Assumptions:
Remote users will be authenticated in local databases(Windows).
We will use PPTP protocol.
Only MS-CHAPv2 is allowed.
- Choose Remote Access Policy (VPN) in left windown
- Click “Configure Address Assignment Method” and configure address pool for remote access clients
in this tutorial we will use static pool
– click “Add”, select TMG server and specify address range for clients
– apply settings,click OK and update TMG configuration by clicking “Apply”.
- Specify Windows Users who can log in remotely via vpn
– click add and choose Windows Local Group
– apply changes!
- define VPN access – in this case PPTP
– apply changes
- configure authentication methods(MS-CHAP v2).
– apply settings
- define network on which TMG will accept vpn connections(in most External)
– apply changes if any
- Configure policy to allow traffic from VPN Client network to Internal
– apply changes
- check network rules(default one – routing between VPN and Internal and NAT between VPN and Internet – is OK in most situations)
– apply changes
- enable VPN client access
- Test VPN access from remote client( Monitor VPN Clients task)
dzbanek 2013-01-03