Windows Server 2003 remote access VPN connections consist of many components. The VPN client must be configured to make the VPN connection to the VPN server, either manually or using CM. The Internet network infrastructure must support the reachability of the VPN server interface on the Internet and support the resolvability of the VPN server’s DNS name. You must decide on which authentication protocol (EAP-TLS and MS-CHAP v2 are recommended) and VPN protocol (L2TP/IPSec is recommended instead of PPTP in high-security environments and with an existing PKI) to use. The intranet network infrastructure must support name resolution of intranet resources, routing to and from remote access clients, and quarantine resources. The AAA infrastructure must be configured to provide authentication using domains, authorization using remote access policies, and accounting for remote access VPN connections. For L2TP/IPSec connections or when using EAP-TLS authentication, a certificate infrastructure must be in place to issue computer and user certificates.