How To Allow Remote Users to Access Your Network in Windows 2000

Article ID: 300434 - View products that this article applies to.
This article was previously published under Q300434
Notice
This article applies to Windows 2000. Support for Windows 2000 ends on July 13, 2010. The Windows 2000 End-of-Support Solution Center
(http://support.microsoft.com/?scid=http%3a%2f%2fsupport.microsoft.com%2fwin2000)
is a starting point for planning your migration strategy from Windows 2000. For more information see the Microsoft Support Lifecycle Policy
(http://support.microsoft.com/lifecycle/)
.
Notice
This article applies to Windows 2000. Support for Windows 2000 ends on July 13, 2010. The Windows 2000 End-of-Support Solution Center
(http://support.microsoft.com/?scid=http%3a%2f%2fsupport.microsoft.com%2fwin2000)
is a starting point for planning your migration strategy from Windows 2000. For more information see the Microsoft Support Lifecycle Policy
(http://support.microsoft.com/lifecycle/)
.
Expand all | Collapse all

On This Page

SUMMARY

This step-by-step article describes how to configure Windows 2000 to allow remote users to connect to your network, including how to allow dial-up connectivity through a modem and a Virtual Private Network (VPN) connection.

The following scenarios are examples of how the client computer connects to a Windows 2000 remote access server:
  • Client computer <--> Windows server (Dial-up connection)
  • Client computer <--> Internet (ISP) <--> Windows 2000 server (VPN connection)
These scenarios assume the following configurations:
  • For dial-up capability, the modems are configured on the server.
  • For VPN capability, the server has two network cards.
  • For VPN capability, Point to Point Tunneling Protocol (PPTP) is used for the VPN tunnel.
  • For VPN capability, the server has a direct connection to the Internet, and is not behind any firewall or proxy servers, or is not running any program that provides these functions.
  • No routing protocols are configured, such as Routing Information Protocol (RIP) or Open Shortest Path First (OSPF) routing protocols.

How to Configure Routing and Remote Access Service in Windows 2000

Enabling the Routing and Remote Access Service

In Windows 2000, the Routing and Remote Access Service is installed by default. Microsoft recommends that you install Windows 2000 Service Pack 2 (SP2).

The Windows 2000 SP2 download file is located at the following Microsoft Web site:
http://www.microsoft.com/technet/security/bulletin/ms01-033.mspx
(http://www.microsoft.com/technet/security/bulletin/ms01-033.mspx)

Enabling Windows 2000 Routing and Remote Access Service to Allow Dial-up Connections or VPN Connections

  1. Click Start, click Programs, click Administrative Tools, and then click Routing and Remote Access.
  2. From the Routing and Remote Access Service Administrator program, click the server name, click the Action menu, and then click Configure and Enable Routing and Remote Access.
  3. In the Routing and Remote Access Server Setup Wizard, click Next.
  4. Click Remote access server, and then click Next.
  5. On the Remote Clients Protocols page, make sure that the protocols that the remote clients use to connect to the server are listed in the Protocols box, and then click Next.

    NOTE: The default setting is TCP/IP with the Yes, all of the required protocols are on this list option selected.
  6. On the Network Selection page, click the network adapter that corresponds with your local area network (LAN), and then click Next.

    NOTE: If your server has two network adapters (one for the LAN and the other for a direct Internet connection), make sure that you click the network card for your LAN.
  7. On the IP Address Assignment page, click Automatically if your network has a DHCP server available. If not, click From a specified range of addresses, configure a range of available Internet protocol (IP) addresses for clients, and then click Next.
  8. On the Managing Multiple Remote Access Servers page, click No, I don't want to setup this server to use RADIUS now, and then click Next.
  9. On the Completing the Routing and Remote Access Server Setup Wizard page, click Finish.

Allowing Access and Policies

To allow users to connect, you must give them the permissions to do so. After you enable the Routing and Remote Access Service, you must allow users to connect. To allow the server to accept remote access clients:
  1. Click Start, click Programs, click Administrative Tools, and then click Routing and Remote Access.
  2. Click Remote Access Policies. If you do not see this listing, click on the plus sign (+) next to the server icon to expand the sub tree for your server.
  3. In the right pane, right-click Allow access if dial-in permission enabled, and then click Properties.
  4. Click Grant remote access permission, and then click OK.
  5. Close Routing and Remote Access.
In addition to this procedure, you must give the user account permission for dial-up access in the user account properties.

Troubleshooting

Number of Connections

The number of dial-up modem connections is dependent on the number of modems that are installed on the server. If you have only one modem installed on the server, you can only have one modem connection at a time.

The number of dial-up VPN connections is dependent on the number of simultaneous users that you want to allow. By default, when you run the procedure described in this article, you allow five connections. To allow more connections:
  1. Click Start, click Programs, click Administrative Tools, and then click Routing and Remote Access.
  2. Right-click Ports, and then click Properties. If you do not see this listing, click on the plus sign (+) next to the server icon to expand the sub tree for your server.
  3. In the Ports properties, click WAN Miniport (PPTP), and then click Configure.
  4. In the Maximum ports box, type the number of VPN connections that you want to allow.
  5. Click OK, click OK, and then close Routing and Remote Access.



Back to the top | Give Feedback

REFERENCES

For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
256644
(http://support.microsoft.com/kb/256644/EN-US/ )
Description of Remote Access Wizards
For more information, refer to the following Microsoft Web site:
http://technet.microsoft.com/en-us/network/default.aspx
(http://technet.microsoft.com/en-us/network/default.aspx)





Back to the top | Give Feedback

Properties

Article ID: 300434 - Last Review: October 31, 2006 - Revision: 3.8
APPLIES TO
  • Microsoft Windows 2000 Server SP1
  • Microsoft Windows 2000 Server SP2
  • Microsoft Windows 2000 Advanced Server SP1
  • Microsoft Windows 2000 Advanced Server SP2
  • Microsoft Windows 2000 Server
Keywords: 
kbhowtomaster KB300434
Back to the top | Give Feedback

Give Feedback

 
Back to the topBack to the top