Always On VPN


I am trying to enable Always On VPN for some new remote workers.  from the documentation I've read, it seems the RRAS/VPN server siting in the perimeter network is a member server in AD.  Is this correct? I am hesitant adding a server to AD that sits in the DMZ.  




1 Reply
best response confirmed by Rob Nunley (Contributor)

@Rob Nunley There is no hard requirement for the RRAS server to be joined to a domain. It is perfectly acceptable to configure the VPN server as a standalone server in the DMZ supporting Always On VPN connections. It's something I've done numerous times without issue.