<div>
I agree with rsoly777 in that you'd be better off using a VPN capable firewall.<br />
<br />
However, if you would like to do without then this article gives good info on what ports to open or forward: <a href="http://blogs.technet.com/b/rrasblog/archive/2007/06/13/ports-affecting-the-vpn-connectivity.aspx" rel="ugc">http://blogs.technet.com/b/rrasblog/archive/2007/06/13/ports-affecting-the-vpn-connectivity.aspx</a>
</div>


I agree with rsoly777 in that you'd be better off using a VPN capable firewall.

However, if you would like to do without then this article gives good info on what ports to open or forward: http://blogs.technet.com/b/rrasblog/archive/2007/06/13/ports-affecting-the-vpn-connectivity.aspx [http://blogs.technet.com/b/rrasblog/archive/2007/06/13/ports-affecting-the-vpn-connectivity.aspx]

<div>
This is a complicated task. Essentially you need to set up RRAS (Routing and Remote Access Server) in the network and decide if you want the server in a DMZ zone ahead of your firewall or behind it. If behind it, ports need to be opened on your router/firewall to allow PPTP (Point to Point Protocol) Traffic or L2TP (Layer 2 Tunneling Protocol), which is more secure and requires certificates. The server acts like a router itself. &nbsp;More information on this can be found in MS KB323441 &nbsp;- <a href="http://support.microsoft.com/kb/323441" rel="ugc">http://support.microsoft.com/kb/323441</a><br />

</div>


This is a complicated task. Essentially you need to set up RRAS (Routing and Remote Access Server) in the network and decide if you want the server in a DMZ zone ahead of your firewall or behind it. If behind it, ports need to be opened on your router/firewall to allow PPTP (Point to Point Protocol) Traffic or L2TP (Layer 2 Tunneling Protocol), which is more secure and requires certificates. The server acts like a router itself.  More information on this can be found in MS KB323441  - http://support.microsoft.com/kb/323441 [http://support.microsoft.com/kb/323441]


<div>
<div class="content wysiwyg-content">
I previously setup a VPN on my Windows Server 2003 which acts as a Domain Controller and had some security issues, see <a href="https://www.experts-exchange.com/questions/27026165/Many-failure-audits-in-my-security-event-viewer.html" rel="ugc">Previous Question</a><br />
<br />
Is there a secure way to setup a VPN on my Windows box or do I need to figure out another way to setup a VPN?
</div>
</div>


I previously setup a VPN on my Windows Server 2003 which acts as a Domain Controller and had some security issues, see Previous Question (https://www.experts-exchange.com/questions/27026165/Many-failure-audits-in-my-security-event-viewer.html)

Is there a secure way to setup a VPN on my Windows box or do I need to figure out another way to setup a VPN?

How to setup VPN on Windows Server 2003 which acts as a Doman Controller?

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).

Windows Server 2003

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.