Windows ‘Always On’ VPN Part 2 (NPS, RAS, and Clients)
KB ID 0001403 Problem Back in Part One, we setup the AD (Groups,) and the Certificate services that will knit everything together. Now we need to configure an NPS server that acts as a RADIUS server for our remote clients, And a RAS Server that our remote clients will connect to. Step1: Network Setup Microsoft have an alarming habit of telling you to connect DMZ assets to the LAN. In their defence I’ve seen some documentation...
Windows ‘Always On’ VPN Part 1 (Domain and PKI)
KB ID 0001399 Problem Always On VPN was a bit of a misnomer when it was released, as it was only really ‘on’ when a user logged on. So when comparing it with ‘Direct Access’ it didn’t have the capacity to ‘Manage Out’. With the release of Windows 10 (1709) this has been rectified with ‘Device Tunnels’, (more on that later). The solution uses RAS, NAP (NPS), and PKI (Certificate...