Online Digital Forensics Courses and Labs

Remote Access Windows Server 2016 Protection - Features and Roles

Authors Dr. Cliff Zou, 407-823-5015, czou@cs.ucf.edu and Mr. Benigno Rodriguez, jrodsoto@knights.ucf.edu

Prerequisite:

Knowledge of basic usage of Linux machine and virtual machine environment.
Basic knowledge of networking and TCP/IP.
Basic knowledge of Windows Server Services (DHCP, DNS, RAS)

Installation and Configuration Information

The Installation and configuration for all virtual devices (vm machines) are included in this document avaible as downloadable here and HTML format here.

Windows Server Primary Domain Controller

The Domain Controller server (servername: PDC) will authentication the remote client connecting via Remote Access configure on our RAS server. The RAS server will requires a certificate. We are using internal PDC with Microsoft CA Roles. The Following instructions will ensure that the CA server is ready for provisining the certificate when request by our remote server.Microsoft Certifcation Authority

From Virtual Box Menu Select Input / Keyboad / Insert to start you VM

Verification of MSCA from the desktop environment - Server Manager

Windows Remote Access Server - RAS (Gateway Server)

The Remote Access Server (servername: RAS) will authenticate the remote client connecting via Remote Access Client application built-in Windows 10 Client. Configuration for RAS server will be illustrated here. The RAS server will request a certificate from internal (PDC) Certification Authority server.RAS VPN infrastructure.

From Virtual Box Menu Select Input / Keyboad / Insert to start you VM

Certificate Request and Issue

Information Informatiion Services - Certificate Binding

Remote Access VPN - Certificate Binding

NLB Solutions - Contributor

The Remote Access Role was installed during the configuration of the server using powershell commands. We using this video as resource for requesting the server certificate and Verify that the initial configuration is correct on our server. The first step is to request a certificate.

Use Search Windows to find Computer Certificate Manager.

Follow the video from time 5:00 minute.

Biding Certificate to IIS instaled on your server - User Server Manager Application
Biding Certificate Remote Access Server - VPN on your server - User Server Manager Application
Remote Users IP Addresses Pool Assignment (RAS) option.

Firewall - Endian Community 3.0 Software Define Firewall

The Firewall basic configuration allow administrators to configure it from the GUI interface. The lab will required setting port forwarding, source network address translations and firewall rules for traffic between internal inter-zone.

Port Forwarding

Source Network Address Translation (SNAT)

Incoming and Inter-Zone Traffict Firewall Configuration

Click Here - external resource. Endian Firewall configuration.

Windwos 10 Client

Remote Access Client application built-in Windows 10 Client allow users to connect from a remote location to their corporate, home or other networks over Secure Socket Tunneling Protocol (SSTP), PPTP, IKE/IPSec encryption. SSTP provide a communication channel between the client and the server utilizing SSL/TLS. This is the main reason the RAS server must have an authenitcaion certificate to handle the client authentication request. Follow the guide documentation for this lab to configure (SSTP) and test the VPN configuration and connection to the RAS Server.RAS VPN infrastructure.

Shutdown Windows 10 Client Machine

Change Windows 10 Client VM Network Adapter on Virtual Box (NatNetwork Adapter)

From Virtual Box Menu Select Input / Keyboad / Insert to start you VM

VPN Configuration - windows toolbar - open network and internet setting, select VPN from the left side options and create a new connection. Enter the information as shown in this image. if you enroll and created a different CN when enrolling to a certificate template use your selection for server name or address.

Testing VPN Connection
Verify VPN Connection