Implementing RRAS and remote access policy

Hello to all of you,
I'm upgrading my infrastructure to windows server2012 R2 and now I'm doing the VPN server .
I need to grant access to the network only to the IT department people .
In the past I manually went in ADUC remote access permission and  check the box "Allow Access"  but now I want to use security group and use the remote access policy.
Can you confirm that this is the right way and if you can recommend a simple step by step installation.
Thank you
Carlo
CarloAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

btanExec ConsultantCommented:
not much changes though by adding roles for Remote Access, DirectAccess and VPN (RAS), IP and Domain Restrictions, IIS Management Scripts and Tools, Network Policy and Access Services Tools, and Windows Internal Database.to win2012
http://blogs.technet.com/b/sbs/archive/2014/05/19/configuring-vpn-on-windows-server-2012-r2-essentials.aspx
you can check for the events for RemoteAccess-MgmtClient and RemoteAccess-RemoteAccessServer on the Event Viewer.
0
CarloAuthor Commented:
Hello,
thank you for your message but I'm looking for a documentation on how to setup a VPN server to allow staff to remote access using RRAS and as a requirement I need to allow only people belonging to a specific security group.

thank you
Carlo
0
btanExec ConsultantCommented:
if you are referring to this
If you will like to authenticate the remote access users using work-group credentials – then RRAS server need not be joined to domain.

“Yes, set up this server to work with a RADIUS server”. Select this option, if you will like to use Radius based authentication. In this scenario there are two options: RADIUS server installed on some other machine or on the RRAS server machine.
(Configuring RRAS as a VPN server) http://blogs.technet.com/b/rrasblog/archive/2009/03/25/remote-access-deployment-part-2-configuring-rras-as-a-vpn-server.aspx ...

 and
Click on “Policies” node, then click on ”Network Policies” node. Network policies allow you to designate who is authorized to connect to the network and the circumstance under which they can or cannot connect....

Condition: If ALL the conditions match against the connection request, NPS uses this policy to authorize the connection request, else skips this policy and evaluates other policies (if configured)
“Operating System” – specifies the OS for remote access client computer to match this policy
“Windows Groups” – This condition specifies the remote access user’s group inside Active directory.
(Configuring RADIUS Server for remote access) http://blogs.technet.com/b/rrasblog/archive/2009/03/25/remote-access-deployment-part-3-configuring-radius-server-for-remote-access.aspx
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.