How to set up a VPN client in Windows 10

In this short post, we will connect to the VPN server we configured in my other post from a remote computer running Windows 10.

First, we go to Network and Sharing Center, by right-clicking on the Network icon on the desktop and selecting Properties. Next, we select Set up a new connection or network:

Select Connect to a workplace:

Enter your public IP address (or the host name, if you have a dynamic IP and are using a service like NoIP)

Once the VPN connection has been created, we need to change one setting, so we go back to Network Connections and access the properties. Select Use Extensible Authentication Protocol, and click OK.

Double click on the VPN connection, enter your credentials and you’re done.

Now, remember: this connection will only work if you followed my tutorial about setting up VPN in Windows Server 2012 R2, and used the exact same settings. If you set up the VPN server with different security settings, then you will have to set the client accordingly.

Adding VPN role in Windows Server 2012 R2

In this post, we will enable and configure VPN role in Windows Server 2012 R2.

It is a good practice to do that in an Active Directory domain, preferably on a dedicated machine that is a member server, but not a domain controller.

First step is to add the role in Server Manager:



Enable the Remote Access role:

Leave the Features as they are and click Next:

Follow the wizard using the default settings.
Once finished, go back to Server Manager – Tools – Routing and Remote Access. Right click on the name of the server, and select Configure and Enable Routing and Remote Access:

Select Custom configuration and enable the VPN Access service:

Follow the wizard until the end. Then, click on the server name and select Properties:

Navigate to Security tab, and click on Authentication Methods:

Make sure to select the EAP Protocol and MS-CHAP version 2:

Next, we need to enable the PPTP Passthrough (also known as GRE) in the router, and also forward the 1723 TCP port to the IP address of the VPN server.

Last thing to do is allow the two protocols thru the server’s firewall:

Every user that is allowed to connect to that VPN needs to have the Dial-In feature in Active Directory set to Allow access:

This is the most simple setup for a Windows VPN. You can play further with settings to increase security, but the basics are here. Have fun !

Check out my other post about setting up a VPN client in Windows 10.