There are a few other important things that are missing from the tutorial and needs to be cleared: 1. Fortunately, you can make FREE certificate to make this work. Open IIS, navigate to your server, and click on "Server Certificates". Head to the right menu bar and select "Create a Self-Signed Certificate". Fill the tasks and your certificate is ready to use. 2. To make this work, you have to open the 443 port on both windows and your router's firewall. 3. You have to add a forward lookup zone with the chosen virtual hostname on your DNS server. The one you specified in the IIS binding. But desptite these, this is a great and very well detailed tutorial, it worked for me.

This belong in the same network... What about remote networks wanting access to our VPN server? VPN server must have a Public IP or can i setup my VPN with Port Forwarding...? Newbie here

At location 7:24, you never mentioned how you configured the certificate template. Please can you describe how you did this, thanks

Great vid bro.... rewatch over and over again...

@NLB Solutions, can the remote Access server be a Hyper-V virtual machine ? the scenario is to have remote users access an internal server which is part of a internal hyper-v network.

Great video thanks. Have you to create the video on how to create the self-signed certificate and show how to do site-site VPN IPsec configuration. Thanks again.

What a great series. Excellent quality, very well explained. Thanks!!

Hi, Nick i have seen almost every major topic video you created to counter check on our technique and get various thing to keep for us. Thus i found your video very helpful in terms of detail explanation regarding every topic you made for those who are in the filed IT & Acting as Admin somewhere to cope at their end on a quick way. Overall provided info, clear voice and step you created relevant to topic are quite good. Keep providing more tips & tricks. Thanks

Hello,Great Video.I tryed to configure and enable the RRAS but when i type start the service it doesn't start saying that can not find the file specified event id:7024 Any sugestion?

When you connect from a Win10... is it a remote location on a different internet location (different network)? Cos I'm having difficulties connecting from a remote location but connecting locally is not a problem.

Good video. The only thing is that you never set your NPS server when you configured your VPN server in Routing and Remote Access setting section. How your connections to VPN server are being routed to the NPS server if you do not setup Radius Authentication as method under "Security" tab, and leave it as "Windows Authentication." ? Thank you,

good video, but will you be able to let us know 1. configuring your router to expose the VPN server from outside ? IP address and port number ? is it IP:443 ? for SSTP ? then 2. does the client need to have a certificate installed? Which cert is that going to be ?

Awesome video. All good but we must remember port forwarding is a must. You said no port forwarding needed and that's miss leading. Port 443 need to be forwarded to the web server. Else you will get errors that might get complicated in troubleshooting from error logs or firewall logs. Also. Come on man your client is not even going thru a NAT he is definitely on the same network or Hosted on a VM side by side. 10.0.0.15 server and 10.0.0.25 client. But in general the video is awesome . Nice detailed explanation , hands up thumbs up

Great video thank you. Question: I have high-speed connections both at my home and my office. Yet I can only have 10 mbs connection from home to office VPN. What do you think that I am doing wrong. Thank you.

Thanks for let us now. the setting are going to be the same if I have FortiGate D100 as my firewall?

I'm getting the error: "The revocation function was unable to check revocation because the revocation server was offline". If I change the client VPN connection type to Automatic, it connects fine, but it uses the WAN Miniport (IKEv2) (VPN2) security protocol.

Hi Nick, I am waiting for 20742, as you mentioned in your direct access episode. Please 🙏

Great Video. What about a server that is stand-alone, not a DC or AD, what would I need to do differently? Thank You.

Thanks for the video it is very helpful. Are there any videos that you have created that explains a little bit more on how you did the cert on minute 7:27 please. That is the only thing I am missing and I can not figure it out.

Nicely articulated and good video presentation, thanks for sharing your knowledge.

i have a problem, we created the certificate but you never installe dit on the client pc. I've tried conecting to the vpn, but it gives ou a certificate error (doensnt even ask for it)

Hey I have a PPTP connection works fine PC to PC at home network connects no problem with my user name and password.. Using an android phone I get an error unsuccessful? Do you know why it would kick my phone but not my PC of my server I connect to?

I really like your videos. You explain the subject really well. I had a PPTP connection and looks like someone has been trying to hack in. Due to that, I setup a SSTP VPN Connection. I have a 3rd Party SSL Certificate. Do I need to open a port on the router to allow SSTP traffic? I did point Port 443 to my server. Without doing it, how will the packets know to which server it should go? I get an error "No connection could be made because the target machine actively refused it.". I checked the Firewall on the server and it allows traffic. Thank you.

quick question, i have deployed DA&VPN. So now its complete different to this, but from da console i can deploy de corp network client and install this on the workstation machine. the question is i need to add those allowed user to any secgroup? because the secGroup in DA was only for machines (so they are machines on the same domain) but what happen if i got a standalone machine? how can i configur that user to use his home machine on that DA&VPN server? thanks in advance.

Sire we can use user accunt to autenticate without users of Active Directory ?

Hello and thank you for your hard work in research and most important sharing your experience with us, beginners. I have a kindly request. When you right click on your server domain you have there Configure and Enable Routing .... and Disable Routing and Remote.. On my server Standard Edition 2016 are both greyed out. I can't access them to start the configuration. In Services RRAS is running also in server Firewall everything that is remote is Allowed. Is a mistake I installed first Remote Access ? I've searched hard on Google but nothing. Also I can't uninstall Remote Access Management. Many thanks

I tried everything you did here, even paid for a personal SSL certificate through comodo and it doesn't work for me. I set up my client on my mobile hotspot so I wan't on the same network as my vpn server and it refuses to connect for some reason.

Thank for the tutorial for sharing i have now knowledge this field

Please i need help. I installed active directory and DNS and i integerated with DNS. When i write nslookup command in cmd it returned local host and ::1 dns instead of domain name and its IP. i tried everything with firewall and i went to the properties of dns server and in the interface i only select the ip but still no use. In the event viewer of DNS its giving error that dns cannot open connection with my static ip plz help.

Is it really okay for a domain server to become a remote server or should i have dedicated remote server ?

Does it do the same way with digitalocean server2016?

hi thanx for vids. ,im preparing for my mcsa 70-741 would u recommend this 11 vids to my success in exam?is there any further,for 70-740 i followed ur vids n dumps. anything else would help my exam? any websites like 9tut for ccna? pls give guidance

Great video, thanks am trying to do the same thing at home, but I am having difficulties with Certificate enrolment policy. If you can it would be great to have a video on that. Thanks

Your videos are always informative and enjoyable to watch, i did follow all steps as described however when the client connects he get the following error (The certificate's CN name does not match the passed value).

Another great video. Thank you for sharing your knowledge!

Can i create Users without a Domain Controller because we dont have one

can you please explane how to make the NLB Web Server templates...because other wise the guide stops because we dont have that step... :( so we cant click a long with you..

Dear Sir, Thanks a lot....May God bless you

When im trying to connect with VPN I got error Unknown host. How can I fix that? My DNS is working I can see it using ipconfig/all and nslookup

Getting message cannot request certificate at this time no certificates types available at the point of request a new certificate

Is this PC of the remote user in behind the firewall of the corporate too? If the user is outside of the firewall what happens when they connect? Shouldn't there be any more settings for connect to the corporate? Thanks.

Great video! Very well done and very easy to follow. Thanks.

Great Video. So once this is setup and a user is connected can they then RDP to their desktop computer?

We used this method at work and recently its stopped working giving the error the network connection was aborted by the local machine.Trawled the internet but couldn't find an answer. All the certificates are still good

How do the win server 2016 connect to the domain controller?

Thank you for your thoroughness and thoughtfulness.

Great posting - Thank you I'm having some trouble connecting, so.. Are there any ports that must be opened on the VPN server? My VPN server has 2 nics, one connected to the external firewall and one connected to the internal network. Thanks in advance.

will this work with ports other than 443?

How to set PEAP Authentication witch is more secure ?

It would be better if VPN server sitting behind your firewall, which means you need to configure a port forward on your firewall for Https connection.

Hello, I've tried this out, but will need some help. I have Windows Server 2016 Virtual Machine (VMware Workstation) and my Host OS is Windows 10. The network between Host and Guest OS is set to NAT. The questions I have are: 1. How to setup my router so that external connections are connected to my VM Guest Machine? Do I need to change network connection to Bridged? 2. Because I've got dynamic IP address from my Internet Provider, so I am using ddns on my router. When i Create Self Signed Certificate, Do i need to create it for that address? If no, which one?

I keep getting "Certificate types are not available" .....What am I missing? I went and checked for the templates and that's missing entirely.....any help is much appreciated.

I am setting up a server with ESXi 6.5. I am running windows server 2016 on a virtual machine which is going to be hosting QuickBooks. I have set up several users in which can remote into their account and open QuickBooks. I also need them to be able to remote in from off the network. I have a FiOS-G1100 router from Frontier. What do you think I should do so that users can access the server from off the network?

I get this error: You cannot request a certificate at this time because no certificate types are available. If you need a certificate please contact your administrator.

Thank you very much, perfect video, explained very well. Subscribed!

Thank you Nick for such detailed video. Is it the same as Direct Access configuration? Do you have video about PPTP configuration also?

does it configure the same way with server 2019

you cannot request a certificate at this time because no certificate types are available. If you need a certificate, please contact your administrator

Hi, if my server is not on AD but on workgroup, is it available to configure SSTP VPN for remote users?

How can I add Certificate in Personal? In my server 2012 after selecting Active Directory Enrollment Policy I found any things!

Sir some help what if my machine is not a member of a domain of company , can i still join it to vpn ?? help

Excellent Video.Thank you man for such a Great Video

Amazing quality videos. Love them. Thanks By the way. Seems like Microsoft doesn't have BGInfo anymore? Can you zip up the one you have or had and link it? Would be highly appreciated! And in Cisco Anyconnect Secure Mobility Client I get Connection Attempt has failed It does find the server, tells me it's insecure and all. But doesn't connect after clicking connect anyways. Is it not supported?

Hi NLB, after following your awesome clip above i get a error which states: The remote computer refused the network connection. can you point to the right direction to fix this please?

Great Video, keep it up. This is exactly what i need, unfortunately i get an error when trying to configure the vpn server saying "the remote access service could not be started" and my system start working very slow. i dont know if my nics are setup properly. the thing is, im not realy sure how they suposed to be set up. would be great if you could share you thoughts about this with me. im using Hyper V for my virtual servers thank you!

Great video. Can't wait to give this a try. Have you had a chance to create the video on how to create the self-signed certificate? Can you include this link?

Do I have to port forward my router? Here is my situation: modem>router1>some devices+router2>server(this come from the router 2) I wanna access my server remotely.

Great video thanks! Would you recommend roaming profiles in order to use the same profile for same user via RDS and local LAN login?

Is the vpn server require a public network card? beacuse the client is connecting at first to a public address

Any chance you can show how to configure the Always ON vpn feature with WIndows 10 and Server 2012/2016?

So where is the video about free ceretificate creation?

great video just i need to know alot of tech guys using different methods i try it but never worked with me so i hope urs method gonna work my system

Flipping great tutorial video. I followed it with a Windows Server 2008R2 server, and it was almost exactly the same. Thanks! I too am eagerly wanting to see you do a video about SSL certificates and being your own Certificate Authority in a business.

Thanks for letting us know 😉

fr stay on the grind

Do you know if I will need a Windows Server 2016 VPN license?

Hi, I have followed your video. The last step you have login to VPN. But how did you create the username and password? Or is that the same user name and password to log in to server?

Thank you Nick. Great!

Fantastic Video! Also, the only one I found where the accent isn't too strong to where it's annoying or incomprehensible.

How did you create the free certificate at 7:10?

great video. thank you!

Well explained .. Thank you

How do you get that information on your right corner??

super tutorial, Большой

do u have to do the certificate?

Great video !

Well, nice video but incomplete. Afther all this, it will faill if we use a "free" certificate.

Too many restrictions for a public website in IIS. Pass

How can you do this WITHOUT domain (DC) ?

Awesome . Thanks !

great video...👍

Please post mcsa 70-742

Thank You So Much

Hello dear, thx for this video, it's really helped me, but i need to know, what should i configurate first ?

24:00 Where do i get my correct address from?

i get nothing on 7:37 how can i get that option thanks

Nothing worked for me you were vague

Hi there great video. How do you connect to the vpn server outside the network. Also I cannot connect to dc01/rdweb outside my network. But it does work on my server

Thank you.

Thanks