1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Networks How to setup a VPN Server & Client - WinXP [NOT 56k Friendly]

Discussion in 'Hardware' started by N4N01D, 28 Jul 2004.

  1. LOTTARO

    LOTTARO New Member

    Joined:
    1 Jul 2005
    Posts:
    99
    Likes Received:
    0
    Excelent guide! thanks to posting it.
     
  2. Isotopian

    Isotopian New Member

    Joined:
    19 Oct 2004
    Posts:
    131
    Likes Received:
    0
    Quick question here- does this become much more difficult if your computer you want to run the VPN off of is connected through a router? I've tried this, but my computer's IP address is local only to the router. Do I need to mess around with this and set up a permanent IP? How should I go about this?
     
  3. N4N01D

    N4N01D New Member

    Joined:
    29 Apr 2004
    Posts:
    467
    Likes Received:
    0
    no, this isnt really that much harder, you will need to change some settings in your router like VPN pass through or set you VPN computer in the DMZ. When using the DMZ make sure that it is well secured. When you mean the computers ip is only local to the router, is this statically addressed or are you using DHCP? - if it is DHCP you should give it a static internal ip address
     
  4. Isotopian

    Isotopian New Member

    Joined:
    19 Oct 2004
    Posts:
    131
    Likes Received:
    0
    Thanks, all the other info I needed was in my router. I love my Linksys.
     
  5. alkmie

    alkmie New Member

    Joined:
    14 Dec 2005
    Posts:
    1
    Likes Received:
    0
    :wallbash:

    This maybe be a noobie question but what do i do after ive connected?

    i set the server and client just like the guide said flawless (ive even attend before and failed but this guide is idiot proof)

    my only problem is i expected to see the connect computers shares in my network but i didnt Y is this ???

    note also i was the server the client was my friend and he connected but i couldnt check to see if i could see my shares on his computer, but i could not see his???

    but thats how it works right just like if it wore on the lan??? ill test it with doom classic this weekend any hoot thanks for the guide :thumb:
     
  6. N4N01D

    N4N01D New Member

    Joined:
    29 Apr 2004
    Posts:
    467
    Likes Received:
    0
    i have found that on some systems it will show shares on its own and on others you will need to manually search for the pc etc \\pc1\share1 etc before they will show up for you :)
     
  7. nitin

    nitin New Member

    Joined:
    2 Jun 2006
    Posts:
    4
    Likes Received:
    0
    I created a VPN server in windows XP Professional, but the problem is I am not able to connect any client machine with this VPN server. Whenever I tring to connect a client machine, it gives the error massage - "Error: 800, unable to establish the VPN connection. The VPN server may be unreachable".

    I have a computer with 2 LAN cards, first one for the external IP address and second one for the internal LAN.

    I tried with Window 2003 server as well, I created VPN server in the Window Server 2003 and this time I am able to connect the client machine with the VPN server but I can't access the internet from the client machine.

    Can you please help me out in this, I will be really greatful to you.
     
  8. N4N01D

    N4N01D New Member

    Joined:
    29 Apr 2004
    Posts:
    467
    Likes Received:
    0
    Nitin: are the clients on the internal LAN or outside? When you are connecting are you using the internal IP of the VPN server or the external IP address (which i then assume you have setup the port forwarding etc), is this adsl you are using, if so and you are trying to loopback it wont work due to NAT?
     
  9. nitin

    nitin New Member

    Joined:
    2 Jun 2006
    Posts:
    4
    Likes Received:
    0
    The client are outside the internal LAN.
    I have created a user on the server. And gives a range of Internal IP on to the VPN server and on the basis of that IP range, the VPN server assigns IP to the client machine, but before that I used external IP on the client machine to connect to the server.
    I have a broadbad DSL connection.

    I tried VPN by 2 cases: 1st from 2003 server and 2nd from XP professional

    In the 2003 server, I can able to remotely connect the client machine to the VPN server but unable to access the internet from the client machine.

    In XP Professional, I am not able to connect the client machine to the VPN server.
     
  10. N4N01D

    N4N01D New Member

    Joined:
    29 Apr 2004
    Posts:
    467
    Likes Received:
    0
    I cant see why xp wouldnt work and 2003 does (but as the 2003 is connecting it seems the router has been setup correctly)... are you sure you unticked the "default gateway" option as this would stop the internet working on the client machine -

    [​IMG]

    What error code are you getting on the XP client?
     
  11. nitin

    nitin New Member

    Joined:
    2 Jun 2006
    Posts:
    4
    Likes Received:
    0
    I made 2 VPN servers, 1st on 2003 server and 2nd on XP Professional

    In the 2003 VPN server, I can able to remotely connect the client machine to this VPN server but unable to access the internet from the client machine

    In XP Professional VPN server, I am not able to connect the client machine to this VPN server.

    While connecting the XP professional VPN server, I am getting the following error code in the client machine
    "error code 800: Unable to establish the VPN connection. The VPN server may be unreachable or security parameters may not be configured properly for this connection."

    My need is I have to remotely connect a client machine to a VPN server and then browse the internet from that VPN connection which I am not been able to do so far.
     
  12. N4N01D

    N4N01D New Member

    Joined:
    29 Apr 2004
    Posts:
    467
    Likes Received:
    0
    In the case of the 2003 server, being able to connect and use the machine, but not being able to browse the net is a strange one as you are connected to the server via the internet. Possibly there is some security policy on your network that is stopping/causing this problem.
     
  13. nitin

    nitin New Member

    Joined:
    2 Jun 2006
    Posts:
    4
    Likes Received:
    0
  14. njellis

    njellis New Member

    Joined:
    25 Sep 2006
    Posts:
    1
    Likes Received:
    0
    **Bang Head Here - It Don't Work**

    Good Evening,
    I have been trying to get this to work off and on for ... years without much success. Perhaps someone here can tell me what knuckle-head mistake I'm making.

    I'll start by describing what I hope to achieve.

    I would like to connect Via the internet, AS-IF I Were on the LAN (Duh - that's the purpose of VPN). I would like to be able to ping other PC's on the network, access network share files, and all that other stuff - typically done on a LAN (play games, etc). BUT.... I've yet to get a simple ping to work - so experimenting with other stuff, seems a waste of time. :confused:

    My Network Setup:
    Cable Modem Connects to Router. Router connects several PC's together. The PC's are set w/ Static IP address (I have several other servers setup w/ Port Forwarding yada yada). The Network works beautifully. No problems.
    For purposes of VPN (at least initial testing) I've disabled all firewalls. I have the DMZ set to the VPN server.

    Initial Setup (That didn't work)
    Router = 192.168.1.1 (static)
    PC1 (VPN Server) = 192.168.1.200 (static)
    PC2 (On Network) = 192.168.1.250 (static)

    VPN Connection set to: Assign IP address (Range) 192.168.1.180 - 192.168.1.180

    Second Setup (That also didn't work - I tried adding a 2nd NIC to PC1)
    Initial Setup (That didn't work)
    Router = 192.168.1.1 (static)
    PC1 (VPN Server) NIC1 = 192.168.1.200 (static)
    PC1 (VPN Server) NIC2 = 192.168.1.10 (static)
    PC2 (On Network) = 192.168.1.250 (static)

    VPN Connection set to: Assign IP address (Range) 192.168.1.180 - 192.168.1.180

    --------------

    I have followed the instructions (they're rather self-explanatory, but since I Couldn't get it to work - I decided to see what others did... and pretty much the same, except I think my network is setup differently...) I've read that some things may not work with a single NIC - so I added a second with the same results.

    The results I get are: I can connect just fine through the internet to the VPN server. It gets an IP address (192.168.1.181) just as it should. It can ping ONLY the "gateway" (I guess) 192.168.1.180. So its obviously communicating with the VPN Server.
    The trouble is: It WONT ping 192.168.1.250 (the other computer on the network). (Side note: These computers can ping each other fine Via the LAN, and again all firewalls are disabled).
    It will not pull up any shares by \\pc-name or \\ip-address.

    So it appears it's really not doing anything over the network.
    Do I need to enable ICS? And if I did.... wouldn't that basically create it's own subnet/network? That wouldn't make much sense...

    P.S. there are no IP Conflicts...


    In the perfect world: I would like it to connect Via VPN, and then the ROUTER assign the computer connecting via VPN the IP address... Just like one would on the lan... but I'll settle for it just working period.

    Thank you for your help and taking the time to read the post. It's long, but I wanted to be thorough.
     
  15. cogitoergosum

    cogitoergosum New Member

    Joined:
    14 Jul 2004
    Posts:
    437
    Likes Received:
    1
    I hate to bump a dead sticky, but my back is against the wall.

    Here at my place of business, I have been thrust into the role of head nerd. While I am quite good at hardware, software, modding, and some basic networking, some of the more advanced things are beyond me for now.

    We currently have a "reverse vpn" (as it was described to me) set up. It allows users to connect from one subnet of the lan to another that is not behind a proxy. It has been working nicely, until this last week. Ufortunately, the previous nerd did some damage on leaving and I have no admin priveleges to the box to simply copy his process. There isnt an admin account anymore.

    I've attempted several times to setup a VPN and been able to successfully connect to them, but not get them to route the traffic from one nic (the local one) to the other (the internet side).

    I'm working with Windows Sever 2k3 here, but I am willing to attempt pptpd on Linux again(twas a disaster last time) if someone has some insight.

    Much obliged for any help
     
  16. hickoryboyz

    hickoryboyz New Member

    Joined:
    3 Nov 2006
    Posts:
    1
    Likes Received:
    0
    VPN Setup

    What a wonderful VPN setup guide, just magnificent. I have a question. Here's my list of hardware, can I setup a VPN for the office?

    small retail/design studio, 2 employees and an owner.
    3 XP machines, soon vista.
    Verizon Business DSL.
    Netgear FVS318 VPN Firewall.
    DSL and cable connections at the homes of the employees.

    We need to simply be able to access files/shares from home on 2 of the XP machines (the owner's machine won't have anything useful).
     
  17. rush

    rush New Member

    Joined:
    21 Aug 2007
    Posts:
    1
    Likes Received:
    0
    New to VPN

    hi,

    i am a bit confused by this. first of all, say i set up a VPN server at home using the commands given. if i want to access the server, what should i VPN server selection in the VPN client? in ur example you have put www.bit-tech.net but what should i put?

    if i have to put the external ip address given by my ISP for my server, how do i deal when it changes. everytime the connection gets interupted for whatever reason, i get a new isp ip address. is there a way around this?

    any other tips for newbies will be good too

    thnx
     
  18. DougEdey

    DougEdey I pwn all your storage

    Joined:
    5 Jul 2005
    Posts:
    13,933
    Likes Received:
    33
  19. dwnocturnal

    dwnocturnal New Member

    Joined:
    24 Jan 2008
    Posts:
    1
    Likes Received:
    0
    Issues

    This post may or may not matter/reach anyone, but just giving you guys a heads up. For everything to work with this as default settings, outta the box config, you should only have to open TCP/UDP 1723 (and probably not even the UDP). The other 3 ports listed are not for you normal windows vpn connections. 1701 is a port for L2TP, which another tunneling protocol you can use, but again is not out of the box config. 135 is a DCOM port which opens you up to a lot of security risks, even if you have antivirus/firewall capabilities (note - you don't have firewall protection if you are putting in an exception for 135). 135 is what a lot of viruses/hackers scan to see what lil-nasties they can use to infiltrate that port. 500 is a udp port for IPSEC, which is a negotiation protocol for establishing vpns, which would take a lot more configuration then the basic microsoft settings. I would recommend only opening the 1723 port first to see if you can establish a connection. If you have trouble, feel free to open ports 500 or 1701, but remember there is going to be more configuration needed and possible some third party software. As for port 135, unless you have no other choice, I would recommend that you leave this port closed. If you are unable to get a connection working without opening this port, then consider this: is what you need to open the port for worth the risk of you having to rebuild your machine because you got some bad virus? Just something to think on.

    Hell of a first post I guess.....

    Thanks

    DwN:dremel:
     
  20. webmaster_2x

    webmaster_2x New Member

    Joined:
    21 Feb 2008
    Posts:
    1
    Likes Received:
    0
    VPN Internet Connection

    usefull howto article, thanks!

    i've got a question and reading through posts i found no answer:

    there are some VPNs around through which client can connect to server's internet, or, client connects to internet through VPN connection to server,

    this is perticularly good for those behind internet filtering.


    as i have a computer abroad to which i have remote desktop access. can i setup such VPN on it?

    this PC is a win 2003 server.
    clients are mostly win 2003 servers and some XPs


    regards
     
Tags:

Share This Page