1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
A Virtual Private Network (VPN) is a network that piggybacks on the internet to connect a remote PC -- you with your laptop beside the pool in Shanghai -- to a central network elsewhere, for example, your employer's secure network back home. Think of VPNs as tunnels; secure tunnels that you data can travel through on its way to its destination.
The idea behind a VPN is that you should always be able to connect securely to your own network. With a VPN connection everything seems as though you are simply connected directly to your own network, regardless of where in the world you might actually be.
Running over a wifi network, a well-secured VPN session looks like a standard https connection to someone watching the packets as they come and go over the wifi network. That means it will defeat most surveillance, interception, and data theft.
Sounds good, right? Here's our guide to setting up your own VPN for secure connections wherever you go.
== The Network ==
There are two parts to running a VPN -- the network and the client which connects to it. The first thing you'll need to do to run a VPN is set up the actual VPN server. There are third-party VPN servers available, but as of Windows 7, Microsoft ships all the tools you need right in the operating system.
To start up a VPN server in Windows 7, first open up the control panel. Click on Network and Internet and select the Network Connections option. That will bring up a new window with no toolbar. For reasons that escape everyone but Microsoft's Win7 developers, you must hold down the Alt key to see the toolbar. So, with the alt key held down, click on the file menu and choose "New Incoming Connection."
That will launch a wizard which walks you through setting up your VPN server. The first screen asks you to pick a user, in most cases you'll want to choose your Windows 7 username from the list. The next step is to select the option to allow connections through the internet. Then you'll need to decide which sort of connections to allow. At a minimum you need to select the TCP/IPv4 option. Other choices include IPv6, as well as File and Print Sharing, which will allow for remote printing should you need it.
The last screen asks you to allow network access and how to assign IP address. The latter option is best left to "Assign IP addresses automatically using DHCP," unless you really know what you're doing.
Once you're finished with the wizard, Windows 7 will show you the computer name that you'll be connecting to.
===Potential Problems ===
If your PC is behind a firewall there are a couple of extra steps you'll need to take to make sure that your connection can get through. Since router admin screens vary considerably we can't give you step by step instructions, but what you want to do is open up the VPN port (port 1723) in the firewall. You'll also want to forward that port to the local IP address of your Windows 7 VPN server.
== Connecting to the network ==
Now that you have a VPN server running on your home machine you just need to set up your laptop to connect to it. To do that, open up the Network and Sharing option in the Control Panel and choose "Set up a new connection or network." That will bring up another wizard that walks you through the step necessary to connect to the VPN on the other machine.
The first step is to choose to connect using "my Internet connection (VPN)". Now type in the IP address of the computer you're trying to connect to (don't know? Hit up [http://www.whatsmyip.org/ What's My IP]). Then give the connection a name -- something like MyAwesomeVPN. We suggest leaving the user login info blank and typing it in each time you need to connect for increased security.
Now to actually connect, click the network icon at the bottom right corner of the system tray and pick the connection we just created from the list. Click connect and you're away.
===Potential Problems ===
The biggest problem for most users will be the potentially changing IP address of the home machine. If your IP address is static then there's nothing to worry about. If you don't know whether you have a static or dynamic IP then chances are you have a dynamic IP address. That means your ISP assigns your connection an IP address and that address may change it at any time. If is does change then that happens your remote machine will be trying to connect to an IP that isn't you (or just doesn't exist).
To get around this problem you can use solutions like [FreeDNS http://freedns.afraid.org/], which assigns a permanent domain name to your dynamic IP address. In that scenario you would go back to the previous step and instead of looking up your IP address, just enter your new domain name from FreeDNS. FreeDNS then handles forwarding the connection on to the actual IP of your PC at home.
== Conclusion ==
Setting up a VPN isn't the simplest thing in the world, but once you have it up and running the peace of mind that comes from knowing you have a secure connection wherever you go will be well worth the effort.
|