
Remote Access Always-On VPN Deployment
Following sections will be used to deploy Always On VPN
connections for remote Windows 10 client computers that are joined to your
domain.
You can use this topic to complete the following steps.
- On a server configured with Active Directory Domain Services:
Enable certificate autoenrollment in Group Policy for both computers and users,
create the VPN Users Group, the VPN Servers Group, and the NPS Servers Group,
and add members to each group. - On an Active Directory Certificate Server CA: Create the User
Authentication, VPN Server Authentication, and NPS Server Authentication
certificate templates. - On domain-joined Windows 10 clients: Enroll and validate user
certificates.
You can use
this topic to complete the following steps.
- Enroll and validate the VPN server certificate
- Install and configure Remote Access VPN
You can use
this topic to complete the following steps.
- Install and configure NPS server as a RADIUS server.
- Enroll and validate the NPS server certificate
You can use
this topic to complete the following steps.
- Configure DNS, Internal Perimeter Network Firewall, and Edge
Firewall settings.
You can use
this topic to complete the following steps.
- Configure the Remote Access Always On VPN client by using
Windows PowerShell, Microsoft System Center Configuration Manager, or Intune.
No Comments