Creating a VPN connection with Group Policy

If you have administered or helped support a VPN connectivity solution in the past, you are probably more than familiar with setting up VPN connection profiles on client computers. In an environment where VPN is utilized as the remote access solution, what I commonly observe is that the VPN profile creation process is usually a manual step that needs to be taken by human hands, following the user's first login to the computer. This is inefficient and easily forgotten. With tools existing in your Windows Server 2016, you can automate the creation of these VPN connections on the client computers. Let's use Group Policy to create these profiles for us during user login.

Getting ready

We will use a Server 2016 domain controller in order to configure our new Group Policy Object. Once finished, we will also use a Windows 10 client computer to log in and make sure that our VPN profile was successfully created. For this recipe, we are going to assume that you created the GPO and setup links, and filtered them according to your needs before getting started with the actual configuration of this GPO.

How to do it…

Follow these steps to configure a GPO that will automatically create a VPN connection profile on your remote client computers:

  1. Inside the Group Policy Management Console, right-click on your new GPO that will be used for this task and click on Edit….
  2. Navigate to User Configuration | Preferences | Control Panel Settings.
  3. Right-click on Network Options and choose New | VPN Connection.

    How to do it…

  4. Input something in the Connection name field for this new VPN connection; this name will be displayed on client computers and the public IP address field that client computers will need to connect to while working remotely. Depending on the needs for your particular VPN connection, you may also have to visit the additional tabs available on this screen to finish your specific configurations. Then click OK.

    How to do it…

  5. Now log in to your client computer and click on the Network icon in the systray, the same place where you would click in order to connect to a wireless network. You can see that, during our login to this computer, a new VPN connection called MyCompany VPN has been added and is now available to click on.

    How to do it…

How it works…

In this recipe, we used Group Policy to automate the creation of a new VPN connection for our remote laptops. Using a GPO for something like this saves time and effort, since you are no longer setting up these connections by hand during a new PC build. You can also use this function to update settings on an existing VPN connection in the future, if you need to change IP addresses or something like that. As you are starting to see throughout these recipes, there are all kinds of different things that Group Policy can be used to accomplish.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.131.38.104