I have been tasked to setup a vpn into our company. We have a single windows 2016 server that is acting as everything. A DC, AD, File Server, Web Server, SQL Server, and now perhaps a VPN Server. I know its not best practice to have all this in one place. I am just one man who does IT stuff on the side. Trying to get multiple machines for everything wont be possible for me to sell to management.
My question is really geared towards the security aspect of opening a port for SSTP VPN into the network. I know little enough to not know what the concerns are doing this. I am not so much worried about the traffic between the clients and server, I am worried about outside attacks and vulnerabilities and unauthorized people gaining access. Right now nothing is exposed to the outside world.
I am not knowledgeable enough to be able to even spot if this had occurred to be honest. None the less, they want some form of remote access.
I can setup the server for SSTP VPN, I just dont know if I should. Would installing OpenVPN on this server be any different?
I would like any help working thru this. Suggestions, Concerns, etc.
I appreciate it.