Windows Server – Setup SSTP OR IKEV2 VPN On Server 2016 VIDEO TUTORIAL

Windows Server - Setup SSTP OR IKEV2 VPN ON Server VIDEO TUTORIAL

  This video follows on from our last video on how to setup a root CA with OCSP. In this video we show you how to use your self-signed ROOT CA and then your VPN certificate to setup a maximum encryption SSTP or IKEv2 Virtual Private Network (VPN) on Windows Server 2016. This should also work on earlier versions of Windows Server.  
Transcript (machine generated so it contains errors)
 
1. 00:00:00:03 / 00:00:05:56 - in our last video we showed you how to
2. 00:00:02:66 / 00:00:09:77 - set up a certificate authority with the
3. 00:00:05:56 / 00:00:13:41 - OCSP service that basically checks to
4. 00:00:09:77 / 00:00:16:16 - ensure that certificates issued by your
5. 00:00:13:41 / 00:00:21:75 - CA certificate authority are still valid
6. 00:00:16:17 / 00:00:24:90 - etc and that was a lengthy process that
7. 00:00:21:75 / 00:00:29:49 - ones there so basically if you're just
8. 00:00:24:89 / 00:00:35:25 - trying to setup your VPN with SSCP or I
9. 00:00:29:48 / 00:00:37:79 - ke version 2 etc and you've just come to
10. 00:00:35:25 / 00:00:40:28 - this video we suggest that you actually
11. 00:00:37:79 / 00:00:43:01 - go to step 1 which is the previous video
12. 00:00:40:28 / 00:00:46:92 - and in the description we should have
13. 00:00:43:02 / 00:00:49:71 - the link for the previous video ok
14. 00:00:46:92 / 00:00:54:60 - please watch that follow that first set
15. 00:00:49:71 / 00:00:58:17 - up your CA set up your OCSP and then now
16. 00:00:54:60 / 00:01:00:87 - it's quite simple okay so with all the
17. 00:00:58:17 / 00:01:03:89 - previous setup having been done what
18. 00:01:00:86 / 00:01:06:73 - we're trying to do is create a VPN okay
19. 00:01:03:89 / 00:01:10:20 - so it's a virtual private network okay
20. 00:01:06:73 / 00:01:13:85 - where you're able to connect one PC or
21. 00:01:10:20 / 00:01:16:65 - lots of PC's to your server ok in a
22. 00:01:13:85 / 00:01:20:96 - corporate environment under a secure
23. 00:01:16:65 / 00:01:23:18 - encrypted system so you could be working
24. 00:01:20:96 / 00:01:27:00 - from home for example connecting into
25. 00:01:23:18 / 00:01:29:25 - your work server doing all the work that
26. 00:01:27:00 / 00:01:32:67 - you need to do and it's all done by an
27. 00:01:29:25 / 00:01:36:86 - encrypted internet connection using this
28. 00:01:32:67 / 00:01:38:60 - VPN service ok now it's actually quite
29. 00:01:36:86 / 00:01:42:54 - simple how to set it up once you've got
30. 00:01:38:60 / 00:01:46:22 - your previous certificate thing sorted
31. 00:01:42:54 / 00:01:48:11 - out what we need to do is we'll have
32. 00:01:46:22 / 00:01:49:61 - server manager here that basically if
33. 00:01:48:11 / 00:01:51:68 - you get want to get to Adi just click
34. 00:01:49:61 / 00:01:56:93 - over there server manager but we also
35. 00:01:51:68 / 00:02:01:06 - need to now create that VPN certificate
36. 00:01:56:93 / 00:02:08:40 - so I'll show you how MMC
37. 00:02:01:06 / 00:02:10:29 - enter in there and then we add ok
38. 00:02:08:40 / 00:02:13:41 - the bigger templates we need that one
39. 00:02:10:30 / 00:02:15:70 - okay certificates we'll need that one
40. 00:02:13:41 / 00:02:20:19 - and make sure it's computer account
41. 00:02:15:69 / 00:02:22:86 - click Next and finish and then its
42. 00:02:20:19 / 00:02:25:20 - certificate authority we have that one
43. 00:02:22:87 / 00:02:29:98 - in their local computer that's fine
44. 00:02:25:21 / 00:02:33:55 - click finish click OK now we need to
45. 00:02:29:97 / 00:02:37:68 - create that VPN certificate let's just
46. 00:02:33:55 / 00:02:42:52 - call it that ok and we go to the video
47. 00:02:37:68 / 00:02:44:94 - templates double click on that and it
48. 00:02:42:52 / 00:02:47:40 - literally is this certificate with a
49. 00:02:44:94 / 00:02:50:25 - little bit extra so rather than
50. 00:02:47:40 / 00:02:52:44 - modifying this template let's make a
51. 00:02:50:25 / 00:02:57:57 - copy of it first duplicate the template
52. 00:02:52:44 / 00:03:03:29 - and we'll give it a name let's do the
53. 00:02:57:58 / 00:03:06:79 - words like gun general let's call it VPN
54. 00:03:03:30 / 00:03:08:62 - cert ok make sense you can give it a
55. 00:03:06:78 / 00:03:10:38 - village sleep period you can change that
56. 00:03:08:62 / 00:03:12:58 - that's fine if you want to add it into
57. 00:03:10:38 / 00:03:15:60 - active directory you can click that box
58. 00:03:12:58 / 00:03:16:63 - but for what we're doing right now it's
59. 00:03:15:61 / 00:03:19:42 - all good
60. 00:03:16:62 / 00:03:23:01 - okay now compatibility if you want the
61. 00:03:19:41 / 00:03:25:68 - certificates to be readable usable by
62. 00:03:23:02 / 00:03:28:68 - older machines you can have that or you
63. 00:03:25:68 / 00:03:31:24 - can have it all going for the latest
64. 00:03:28:68 / 00:03:34:41 - version backwards compatibility gives
65. 00:03:31:24 / 00:03:37:51 - you a greater number of machines that
66. 00:03:34:41 / 00:03:41:53 - can connect simple as that ok general
67. 00:03:37:50 / 00:03:45:37 - done request handling we want to allow
68. 00:03:41:53 / 00:03:47:80 - private keys to be exported we have our
69. 00:03:45:37 / 00:03:51:06 - cryptography that is fine as you can see
70. 00:03:47:80 / 00:03:55:63 - it's got the CSP it's basically all
71. 00:03:51:06 / 00:03:56:10 - sorted key attestation nothing to add in
72. 00:03:55:62 / 00:03:59:34 - there
73. 00:03:56:11 / 00:04:01:30 - issuance requirements ok you could click
74. 00:03:59:34 / 00:04:03:57 - over there see a certificate manager
75. 00:04:01:30 / 00:04:06:25 - needs to approve the certificate etc
76. 00:04:03:58 / 00:04:07:95 - before it issued but we're trying to
77. 00:04:06:25 / 00:04:10:20 - keep it simple and straightforward as
78. 00:04:07:95 / 00:04:13:98 - possible so server nothing to add their
79. 00:04:10:20 / 00:04:17:28 - subject name this is actually because we
80. 00:04:13:98 / 00:04:20:62 - want to create certain certificates with
81. 00:04:17:28 / 00:04:21:96 - their own special names we're actually
82. 00:04:20:62 / 00:04:24:49 - gonna
83. 00:04:21:97 / 00:04:27:82 - change the setting rather than Active
84. 00:04:24:49 / 00:04:30:06 - Directory generating all the data for us
85. 00:04:27:81 / 00:04:32:05 - automatically which may be what we want
86. 00:04:30:06 / 00:04:34:56 - maybe not what we want we're actually
87. 00:04:32:05 / 00:04:39:12 - going to supply the data ourselves so
88. 00:04:34:56 / 00:04:42:12 - supply in the request okay let's just
89. 00:04:39:12 / 00:04:42:93 - see then to send in template starting to
90. 00:04:42:12 / 00:04:46:50 - write over there
91. 00:04:42:93 / 00:04:49:93 - extensions this is the most important we
92. 00:04:46:50 / 00:04:55:06 - are going to add in here server
93. 00:04:49:93 / 00:04:57:63 - authentication which is very important
94. 00:04:55:06 / 00:05:01:37 - server authentication okay
95. 00:04:57:63 / 00:05:04:95 - we're also going to add client
96. 00:05:01:37 / 00:05:08:58 - authentication so we've added those two
97. 00:05:04:95 / 00:05:14:13 - and where now we could make the
98. 00:05:08:58 / 00:05:20:73 - extensions critical we'll click OK we'll
99. 00:05:14:13 / 00:05:26:19 - click OK on that and now we have a VPN
100. 00:05:20:74 / 00:05:31:72 - cert template created our way now we
101. 00:05:26:19 / 00:05:33:93 - need to just go into not let's just make
102. 00:05:31:72 / 00:05:35:86 - sure we'll go everything running the way
103. 00:05:33:93 / 00:05:38:80 - we want it ok
104. 00:05:35:86 / 00:05:41:56 - in our certificate templates in the
105. 00:05:38:80 / 00:05:42:97 - certificate authority bit ok as you can
106. 00:05:41:56 / 00:05:46:68 - see it's not here
107. 00:05:42:97 / 00:05:50:14 - so we need to bring it in let's click
108. 00:05:46:68 / 00:05:55:38 - new certificate template to issue find
109. 00:05:50:13 / 00:05:58:59 - our VPN cert click ok so now that's part
110. 00:05:55:38 / 00:06:02:25 - of our certificates that we can issue
111. 00:05:58:60 / 00:06:07:62 - you can minimize that for now and in
112. 00:06:02:25 / 00:06:11:22 - personal and ok if we go here you'll see
113. 00:06:07:62 / 00:06:14:22 - that from our previous video a few
114. 00:06:11:22 / 00:06:16:65 - things have been created root
115. 00:06:14:22 / 00:06:19:59 - certificate was also created somewhere
116. 00:06:16:66 / 00:06:26:25 - down here yeah over there
117. 00:06:19:60 / 00:06:28:62 - this one is actually an extra one that
118. 00:06:26:25 / 00:06:33:55 - we don't really need we'll just get rid
119. 00:06:28:62 / 00:06:38:81 - of that ok and now back to personal
120. 00:06:33:55 / 00:06:43:93 - let's create our certificate which is
121. 00:06:38:81 / 00:06:48:90 - sorry there we go all tasks request new
122. 00:06:43:93 / 00:06:53:40 - certificates click mix and you'll see
123. 00:06:48:90 / 00:06:55:75 - that we can now issue that one but
124. 00:06:53:40 / 00:06:57:49 - because we tick that box where we need
125. 00:06:55:75 / 00:07:00:12 - to add our own little bit of information
126. 00:06:57:49 / 00:07:02:37 - you're getting this thing and we click
127. 00:07:00:12 / 00:07:06:50 - on that which gives us the chance to
128. 00:07:02:37 / 00:07:11:80 - enter it now we get a common name and
129. 00:07:06:50 / 00:07:15:75 - this part is basically this server or
130. 00:07:11:80 / 00:07:17:91 - whichever server is your VPN server you
131. 00:07:15:75 / 00:07:19:44 - can have the IP address of it you can
132. 00:07:17:91 / 00:07:22:08 - have the fully qualified domain name
133. 00:07:19:44 / 00:07:25:00 - it's entirely up to you I'm going to add
134. 00:07:22:08 / 00:07:28:17 - in both ok in this case when I do buy
135. 00:07:25:00 / 00:07:31:01 - one so say alright 0.50 yours would
136. 00:07:28:18 / 00:07:35:74 - obviously be different click Add and
137. 00:07:31:01 / 00:07:39:83 - we're also gonna add in VPN server but
138. 00:07:35:74 / 00:07:46:06 - Windows 10 dot interrupt
139. 00:07:39:83 / 00:07:49:68 - click Add click OK and now you'll see
140. 00:07:46:06 / 00:07:53:12 - it's ready to be enrolled and now this
141. 00:07:49:68 / 00:07:56:52 - has been enrolled nice and happy we can
142. 00:07:53:12 / 00:07:58:38 - finish that we can minimize these
143. 00:07:56:52 / 00:08:00:78 - windows are closed these windows it's
144. 00:07:58:38 / 00:08:03:43 - entirely up to you and now we'll show
145. 00:08:00:78 / 00:08:07:77 - you what we need to do on our say
146. 00:08:03:43 / 00:08:12:51 - Windows 10 clients similar system for a
147. 00:08:07:77 / 00:08:15:87 - Windows 7 or a Windows 8.1 etc client
148. 00:08:12:51 / 00:08:18:25 - also so we are now in our Windows 10
149. 00:08:15:87 / 00:08:19:95 - client and just to show that you'll see
150. 00:08:18:25 / 00:08:23:22 - everything is different ok you don't
151. 00:08:19:95 / 00:08:29:91 - have a server manager etc all we need to
152. 00:08:23:22 / 00:08:32:40 - do is go to settings go to network you
153. 00:08:29:91 / 00:08:35:86 - can do it this way as well but we won't
154. 00:08:32:40 / 00:08:41:72 - and this is the easier way also we'll
155. 00:08:35:86 / 00:08:44:25 - find it click on VPN give it a minute to
156. 00:08:41:72 / 00:08:48:07 - start up there we go
157. 00:08:44:25 / 00:08:51:58 - and a VPN connection windows built-in
158. 00:08:48:07 / 00:09:00:01 - give it a name it could be anything okay
159. 00:08:51:58 / 00:09:01:50 - the e and let's call it work like a VPN
160. 00:09:00:00 / 00:09:05:71 - work it could be anything
161. 00:09:01:50 / 00:09:11:03 - server name or IP address we could use
162. 00:09:05:71 / 00:09:13:93 - both okay but if we're outside the
163. 00:09:11:03 / 00:09:15:87 - workplace environment we're at home you
164. 00:09:13:92 / 00:09:18:45 - would want to enter the fully qualified
165. 00:09:15:87 / 00:09:22:09 - domain name which is a publicly
166. 00:09:18:46 / 00:09:32:97 - accessible name so we're gonna add in
167. 00:09:22:09 / 00:09:32:97 - VPN server but Windows 10 ninja okay and
168. 00:09:33:05 / 00:09:39:93 - secure socket tunneling protocol which
169. 00:09:37:14 / 00:09:43:12 - make sure the entire thing is encrypted
170. 00:09:39:94 / 00:09:48:07 - if you just left a point-to-point or
171. 00:09:43:12 / 00:09:52:99 - automatic it will have basically your
172. 00:09:48:07 / 00:09:56:02 - login as encrypted but then all the data
173. 00:09:52:99 / 00:09:58:65 - is not okay so choosing the other ones
174. 00:09:56:01 / 00:10:01:67 - ensures that the data is also accepted
175. 00:09:58:65 / 00:10:05:07 - then username and password all good
176. 00:10:01:67 / 00:10:09:96 - username this I actually need to talk to
177. 00:10:05:08 / 00:10:12:84 - you about because the username that is
178. 00:10:09:97 / 00:10:17:29 - set up in our Active Directory server
179. 00:10:12:84 / 00:10:20:08 - needs a little tick for one setting to
180. 00:10:17:28 / 00:10:25:55 - allow it to actually allow connections
181. 00:10:20:08 / 00:10:31:95 - in but we'll just for now put that there
182. 00:10:25:55 / 00:10:31:94 - and in the password that's it
183. 00:10:38:09 / 00:10:49:16 - okay click Save it will not connect
184. 00:10:44:07 / 00:10:51:51 - because one we have not imported our
185. 00:10:49:15 / 00:10:58:62 - certificate sorry my mistake
186. 00:10:51:50 / 00:11:06:86 - let's open up HTTP our web browser ami
187. 00:10:58:62 / 00:11:10:85 - and HTTP four slash forward slash and
188. 00:11:06:86 / 00:11:10:85 - VPN server
189. 00:11:11:57 / 00:11:29:37 - Windows 10 dot ninja four slash cert SRV
190. 00:11:22:46 / 00:11:35:55 - click enter it will ask for a login ID
191. 00:11:29:37 / 00:11:39:38 - hopefully in a minute and this it's gone
192. 00:11:35:54 / 00:11:45:80 - the back yes it did there we go alright
193. 00:11:39:38 / 00:11:48:67 - we shall give our vp end user and the
194. 00:11:45:80 / 00:11:48:67 - password for that
195. 00:11:56:62 / 00:12:03:98 - okay click okey-dokey and you will come
196. 00:12:01:58 / 00:12:09:25 - up with this window this window
197. 00:12:03:98 / 00:12:11:99 - basically allows you to import the see a
198. 00:12:09:25 / 00:12:14:14 - certificate if we had set up other
199. 00:12:11:99 / 00:12:17:60 - things you could create certificates etc
200. 00:12:14:14 / 00:12:21:88 - via this system but all we need to do is
201. 00:12:17:60 / 00:12:24:74 - bring in the CA click install the CA
202. 00:12:21:88 / 00:12:27:37 - certificate it downloads it it doesn't
203. 00:12:24:74 / 00:12:29:68 - really install it you have to do a
204. 00:12:27:37 / 00:12:36:37 - couple of clicks to get the install part
205. 00:12:29:67 / 00:12:42:00 - start it out click open click install
206. 00:12:36:37 / 00:12:50:33 - certificate local machine click Next
207. 00:12:42:00 / 00:12:54:88 - click yes and place it in our trusted
208. 00:12:50:33 / 00:13:01:10 - root authorities then click Next click
209. 00:12:54:88 / 00:13:05:65 - finish impor successful click close that
210. 00:13:01:10 / 00:13:09:40 - down we can minimize this once we have
211. 00:13:05:65 / 00:13:12:91 - created our VPN system over here we
212. 00:13:09:40 / 00:13:17:08 - brought in our CA certificate what we
213. 00:13:12:91 / 00:13:22:30 - need to now do is basically a couple of
214. 00:13:17:09 / 00:13:24:74 - more steps on our other servers but what
215. 00:13:22:30 / 00:13:26:44 - we could have done those first but I'm
216. 00:13:24:74 / 00:13:27:49 - just going to show you what still needs
217. 00:13:26:45 / 00:13:32:66 - to be done
218. 00:13:27:49 / 00:13:41:18 - back on our VPN server ok we need to
219. 00:13:32:65 / 00:13:44:68 - install next next next the remote access
220. 00:13:41:17 / 00:13:48:25 - rule which is very important and this
221. 00:13:44:69 / 00:13:52:54 - should have been done first but that's
222. 00:13:48:25 / 00:13:56:99 - fine ok click Next click Next we're
223. 00:13:52:53 / 00:13:59:44 - using the direct activist VPN and we're
224. 00:13:56:99 / 00:14:01:97 - also taking routing you could click the
225. 00:13:59:45 / 00:14:05:89 - last one as well but for now that's fine
226. 00:14:01:97 / 00:14:10:86 - click install ok one
227. 00:14:05:88 / 00:14:16:89 - it has installed we do need to set it up
228. 00:14:10:86 / 00:14:19:89 - okay so open the getting side wizard it
229. 00:14:16:89 / 00:14:27:66 - may be hiding let's just sleep nope
230. 00:14:19:89 / 00:14:29:79 - there it is we're deploying VPN and as
231. 00:14:27:66 / 00:14:31:17 - you'll see even though there was a
232. 00:14:29:79 / 00:14:35:25 - little arrow next to it
233. 00:14:31:17 / 00:14:37:65 - it hasn't been configured and that's why
234. 00:14:35:25 / 00:14:39:51 - without this configuration and
235. 00:14:37:65 / 00:14:42:25 - installing this role you will never be
236. 00:14:39:51 / 00:14:45:12 - able to connect up to the VPN server
237. 00:14:42:25 / 00:14:49:37 - okay and this role was added on the VPN
238. 00:14:45:12 / 00:14:53:55 - server itself so configure and enable
239. 00:14:49:37 / 00:14:56:73 - click Next custom configuration if you
240. 00:14:53:55 / 00:15:00:96 - click the first one you need to have two
241. 00:14:56:73 / 00:15:02:64 - NIC card setup we got two NIC card but
242. 00:15:00:97 / 00:15:05:95 - we haven't set the other one up on this
243. 00:15:02:64 / 00:15:09:75 - this is just for demo purposes ok custom
244. 00:15:05:95 / 00:15:12:39 - configuration next now you could just
245. 00:15:09:75 / 00:15:16:14 - stick with VPN access if you're feeling
246. 00:15:12:39 / 00:15:23:33 - generous you go the way down ok click
247. 00:15:16:14 / 00:15:30:42 - Next click finish that next ability
248. 00:15:23:33 / 00:15:34:02 - gives you the chance to use IP addresses
249. 00:15:30:42 / 00:15:36:05 - that are already being used elsewhere
250. 00:15:34:02 / 00:15:38:67 - because that will do an internal
251. 00:15:36:05 / 00:15:42:05 - configuration you should get a little
252. 00:15:38:67 / 00:15:42:05 - pop-up in a minute
253. 00:15:44:45 / 00:15:55:61 - that will basically ask you to start all
254. 00:15:48:87 / 00:15:55:62 - these services there we go start service
255. 00:16:06:11 / 00:16:10:26 - we have and quite a few of them it can
256. 00:16:07:97 / 00:16:18:35 - take a little bit longer than normal
257. 00:16:10:26 / 00:16:21:98 - basically let's now set up our ipv4
258. 00:16:18:35 / 00:16:25:67 - we're actually if you have a DHCP server
259. 00:16:21:98 / 00:16:28:38 - set up to issue automatic addresses then
260. 00:16:25:66 / 00:16:32:44 - you leave the first box set if that is
261. 00:16:28:38 / 00:16:34:51 - not the case you need to create a few IP
262. 00:16:32:45 / 00:16:37:45 - addresses to give out to those Windows
263. 00:16:34:51 / 00:16:40:25 - 10 clients etc client computers
264. 00:16:37:45 / 00:16:42:82 - ok so add and we'll just choose one
265. 00:16:40:25 / 00:16:46:51 - ninety one six eight point zero point
266. 00:16:42:82 / 00:16:53:68 - one and one and I'm going to give 50 of
267. 00:16:46:51 / 00:17:01:66 - them so 192.168.0.1 fine zero like 50
268. 00:16:53:69 / 00:17:03:86 - and now we click over here if you'll see
269. 00:17:01:66 / 00:17:06:50 - it's got windows authentication windows
270. 00:17:03:86 / 00:17:13:50 - attempting if you want to set up a
271. 00:17:06:50 / 00:17:24:04 - passphrase for lttp l2tp etc that's fine
272. 00:17:13:50 / 00:17:27:74 - we need to select our certificate that
273. 00:17:24:04 / 00:17:30:76 - we're going to use to connect ok once
274. 00:17:27:74 / 00:17:33:07 - the root certificate it'll work this one
275. 00:17:30:76 / 00:17:36:47 - should work as well because the one we
276. 00:17:33:07 / 00:17:43:57 - created right now let's click apply it
277. 00:17:36:47 / 00:17:51:81 - will now restart the service and you'll
278. 00:17:43:57 / 00:17:56:16 - see no error has happened you
279. 00:17:51:81 / 00:17:58:56 - add ipv6 access as well it's a fairly
280. 00:17:56:17 / 00:18:01:96 - similar thing you create a prefix and
281. 00:17:58:56 / 00:18:05:07 - then the routing and all that but for
282. 00:18:01:96 / 00:18:08:41 - now we'll just give an ipv4 access which
283. 00:18:05:07 / 00:18:11:47 - is the most popular one that's being
284. 00:18:08:41 / 00:18:15:91 - used right now and we'll click OK the
285. 00:18:11:47 / 00:18:20:00 - spring that then I did mention on our
286. 00:18:15:91 / 00:18:25:18 - Active Directory server for the user
287. 00:18:20:00 / 00:18:28:24 - that we are giving permission to connect
288. 00:18:25:18 / 00:18:28:81 - up into the VPN server we need to tick a
289. 00:18:28:24 / 00:18:31:26 - box
290. 00:18:28:80 / 00:18:34:01 - I'll just quickly move over to our
291. 00:18:31:26 / 00:18:38:50 - Active Directory server and show you
292. 00:18:34:01 / 00:18:40:55 - that little setting in the users so ok
293. 00:18:38:50 / 00:18:44:01 - so now we're on our Active Directory
294. 00:18:40:55 / 00:18:47:20 - server we've opened up server manager
295. 00:18:44:01 / 00:18:51:11 - let's go to tools Active Directory users
296. 00:18:47:20 / 00:18:53:50 - and computers these are all basic
297. 00:18:51:11 / 00:18:56:25 - servers that we've set up for the
298. 00:18:53:50 / 00:18:58:69 - purpose of the video ok you know users
299. 00:18:56:25 / 00:19:01:86 - we had created you could have created a
300. 00:18:58:69 / 00:19:04:72 - separate organizational unit for a
301. 00:19:01:86 / 00:19:08:34 - department etc and then put the user
302. 00:19:04:72 / 00:19:10:50 - within that and all nice and neat but
303. 00:19:08:34 / 00:19:16:26 - for simplicity we've just added the user
304. 00:19:10:50 / 00:19:18:67 - in the main users block and the property
305. 00:19:16:26 / 00:19:22:96 - that we need ok we call them VPN user
306. 00:19:18:67 / 00:19:26:71 - that says login ID as well we need to
307. 00:19:22:96 / 00:19:28:24 - tick this dial-in allow access that's
308. 00:19:26:71 / 00:19:31:53 - the only thing you really need to do
309. 00:19:28:24 / 00:19:33:03 - after you've created a user if you don't
310. 00:19:31:53 / 00:19:37:40 - know how to create a user we'll just
311. 00:19:33:03 / 00:19:43:85 - show you very very quickly and some new
312. 00:19:37:41 / 00:19:49:66 - user give a name ok for example Bob and
313. 00:19:43:85 / 00:19:52:71 - then give a login username click Next
314. 00:19:49:66 / 00:19:55:33 - give a password ok then the user must
315. 00:19:52:72 / 00:19:59:11 - change it next logon or password never
316. 00:19:55:32 / 00:20:02:34 - expires ok if you ever need to stop a
317. 00:19:59:10 / 00:20:04:86 - user accessing services you just click
318. 00:20:02:34 / 00:20:08:13 - on a user and click account is
319. 00:20:04:86 / 00:20:09:54 - Stables the properties which that was
320. 00:20:08:14 / 00:20:14:25 - only those two steps and then you come
321. 00:20:09:54 / 00:20:18:51 - over here and then this a black end okay
322. 00:20:14:25 / 00:20:23:58 - now back to our Windows 10 client okay
323. 00:20:18:51 / 00:20:26:55 - and we're back in our settings VPN the
324. 00:20:23:58 / 00:20:32:39 - VPN that we set up earlier and all we
325. 00:20:26:55 / 00:20:37:24 - really need to do is just connect up as
326. 00:20:32:40 / 00:20:40:38 - you can see the normal network that we
327. 00:20:37:24 / 00:20:44:57 - had before has no internet access and
328. 00:20:40:38 / 00:20:48:16 - everything goes through our VPN settings
329. 00:20:44:57 / 00:20:51:60 - VPN connection ending all right this is
330. 00:20:48:16 / 00:20:53:92 - a little test to make sure everything is
331. 00:20:51:60 / 00:20:59:00 - working fine we'll just click over here
332. 00:20:53:92 / 00:20:59:00 - and go to Google for example
333. 00:20:59:06 / 00:21:27:90 - www.google.com/mapmaker is encrypted if
334. 00:21:23:34 / 00:21:32:55 - you need to use any services etc on your
335. 00:21:27:91 / 00:21:36:61 - work servers you can access them by the
336. 00:21:32:55 / 00:21:40:26 - way they're set up etc okay so that's
337. 00:21:36:60 / 00:21:43:56 - our VPN okay we just thought we'd show
338. 00:21:40:26 / 00:21:46:52 - you how to modify the settings and also
339. 00:21:43:56 / 00:21:49:89 - use i ke version two
340. 00:21:46:52 / 00:21:53:03 - okay so the first thing is you know how
341. 00:21:49:90 / 00:21:57:13 - we got there right click on your
342. 00:21:53:03 / 00:22:00:54 - networking icon at the bottom open
343. 00:21:57:13 / 00:22:03:49 - network and sharing click on your
344. 00:22:00:54 / 00:22:05:61 - Ethernet okay we have not connected so
345. 00:22:03:49 / 00:22:12:37 - you will not have to you just have your
346. 00:22:05:61 / 00:22:16:45 - original system and sorry - take change
347. 00:22:12:36 / 00:22:18:16 - adapter settings this is your VPN
348. 00:22:16:46 / 00:22:21:95 - dr. that we have set up it's like a
349. 00:22:18:17 / 00:22:26:59 - virtual adapter change the things on
350. 00:22:21:95 / 00:22:30:58 - this connection go to security the basic
351. 00:22:26:58 / 00:22:35:89 - when we set it up it's like the secure
352. 00:22:30:57 / 00:22:40:75 - sstp tunneling protocol and it has no
353. 00:22:35:90 / 00:22:43:50 - exception if the server doesn't have
354. 00:22:40:75 / 00:22:49:15 - encryption hey we'll connect anyways we
355. 00:22:43:50 / 00:22:55:50 - suggest you click max drink okay click
356. 00:22:49:15 / 00:23:00:74 - OK and then click on VPN click connect
357. 00:22:55:50 / 00:23:08:05 - give it a few seconds and it's connected
358. 00:23:00:74 / 00:23:10:91 - if you need to use i ke version to you
359. 00:23:08:05 / 00:23:15:50 - just click the same thing security but
360. 00:23:10:91 / 00:23:23:08 - instead of sstp change to itv2 click ok
361. 00:23:15:50 / 00:23:27:79 - click connect and there we go that's all
362. 00:23:23:07 / 00:23:31:33 - done so I hope this video has helped it
363. 00:23:27:79 / 00:23:33:76 - shown you how to set up the VPN
364. 00:23:31:33 / 00:23:37:97 - certificate how to set up the remote
365. 00:23:33:76 / 00:23:40:09 - access service how to then configure all
366. 00:23:37:97 / 00:23:44:02 - the settings and it's also showing you
367. 00:23:40:09 / 00:23:48:13 - how to ensure that you get maximum
368. 00:23:44:02 / 00:23:52:49 - encryption and has shown you to use
369. 00:23:48:14 / 00:23:55:00 - either SSTP or I ke V to hopefully this
370. 00:23:52:49 / 00:23:57:33 - videos helped have a great day and thank
371. 00:23:55:00 / 00:23:57:33 - you for watching
Visit our YouTube channel: https://www.youtube.com/channel/UCFj1BHYIUYfPWPb1Xn5qFIg