Your company has a main office.
The network contains an Active Directory domain named contoso.com. The main office contains a server named Server1 that runs Windows Server 2012. Server1
has the Remote Access server role installed and is configured to accept incoming SSTP-based VPN connections.
All client computers run Windows 7.
The company plans to open a temporary office that will contain a server named Server2 that runs Windows Server 2012 and has the DHCP Server server role
installed. The office will also have 50 client computers and an Internet connection.
You need to recommend a solution to provide the users in the temporary office with access to the resources in the main office.
What should you recommend?
More than one answer choice may achieve the goal. Select the BEST answer.
A.
Use the Connection Manager Administration Kit (CMAK) to create a connection package that specifies Server1 as the target for SSTP-based VPN connections.
Manually distribute the CMAK package to each client computer in the temporary office.
B.
Install the Remote Access server role on Server2. From Routing and Remote Access on Server2, add a SSTP-based VPN port. From DHCP on Server2,
configure the default gateway server option.
C.
Uses the Connection Manager Administration Kit (CMAK) to create a connection package that specifies Server1 as the target for SSTP-based VPN connections.
Use a Group Policy object (GPO) to distribute the CMAK package to each client computer in the temporary office.
D.
Install the Remote Access server role on Server2. From Routing and Remote Access on Server2, configure a demand-dial interface. From DHCP on Server2,
configure the default gateway server option.
Explanation:
* configure RRAS server role as a VPN server on a Windows server 2008 R2 machine. To do that, you need to first install the RRAS server role.
* in case of IPv4 the remote access client’s VPN configuration is the ONLY configuration that governs whether it has default IPv4 gateway towards VPN server or
not
Remote Access Deployment Part 2: Configuring RRAS as a VPN server
Maybe the following link could be the reason for this answer:
https://support.microsoft.com/en-us/help/947032/how-to-configure-a-secure-socket-tunneling-protocol-sstp–based-vpn-server-behind-a-nat-device-in-windows-server-2008
Regarding CMAK answers: I couldnĀ“t find anything relating CMAK and SSTP-based VPN.
For me answers is A.
CMAK is used for simplifying the deployment of VPN client-connection setup. With CMAK
we create the VPN profile in executable file format, and then distribute it to the clients.
Note: Connection Manager is a client network connection tool that allows a user to connect
to a remote network, such as an Internet service provider (ISP), or a corporate network
protected by a virtual private network (VPN) server.
But you need to manually distribyte CMAK files
Is obviously not the best way
I think answer B is right
B: SSTP cannot be used for a S2S VPN, so incorrect.
C: Cannot distribute via GP as there is no domain, so incorrect.
D: Demand-dial is incorrect, as Server1 is configured for SSTP connections.
MAX is right; the correct answer is A. Publish the connection package to a website and have the users at the temporary office run it.