Skip to main content desktop
Try Now

RAS VPN Setup Wizard

Jordan HammondJordan Hammond
Josh MackelprangJosh Mackelprang

Sysadmins have long battled against sneakernet. The very idea that we would need to leave our chairs to go to an end-users workstation is almost unimaginable. has been proud to step in and help you keep firmly seated in your undoubtedly comfy seat. However, times changed faster than we could ever predict; the great evil went from sneakernet to helping your rapidly expanding remote workforce. We admit we got caught a little flat-footed by it. Luckily, PDQ’s developers are something beyond excellent. has developed a remote connection utility called RAS VPN Setup Wizard. This utility is free for all users but is not supported by RAS VPN Setup Wizard will allow you to maintain your excellent services and expand them to any workstation with an internet connection. If you have not yet downloaded RAS VPN Setup Wizard, now is the time. To get started, check out the bottom of the page to get documentation/FAQ.

Let’s get the first concern out of the way; this will not require you to purchase any new hardware or software. We achieved this by utilizing builtin Windows Server roles Remote Access Server(RAS) and Network Policy Server(NPS). In under 15 minutes, we will get you all set up and provide an installer for your workstations. After installing on the workstation, the machine will initiate a connection to your server if they are authorized to connect to your network. This allows you to use PDQ Deploy and PDQ Inventory without issue. No need for your users to do anything. As a happy side note, your users can access any internal resources as well.

Prerequisites for RAS VPN Setup Wizard

The majority of work for RAS VPN Setup Wizard is done with our installer, but there is one bit that will have to be done by you or your network team. Your external firewall will need to route incoming TCP 443 to your RAS VPN server. 443 is the only port SSTP can utilize. This configuration is mandatory to allow your external clients to connect.

Installing RAS VPN Setup Wizard

With the networking completed, the next step is installing the product. The machine has three requirements for the server to be able to work with RAS VPN Setup Wizard.

Once you double click on the installer, it will check that all prerequisites are met. The next screen is the configuration screen. Here is where we enter the last bits of information you need to have RAS VPN up and running.

Cert set up

If you have a cert already available, you can select that here, if not, enter in a password, and RAS VPN Setup Wizard will create a new one for you. This certificate will be installed in the RAS VPN server’s certificate store. If we generate one for you, you can always export it and re-use it should you need to.

Active Directory Group

The Active Directory group you put into this section will need to be a user group that contains the names of all remote users that will require a connection. I don’t want to tell you how to do your job, but I might recommend naming it something like “Remote Users,” or maybe even “VPN Users.” 

In the example we have below, I have put Domain Users, which would allow any AD account in your name to connect. If this is something you would need to restrict more, you would need to build a new group that contains the correct group of users you need to have.

Client Configuration

Client Connection is where you enter information that will let the client installer know where these machines will be connecting. Connection name can be whatever you want to name it. I recommend keeping that as the default. The server hostname is the publicly resolvable DNS name or IP address of your RAS VPN server. This should match the changes made to your external firewall.

If you have a static IP from your ISP, then you are done. If you do not, it may be wise to look into setting up a dynamic DNS solution on your server to ensure the public record is getting up to date. This will help ensure that remote machines will be able to connect through RAS VPN and save you from needing to update the Client installation.

Final Steps

Once you click on next, it will take 5 to 10 minutes to get everything configured. Once it has completed, you will get an installer for your clients. The RAS VPN setup initiates an auto-logon, so it will be required that these remote machines are AD joined. Make sure you keep this safe, as the installer will work for all future computers you would like to have connected. Once installed, the client will automatically connect when the user logs in. You will again be able to scan and deploy to these machines allowing you to maintain your elite services to all users, no matter where they may be connected.

Here are some resources to get you going 

Download RAS VPN Setup Wizard

Server Setup with RAS VPN Setup Wizard

Frequently Asked Questions

RAS VPN Setup Wizard System Requirements

Ready to get started with PDQ Deploy & Inventory? Work less, automate more.

Start your 14-day free trial
Sign up in seconds

Don't miss the next post!

How to Block the Windows 11 Upgrade

Windows 11 is here, but that doesn't mean you have to use it. Discover several different ways to block Windows 11 from installing on your computers.

© 2021 Corporation
  • PDQ Deploy ®
  • PDQ Inventory ®
  • Pricing
  • Downloads
  • Licensing
  • Buy