VPN on Windows Server VPS

Windows Server's built-in VPN requires Microsoft's characteristic maze of configurations. Setup is complicated. It requires GRE protocol on the client side to use PPTP. It requires Active Directory to use L2TP/IPsec.

OpenVPN is easy to set up for a client to connect to the VPN server but is very difficult to troubleshoot. Making it work is complicated. The support is very limited.

WireGuard setup via Wg Server for Windows is the easiest way.

To run WireGuard setup via Wg Server for Windows, one needs to enable User Account Control: Admin Approval Mode for the Built-in Administrator Account and reboot the server after the change. Otherwise, running the Wg server app will show nothing and result in two error entries in the Event Viewer. WireGuard's tunnel can stop web services, RDP, and other server services completely probably due to NAT. It is risky to use it with other services.