|
|
|
|
Configuring a free VPN solution in your home |
|
|
|
|
Written by CCIE9277
|
|
Thursday, 23 March 2006 |
|
Page 1 of 3 I've had numerous members here email me about writing an article on setting up a secure, inexpensive, home VPN solution that they could use to share files between their home and office computers while they were at work. After speaking with many different people on the subject, I decided that most of them were running Windows XP for their operating systems and Linksys brand routers. That being said the following article is based on the above specifications and will involve no extra cost in setting up the VPN connection. VPNs or Virtual Private Networks continue to increase in popularity due to the rise of inexpensive, high capacity Internet connectivity. Therefore lots of people are now using secure VPNs in order to connect to their home based networks as well as their office networks. If you have stumbled across this article and do not know the meaning of the term VPN it would be as follows: A VPN is used to connect multiple private networks securely across an unsecured public network like the Internet. A private network in this case would be a network in which the traffic is not freely accessible by the public. If we break down the meaning of Virtual Private Network in the instance explained above it would be as follows. The two end points of this "network" are private networks that are seamlessly connected across a public network in which neither private network knows about, creating a "Virtual Private Network" between them. For more information on what VPNs are you can read this article I wrote on the subject as an overview of the technology: |
|
http://www.computernetworkinghelp.com/content/view/37/2/
Microsoft has built in the ability to act as a VPN termination point right into Windows XP. Microsoft XP allows one connection to come in over the configured VPN via the PPTP protocol, using MPPE 128-bit encryption and Microsoft CHAP v2 authentication. It's fairly easy to configure and can run on your existing LAN connection of your home computer. Below I will walk you through the steps of configuring the VPN server, allowing the protocol to pass through your Linksys router and finally how to configure your client to connect to the VPN. Section 1: Configuring the VPN server (PC that VPN clients will connect to). - Step 1: First we need to click on the "start" menu and then click on "control panel", you will see a screen similar to the one in the image below in Figure 1-A.
Figure 1-A
 - Step 2: Next we will need to click on "Network and Internet Connections" as shown outlined in red in Figure 1-A above. Next you should see a screen similar to the one in the image below in Figure 1-B.
Figure 1-B
 - Step 3: Next we will need to click on "Network Connections" as shown outlined in red in Figure 1-B above. Next you should see a screen similar to the one in the image below in Figure 1-C.
Figure 1-C
 - Step 4: On this screen you will see the currently configured network connections to the right and then a menu on the left. Don't worry if the connections on the right don't look exactly like the ones in Figure 1-C. Next we will need to click on "Create a new connection" to the left, in the "Network Tasks" section as shown outlined in red in Figure 1-C above. Next you should see a screen similar to the one in the image below in Figure 1-D.
Figure 1-D
 - Step 5: You have now opened up the "New Connection Wizard", we will use this again later in Section 2 to configure the VPN client as well. This screen is purely informational, we will just need to click on the next button as shown outlined in red in Figure 1-D above. Next you should see a screen similar to the one in the image below in Figure 1-E.
Figure 1-E
 - Step 6: Now we will need to click on the radio button next to "Set up an advanced connection" as shown outlined in red in Figure 1-E above and then click the next button once that has been selected. Next you should see a screen similar to the one in the image below in Figure 1-F.
Figure 1-F
 - Step 7: Now we will need to click on the radio button next to "Allow incoming connections" as shown outlined in red in Figure 1-F above and then click the next button once that has been selected. Next you should see a screen similar to the one in the image below in Figure 1-G.
Figure 1-G
 - Step 8: Notice that there is a device listed in Figure 1-G. If your list of connection devices is different don't worry about it. In this scenario we won't be selecting a device here because we are not using a device terminate our incoming connections but if you were using a modem for example, you would select it here. Now you will want to just click the next button as shown outlined in red in Figure 1-G above. Next you should see a screen similar to the one in the image below in Figure 1-H.
Figure 1-H
 - Step 9: Now we will need to click on the radio button next to "Allow virtual private connections" as shown outlined in red in Figure 1-H above and then click the next button once that has been selected. Next you should see a screen similar to the one in the image below in Figure 1-I.
Figure 1-I
 - Step 10: This is the User Permissions screen in figure 1-I above. Here you will see a list of currently configured users on this system. In this case for simplicity, I have clicked on the box next to "VPN User" which I had already configured on my system previously. Notice how the box in the picture now has a checkmark located in it indicating that it has been selected. Now in this case you could just use your standard user ID on your system or you could click on the "add" button first to create a new ID for the VPN connection (NOTE: Should always be a password protected account!). Now we will need to click on the next button to continue. Next you should see a screen similar to the one in the image below in Figure 1-J.
Figure 1-J
 - Step 11: This is the Networking Software screen in figure 1-J above. Here you will see a list of currently available networking software on this system. In this case we will want to click the box next to "File and Printer Sharing for Microsoft Networks" as outlined in red in Figure 1-J above. The boxes next to boxes next to "Internet Protocol (TCP/IP)", "Client for Microsoft Networks" should already be checked, If not, click them as well. Now we will need to click on the next button to continue and we're almost done. Next you should see a screen similar to the one in the image below in Figure 1-K.
Figure 1-K
 - Step 12: You now see the "Completing New Connection Wizard" dialog. This screen is purely informational also, we will just need to click on the finish button as shown outlined in red in Figure 1-K above and you are done. Next you should be back to your "Network Connections" screen similar to the one in the image below in Figure 1-L.
Figure 1-L
 - Step 13: Note: Now on the Network Connections screen in Figure 1-L above you have a new section called "Incoming" and a new connection called "Incoming Connections" below that. You can come here to view connections to the VPN. There are also additional properties that can be changed there but that's out of the scope of this document. At this time Section 1: Configuring the VPN Server is completed.
|
|
|
|
Helpful Tips |
|
Wireless devices will generally be shipped with a default SSID (service set identifier) that will be identical on the same product shipped to others from this products manufacturer. In order to secure your wireless network making it more difficult for others to connect, its a good idea to change the SSID to something different and also turn off the "broadcast SSID" feature if possible. You can also configure the device to only allow connections from certain MAC (factory burned in addresses for the Network Interface Card) addresses which belong to your devices and will be unique if the device supports this capability. |
|
|
|
|
