Would you like to learn how to configure a group policy to add a VPN connection? In this tutorial, we will show you how to deploy a VPN connection using a GPO.

• Windows 2012 R2
• Windows 2016
• Windows 2019
• Windows 10
• Windows 7

Equipment list

The following section presents the list of equipment used to create this tutorial.

As an Amazon Associate, I earn from qualifying purchases.

Tutorial GPO - Add a VPN connection

On the domain controller, open the group policy management tool.

Windows 2012 - Group Policy Management

Create a new group policy.

Windows 2012 - Group Policy Objects

Enter a name for the new group policy.

Windows - Add GPO

In our example, the new GPO was named: MY-GPO.

On the Group Policy Management screen, expand the folder named Group Policy Objects.

Right-click your new Group Policy Object and select the Edit option.

Windows - Edit GPO

On the group policy editor screen, expand the User configuration folder and locate the following item.

Copy to Clipboard

Create a new VPN connection.

GPO - VPN Configuration

On the General tab, perform the following configuration.

• User connection - Yes.
• Connection name - Enter a name to the new connection.
• IP address - Enter the IP address of the VPN server.
• Use DNS name - Optional, select if you want to use the DNS name.
• Show icon - Yes.
GPO - Add VPN Connection

On the Networking tab, select the desired type of VPN.


Optionally, on the Security tab, customize the VPN security configuration.

GPO - VPN Security Configuration

Click on the OK button.

To save the group policy configuration, you need to close the Group Policy editor.

Congratulations! You have finished the GPO creation.

Tutorial - Applying the GPO to deploy a VPN connection

On the Group policy management screen, you need to right-click the Organizational Unit desired and select the option to link an existent GPO.

Windows-2012-Applocker application

In our example, we are going to link the group policy named MY-GPO to the root of the domain.

GPO- tutorial linking

After applying the GPO you need to wait for 10 or 20 minutes.

During this time the GPO will be replicated to other domain controllers.

On a remote computer, verify the list of VPN connections available.

GPO - VPN Connection

In our example, we installed a VPN connection to all domain users using a GPO.