Blogs on Windows Server By MSFT WebCast
Windows Server 2019

Configure NPS for VPN in Windows Server 2019 Part-3

In this post, we will cover the steps on how to configure Network Policy Server to allow VPN users to connect to the VPN server running on Windows Server 2019.

This is the third part of a four-part series on Install and Configure VPN with Remote Access Service in the Windows Server 2019.  We will create an NPS policy to allow only specific users to connect to the VPN server based on some specific conditions.

Understanding VPN Test Lab:

Create Active Directory Users and Groups:

1. On Domain Controller, Open Active Directory Users and Computers snap-ins.

1. Open Active Directory Users and Computers Console

2. Do as instructed below:

3. Add both users to the security group.

4. Check both users dial-in permission. Make sure Control access through NPS Network Policy is selected.

Configure Network Policy Server:

We need to create an NPS policy to allow only specific users to connect to the VPN server based on specific conditions which we can define in the policy. We can configure NPS server from Network Policy Server management console.

5. On the VPN server, open server manager console.

6. Click on Tools and select Network Policy Server.

7. On NPS management console, expand Policies.

8. Expand and right-click on Network Policies and select New.

9. Specify a meaningful name to the policy.

10. Select Remote Access Server from the drop-down list as a type of Network Access Server. Click Next.   

11. Click on Add to add the condition.

12. Select Windows Groups and click on Add.

13. Add the security group TestUsers as a condition. Click on Next.

14. Make sure the Access granted radio button is selected. Click Next.

15. On the configure authentication methods page, click on Add.

16. Select Microsoft: Secure password (EAP-MS-CHAP v2) and click OK.

17. Clear the check-box for MS-CHAP and click Next.

18. Click Next.

19. Click Next on configure settings page.

20. Click on Finish to create NPS policy and close the console.

21. Verify that the policy is at the top of the list in the NPS management console.

That’s it. We have successfully Configure Network Policy Server (NPS) for VPN in Windows Server 2019

In the next post, we will configure port forwarding on the router to allow required ports for VPN service. We will also set up a VPN connection on Windows 10 to test VPN connectivity.

Related posts

Deploy a Self-signed certificate by using Group Policy

MSFT WebCast
5 years ago

How to Configure Fine-Grained Password Policies on Windows Server 2019

MSFT WebCast
5 years ago

How to Install Windows Server 2019 in Virtual Box

MSFT WebCast
6 years ago
Exit mobile version