Prerequisites For This Tutorial
Manually Create A Template Connection Profile
In this step, you use Protected Extensible Authentication Protocol to secure communication between the client and the server. Unlike a simple user name and password, this connection requires a unique EAPConfiguration section in the VPN profile to work.
Instead of describing how to create the XML markup from scratch, you use Settings in Windows to create a template VPN profile. After creating the template VPN profile, you use Windows PowerShell to consume the EAPConfiguration portion from that template to create the final ProfileXML that you deploy later in the deployment.
Create A VPN Connection
If your workplace uses a special VPN client app, the network administrator or the IT department must provide you with the specific instructions for that app.
However, if you connect straight to the VPN service from Windows 10, you need information about your companys VPN. Depending on your companys setup, you may need to know the following details to connect with VPN:
- The VPN server name or address
- The sign-in details
- The VPN type
If your company uses Windows to create a VPN connection to the workplace network, heres what you need to do to connect to its VPN service:
- Click the Notifications icon on the right side of the taskbar.The Action Center appears.- Click VPN.The Settings window appears.- Click Add a VPN Connection.
- Type the name that you want to use for the connection and the other required details .
- When you finish, click Save. The VPN connection is now added to your list of VPN connections.
Establish a VPN connectionIf youre connected to a network thats away from work and you have access to the Internet, you can try to connect to your companys private network using VPN. After you create the VPN connection in Windows 10, heres how to use the connection:
The Action Center appears.
Windows 10 starts the VPN connection using the credentials you entered.
-
Once the connection is established, you receive a confirmation from Windows 10.
-
Close the Settings window.
The Settings window appears, where you can manage and create VPN connections.
Read Also: How To Use Opera VPN
How To Manually Configure A VPN On Windows 10
The beauty of the best VPN services is that they have an intuitive Windows 10 app that makes setting up a connection as easy as clicking a big green button that says “connect.” However, if you’re running Windows 10 in S mode and can’t install apps from outside the Store, or you’re using a VPN without a client, you can still configure a VPN manually. This is especially important as many people continue working from home and require a VPN. Here’s everything you need to know.
Lets Open Up The Firewall Ports Needed
Here we are going to open up the firewall ports that we need for RADIUS to work with the Unifi Controller.
Also Check: How To Setup VPN On Att Uverse Router
What Do You Need To Set Up A VPN On Windows Manually
If you prefer to install a VPN manually, you will need to obtain a few things from your VPN provider first, including:
-
Your login credentials
-
A VPN server name & address
We recommend that you opt for L2TP/IPsec, IKEv2, or OpenVPN. For more info, check out our guide to VPN encryption.
-
VPN config files
Once you have the above, you’re ready to start following the steps below.
How To Add And Connect To A VPN On Windows 10
30 Day Money-back Guarantee
Recommended Reading: VPN Setting For At& t
Lets Create A Group Policy In Your Ad/dc Server
Now this may vary from everyone AD configuration. I always have an OU where my users and computers would reside in and not within the default locations.
How To Allow VPN Connections Through Firewall
While configuring the Incoming Connection feature on Windows 10 should automatically open the necessary Windows Firewall ports, you want to make sure the firewall is properly configured.
To allow VPN connections through the firewall on Windows 10, use these steps:
Open Start on Windows 10.
Search for Allow an app through Windows Firewall, and click the top result to open the experience.
Click the Change settings button.
Scroll down and make sure Routing and Remote Access is allowed on Private and Public.
Click the OK button.
After you complete the steps, the Windows 10 VPN server will now be able to receive connections remotely from other computers.
You May Like: How Do I Disable My VPN
Surfshark Unlimited VPN Connections For Windows 10
- Compatible with Windows 7, 8, and 10
- 3200+ servers in 65 countries
- Infinite simultaneous connections
- 75.12 Mbps speed on a 100 Mbps connection
- 30-day money-back guarantee
- Unblocks Netflix, Hulu, BBC iPlayer, Amazon Prime Video, HBO Max, Disney+ and more
- Also works with macOS, iOS, Android, Windows, Linux, routers, browsers, and more
Surfshark allows unlimited VPN connections for Windows 10 available for only $2.49/mo . Another great thing is that you can connect unlimited devices simultaneously with a single Surfshark subscription. This way you can use it on your Windows 10 PC, and other devices.
Surfsharks Windows 10 app is sleek and easy to use, with all the latest security features. It is an ideal choice for beginners because you can easily set it up on your Windows 10 PC and get started.
Surfshark offers 3200+ servers in 65 countries. These are optimized for streaming, gaming, and torrenting. It also offers a feature that allows you to connect to the fastest server available.
We tested Surfshark with Netflix, BBC iPlayer, Hulu, and Disney+ and it worked perfectly well as we did not encounter the proxy error not even once.
Surfshark offers tons of features that are not available on other VPNs. Some of these notable features include CleanWeb , WhiteLister , and Multi-Hop . It also covers the basics with 256-bit encryption, kill switch, and DNS leak protection.
If you face any issues during configuration, there is also 24/7 customer support available via live chat.
How To Configure L2tp VPN On Windows 10
See the necessary steps in order to connect to VPN with the L2TP protocol:
1. Find and open up the Network and Internet settings on your Windows 10 computer.
2. Press VPN.
3. Press Add a VPN Connection.
4. Fill in the fields with the following settings:
1) VPN provider Windows .
2) Connection name name your VPN connection.
3) Server name or address type your server name or IP address you want to connect. You can find this information in your Client Area.
4) VPN type select L2TP/IPSec with pre-shared key.
5) Pre-shared key Hostens.
6) Type of sign-in info select User name and password.
7) User name enter your username seen in the Client Area.
8) Password enter your password seen in the Client Area.
Make sure you use your VPN username and password and NOT the Client Area credentials. Check all selected data once again and press Save.
5. You will see that your VPN connection was created. Now you need to set up your Key for Authentication. Right-Click on the monitor or Wi-Fi icon on the bottom right-hand corner. Then Click on Open Network and Internet Settings.
6. Click Change adapter options.
7. Right-click on your created VPN connection and go to Properties.
8. Select Security tab and in the line Data encryption select Require encryption .
9. Then in Allow these protocols check:
Microsoft CHAP Version 2
Challenge Handshake Authentication Protocol
Also Check: Why Should I Use VPN On My Iphone
How To Change Protocols On A Manual VPN Setup
If you have set up your VPN manually, you cannot simply change the protocol. Instead you must set up another manual connection using the config information obtained from your VPN provider . To do this, ask your VPN for the connection settings information you require and follow the steps above to set up a VPN connection to a server using a different protocol.
If you set up your VPN by downloading the official Windows app, you can change the protocol by following these steps:
Run the VPN client for Windows.
Click on Encryption Options or Protocol Settings.
This may be called something different in your VPN software but should be something similar
We recommend that you opt for OpenVPN UDP, OpenVPN TCP, IKEv2 or L2TP/IPsec because these are the most secure protocols available in 2021
Lets Get Started With Installing The Required Windows Server Roles
We will be starting with the newly created Windows Server 2019 and installing the roles we need for radius to work with your Unifi Controller and its Wifi Access Points.
You May Like: What Are The Two Types Of VPN Connections Choose Two
Adding Your Clients Public Key To The Server
The easiest way to add your key to your server is through the wg set command.
ON YOUR SERVER run this command:
sudo wg set wg0 peer YOUR_CLIENT_PUBLIC_KEY allowed-ips YOUR_CLIENT_VPN_IP
IMPORTANT: You need to replace YOUR_CLIENT_PUBLIC_KEY and YOUR_CLIENT_VPN_IP
You can compare my command below to my diagram at the top of my post for exactly what I mean:
What Is A Virtual Private Network
A VPN is a private network that uses a public network to connect remote sites or users together.
Even though VPN was initially used to establish secure remote connections to an organizations network, its now being used by users to conceal their online activities and geographic location. It sometimes poses as a security threat when users are able to access restricted content by using VPN to bypass firewall rules set within an organizations network.
Recommended Reading: How To Setup VPN On Fios Quantum Router
What You Need To Get Started
First, you need to choose and sign up for a VPN service. No, you’re not going to be using its apps, but you still need to access its servers. Ideally, you already have a VPN service that you are signed up for and using on all your other devices, be they PCs, phones, or tablets. But the truth is, PCMag’s research shows that many of you aren’t using a VPN. That’s bad, but there’s no judgment here, because you’re reading this piece because you’re about to start, right? If you do need to choose a VPN service, click the link in the first paragraph of this piece, read a few reviews, and pick the one that sounds right for you. Once that’s done, come back here and continue.
The second thing you have to do is decide which VPN protocol you want to use. This is the setup that creates the encrypted tunnel. There are four main protocols supported by VPN companies: IKEv2/IPsec, L2TP/IPSec, OpenVPN, and PPTP.
Our preferred protocol is OpenVPN, which is newer and has a reputation for reliability and speed. IKEv2/IPSec is a solid second option and uses new, secure technology. Many VPN companies warn against L2TP/IPSec, which is not as secure as newer protocols. Generally, it’s supported only for use on older, legacy systems. The same is true for PPTP, which you should avoid using if at all possible.
Deploy The Profilexml Configuration Script
In the Configuration Manager console, open Software Library\Application Management\Packages.
In Packages, click Windows 10 Always On VPN Profile.
On the Programs tab, at the bottom of the details pane, right-click VPN Profile Script, click Properties, and complete the following steps:
a. On the Advanced tab, in When this program is assigned to a computer, click Once for every user who logs on.
b. Click OK.
On the Summary page, click Next.
On the Completion page, click Close.
With the ProfileXML configuration script deployed, sign in to a Windows 10 client computer with the user account you selected when you built the user collection. Verify the configuration of the VPN client.
Note
The script VPN_Profile.ps1 does not work in a Remote Desktop session. Likewise, it does not work in a Hyper-V enhanced session. If you’re testing a Remote Access Always On VPN in virtual machines, disable enhanced session on your client VMs before continuing.
Don’t Miss: Google Play How To Change Country
Want To Use A VPN In Windows 10 Here’s The Best Way To Set It Up
Sure, you could just download your VPN’s app to your Windows 10 machine. But there’s a better way.
Setting up a VPN on Windows 10 is easy.
Whether you’re planning to take advantage of Prime Day laptop deals and pick up a new Windows 10 machine, or you’ve been using one for years and are just looking forward to Microsoft’s upcoming big Windows redesign, you may be considering adding a virtual private network to protect your online privacy.
The easiest way to get your favorite VPN up and running on your Windows 10 device is to simply download your VPN’s app from the Microsoft Store and install it, just as you did on your previous device or version of Windows. Using a VPN’s app is also the best way to use that VPN’s bonus features — from ad-blocking to automatically selecting the fastest connections.
But for the tech-curious, another option is to test drive Windows 10’s built-in VPN client. It may sound tricky, but the process takes about 15 to 20 minutes and can be broken down into two main components: Creating a VPN profile, and then connecting to the VPN. Here’s the step-by-step guide for setting up your VPN on Windows 10.
How To Create A Network Profile For The Non Domain Join Client Computer
- From the Server Management open the Network Policy Server
- Right click in the Network Policies — New
- Type the policy name and select Remote Access Server . Click Next
- Click Add and go down to select NAS Port type. Click in VPN. Click OK and OK
- Click Add once again. Select the User Groups. Click Add and find out the User Group that you have already create in the Active Directory for the users which will connect through VPN. Click OK and OK
- Click Next
- Leave the Access granted. Click Next
- Clear all the tick from the Less Secure Authentication methods.
- On the EAP Types remove the Microsoft Protected EAP and select the Secure Password
- These are optional settings. Take a time to explore it if you want. For example you can disconnect idle sessions after period of time. Click Next
- Select Encryption and leave with tick only the Strong and Strongest encryption. Click Next
You May Like: Make My Own VPN Server