Configure a Virtual Private Network Connection Item

Applies To: Windows Server 2008

The Network Options extension allows you to centrally create, modify, and delete dial-up networking and virtual private network (VPN) connections. Before you create a network option preference item, you should review the behavior of each type of action possible with the extension.

Creating a VPN Connection item

To create a new VPN Connection preference item

  1. Open the Group Policy Management Console. Right-click the Group Policy Object (GPO) that should contain the new preference item, and then click Edit.

  2. In the console tree under Computer Configuration or User Configuration, expand the Preferences folder, and then expand the Control Panel Settings folder.

  3. Right-click the Network Options node, point to New, and select VPN Connection.

  4. In the New VPN Properties dialog box, select an Action for Group Policy to perform. (For more information, see "Actions" in this topic.)

  5. Enter VPN connection settings for Group Policy to configure or remove. (For more information, see "Virtual private network connection settings" in this topic.)

  6. Click the Common tab and configure any options desired. (For more information, see Configure Common Options.)

  7. Click OK. The new preference item appears in the results pane.

Actions

This type of preference item provides a choice of four actions: Create, Replace, Update, and Delete. The behavior of the preference item varies with the action selected and whether the VPN connection already exists.

Create

Create a new network connection. If the connection with the same name exists, then do not modify it.

Delete

Remove a network connection with the same name. The extension performs no action if the connection does not exist.

Replace

Delete and recreate the network connection. The net result of the Replace action overwrites all existing settings associated with the connection. If the connection does not exist, then the Replace action creates a new connection.

Update

Rename or modify a network connection. The action differs from Replace because it updates the settings defined within the preference item. All other settings remain as they were previously configured. If the connection does not exist, then the Update action creates a new connection.

Virtual private network connection settings

User connection

Use this setting to make the newly created or updated connection visible only to the applied user.

All users connection

Use this setting to make the newly created or updated connection visible to all users on the computer.

Connection Name

Text used to name the connection. Press F3 to display a list of variables from which you can select. You can import a virtual private network connection into a virtual private network preference item. Click Browse (…) to display a list of virtual private network connections from the current computer.

IP Address or DNS name

Type the IP address of the remote computer. Or, select the Use DNS name box and type the fully qualified domain name of the remote computer.

Dial another connection first

Type the name of the dial-up network connection that this connection established prior to connecting to the virtual private network.

Show icon in notification area when connected

Displays an animated icon in the notification area when connected.

Options tab

Use the Options tab to choose dialing and redialing options for the VPN Connection preference item.

Security tab

The Security tab provides Typical and Advanced security settings associated for the VPN Connection preference item. Use these settings to determine password security, data encryption, and authentication protocols.

Networking tab

Use the Network tab to choose the type of VPN connection for the preference item.

Additional considerations

  • You can use item-level targeting to change the scope of preference items.

  • Preference items are available only in domain-based GPOs.

Additional references