain, if any) 12. Click OK. You need to ensure that the authentication settings match on the Remote Access server and VPN clients. Task 2: Test a VPN connection from a Windows 10 computer 1. While logged on to the Windows 10 lab virtual machine (LON-WIN10), in the Search the web and Windows text box, type cmd. This will launch the Command Prompt window. 2. From the Command Prompt, type ipconfig and press the Enter key. Note that the Windows 10 lab virtual machine has a single network adapter (Ethernet) and a single IP address assigned to it. 3. Switch back to the VPN section of the NETWORK & INTERNET page of the Settings app. 4. Make sure that the LON-DC1 entry is selected and click Connect. 5. The connection should be successfully established, resulting with the LON-DC1 connection listed with the Connected status. 6. Switch back to the Command Prompt and type ipconfig. Note that the Windows 10 computer has an additional IP address from the pool you defined in the previous exercise (192.168.0.2) assigned to the PPP adapter LON-DC1. 7. Switch to the Windows Server 2012 R2 lab virtual machine and launch Command Prompt 8. From the Command Prompt, type ipconfig and press the Enter key. Note that the Windows 2012 R2 lab virtual machine has an additional IP address from the pool you defined in the previous exercise (192.168.0.1) assigned to the PPP adapter LON-DC1. 9. Switch to the Routing and Remote Access console and click the Remote Access Clients node. Note that you can see there the connection from the Windows 10 lab virtual machine. 10. Switch back to the Windows 10 lab virtual machine.

11. From the Command Prompt, type ping 192.168.0.1 and press the Enter key. Note that the ping is successful and you get replies from this IP address. Results: After completing this exercise, you will have created and configured a VPN connection on a Windows 10 computer, as well as tested the VPN connection. Note: When you finish this lab select the End lab link to reset the virtual machines.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback