Whats the best way to set up a secure VPN server on Windows Server 2012 R2?

[Telerebro]

Currently I have my RDP connections to my server using an obfuscated port and some port forwarding, but that's not really as secure as it could be, so I decided to try setting up a VPN server.

I did it the "easy way" using PPTP, but after getting it working, I read how insecure PPTP is, and was discouraged, so I deleted that connection.

 

I'm wondering if there is a free (or cheap) VPN server solution that runs on Windows, preferably one that Windows 10 PC's can connect to without additional software if possible. 

 

Can anyone point me in a good direction?  

 

Thanks!

[+BudMan MVC]

Openvpn is free and runs on windows.

 

If all you want is access to the server running something like openvpn on the server will work.. But if what your looking to do is access your whole network via the vpn, then running it on host inside the network your trying to access with all those other boxes talking to something else as their gateway you run into a asymmetrical routing problem.

 

Its normally best to run the vpn on the edge of the network.. What router do you have?  If supports 3rd party firmware then you could run openvpn on that. 

 

I take it this 2012r2 is not acting as your router and on the edge of your network.

 

But if all you want to do is access this server via RDP, and then from that rdp session access other stuff on our network - then sure running openvpn on it will work just fine.  All you would need to do is forward the port(s) your going to run openvpn on into this servers IP at your router.  1194 is default udp port, I run mine on my router on tcp 443 (this is always open if there is internet access) and then udp for when on an open connection and its not blocked.

 

If you need help setting it up just ask.. Could put together a simple guide.  But again if possible I would look to run it on your router.  And yeah pptp has been DEAD for YEARS.. You could also just use the build in 2k12 vpn..   2k12r2 supports L2TP over ipsec, or SSTP..  other than the now dead and useless pptp.  I would go with the SSTP..  Windows 10 can for sure connect to that without any added software.

 

But openvpn client software works just fine, and can run on ios and android devices as well.  So just because a client is needed don't let that scare you off.

 

As a 3rd option - take a look at https://www.softether.org/

Its FREE and has lots and lots of cool features!!

[Telerebro]

Thanks! That was exactly what I needed

[Telerebro]

Just wanted to post an update: 

I ended up installing the OpenVPN Appliance in Hyper-V, and it's working great! I can now access anything on my network once I'm connected.

 

Do you know of anything I need to do to it maintenance-wise aside from the occasional apt-get update and upgrade?

 

Thanks again

[+BudMan MVC]

what appliance did you install?  assuming its running openvpn-as vs the community version?

[Telerebro]

sorry, it is indeed the OpenVPN Access Server Virtual Appliance

(the VHD linked here: https://openvpn.net/index.php/access-server/download-openvpn-as-vm.html)