For most organizations, moving from Server 2003 to Server 2012 R2 won’t involve much in the way of change when it comes to remote access. This is for the simple reason that most organizations that do have a remote access infrastructure are using dedicated hardware to support remote access.
Unlike at the turn of the century, remote access these days doesn’t mean dial-up, it almost always means Virtual Private Network. Windows Server 2003 supported PPTP and L2TP/IPsec based VPNs, but doesn’t support newer technologies like SSTP or IKEv2 connections, or even Remote Desktop Gateway.
So when your thinking about migrating your Remote Access Infrastructure, the first question you have to ask is “how are people connecting remotely” and the next is “what part does Windows Server 2003 play in this process”.
The function of Windows Server 2003 in most remote access deployments is to provide authentication for a hardware device that supports RADIUS. That is that the hardware device checks with Windows Server 2003 to determine if the user is authorized to use the VPN. If you want to keep this going, you can switch in a new server running Windows Server 2012 R2 to provide the same services without much fuss.
In some remote access deployments, Windows Server 2003 is out on the perimeter network and its external interface is where incoming VPN connections terminate.
In the next post I’ll discuss the steps you need to take to migrate from having Windows Server 2003 as part of your remote access infrastructure to using Windows Server 2012 R2.