Today, private virtual networks, referred to as VPNs, which stands for Virtual Private Network , will not surprise anyone. However, not every user of the same "seven" knows how this all works. Let's see what a VPN server on Windows 7 is, how to install and configure it using your own tools and third-party programs.
What is a VPN?
Let's start with the basics. Creating a VPN server cannot do without understanding what it really is. Apparently, not every user is faced with a similar problem and is fully aware of what this thing is.
A virtual server is exactly the tool that allows you to create independent private networks based on your Internet connection, as if several computer terminals, laptops, or even mobile devices were interconnected via cables. But only in this case we are talking about virtual cables.
What is a VPN server for?
The advantages of this technology seem to many to be a step backward in terms of the security of connecting and transmitting data, but a virtual network is often much more protected than a regular LAN.
In addition, when using a VPN connection, the user is able to exchange data between individual terminals that are scattered around the world. Yes Yes! The technology for connecting a VPN server is such that computers or mobile devices can be combined into a virtual network, regardless of their geographical location.
Well, for gamers this is generally a godsend. Imagine that after creating a VPN server, you can easily go through some kind of team “walk-in” like Counter Strike in a team with players, for example, from Brazil. But in order to make this possible, theoretical knowledge about the Virtual Private Network will be required . Now we will understand what constitutes the creation and configuration of a Windows 7 VPN server , in more detail.
At the same time, it is worth paying attention to several mandatory conditions, without which the whole process of creating a virtual server will simply not make sense.
Windows 7 VPN Server: What Should I Look For?
First of all, every user who creates a virtual server on the home terminal should be clearly aware that there are some connection restrictions in Windows 7. The fact is that only one user can connect to the created server in one communication session. And it is impossible to get around this obstacle by the system’s own means.
In principle, as an option, you can use the installation of a special (but unofficial) patch that will help fix the problem. On the other hand, if you approach the issue of creating a normal functional VPN server from the point of view of Windows licensing, then it is better to use the "seven" of the server version (Windows Server). Few people know, but for Windows 7 there is such a version too.
Creating a VPN server using Windows: router settings
Now, after describing all the initial concepts and questions, you can start creating the server directly. As an example, consider the initial setup that Zyxel Keenetic devices require. The VPN server in the case of using such devices is quite different in its settings (especially in the case without the pre-installed NDMS firmware).
The catch here is that the PPTE protocol, which is the main protocol for all systems, in this case is presented in a modified form of MPTE, which makes it impossible for several users to simultaneously access the server. Firmware circumvents this problem. After its installation, access is guaranteed at the level of a dozen simultaneously connected users.
After installing the program, a component of the VPN server should appear in the application center section where you will need to configure the "Keenetic Internet Center", which will then be responsible for access and the pool of IP addresses that are currently provided to clients using the PPTE protocol.
What is most interesting, at the same time, the intersection of addresses with a 24-bit mask is permissible. That is, when setting the range, for example, 192.168.0.10 - 192.168.0.20, the address of the VPN server when the client machine is connected once for the Home parameter can be 192.168.0.51.
But that is not all. The VPN server on the router (in our case, Zyxel) implies access exclusively through the Keenetic account. To activate this access, you need to allow the user access to the VPN. This is done by clicking on the "account" with the subsequent installation of a checkmark in the appropriate field.
Another advantage of this connection is that one login and password can be used for several client records, which will be used to access the Keenetic VPN server. Let us pay attention to one more feature of such a connection. It consists in the fact that the VPN server created on the basis of Zyxel is able to access not only internal local, but also external networks. In this way, you can remotely access any client machine connected through a Keenetic account.
First steps
Now the question of how to configure the VPN server on the router, leave aside and go directly to the "OS".
First you need to use the section of the network and sharing control center located in the standard "Control Panel". In the top menu, select the “File” section (if one does not appear, press the Alt key), and then click on the line of the new incoming connection.
After that, you need to use the addition of a new user, which by default will be given the name Vpnuser. Next, fill in all the necessary fields (the full name can be left blank, since this does not affect the connection), and then enter the password and confirmation (there should be a complete match). If you still need to add users, repeat the above procedure.
Now in a new window you need to specify the type of access via the Internet, after which you can proceed to one of the most important steps, namely, to configure the TCP / IP protocol, as a VPN server on Windows simply will not work without such correctly specified parameters.
IPv4 Configuration
In principle, in most cases this version of the protocol is used, since IPv6 is not supported by all providers. If there is still support, the configuration of versions 4 and 6 will not differ much.
So, in the properties of the protocol, you should first use the access permission item for callers to the local network, and then select the IP address explicitly and specify the required range. This is done so that in the future it was possible to connect several users simultaneously. At the end of the procedure, just click the "OK" button. Everything - the server is created. But this is not the end of the matter. You also need to configure the VPN server on the client terminals so that they can access.
Configure client machines
Now, on the computer terminal from which you intend to connect to the virtual server, in the “Control Panel” you need to use the settings of the network and sharing control center, where a new connection is selected, after which activation the “Wizard” starts. Next, select the type of connection to the workplace, and then use the existing connection to the VPN.
Now the most important point is the address of the VPN server. In this case, you can use the address viewed on the server itself, or enter the domain name. In order not to waste time on setting up, you can skip the offer of an immediate connection.
Now it remains to enter the username and password that were specified when creating the VPN server, and optionally - specify the storage of data for subsequent login. This completes the procedure. If the server is in an active state, you can connect to a virtual network.
Firewall Settings
But even if everything is done correctly, sometimes some problems may arise. Often, such a connection can be blocked, oddly enough it sounds, by Windows own means, more precisely, by the built-in firewall (firewall) related to the security system.
To avoid problems, you need to find connection icons in the same network control center. For the client it is RAS, for the server it is VPN. It remains only to click on the parameter on both terminals to indicate the type of access in the form of a home network. That's all.
Port forwarding
Ports are more complicated. The problem mainly relates to ADSL modems, which are simply not able to open the required VPN ports. You need to configure these settings manually.
Here again, you will have to turn to the router settings. As a rule, instructions for a VPN connection are in the documentation for the device itself. It is worth noting here that Windows systems use TCP with a value of 1723. If you can disable GRE blocking, it is advisable to use it.
Error 807
Naturally, now you can rebuild the parameters of the created VPN server, however, as it is believed, the real scourge of absolutely all users who are faced with the creation of this type of connection for the first time is the occurrence of error number 807.
To get rid of it, you should first make sure that the IP address fields on the client machine and the port settings directly on the server are filled out correctly.
In addition, the remote access service must be active. You can check its status using the services.msc command entered in the Run menu (Win + R), followed by the selection of the routing and remote access section. The operating status and automatic access type must be indicated here.
In extreme cases, if there are problems, you can try to connect even to yourself. To do this, simply create a new client connection, where 127.0.0.1 is specified as the IP.
If this does not help, you can turn to the help of some Internet resources like portscan.ru, which are able to track an active external connection (the value 1723 is entered in the connection field, after which the start of the scan is used). But, if everything is done correctly, a positive result will not be long in coming. Otherwise, you will have to check the settings of the router and virtual server.
Third party programs
Of course, for most users who are far from such settings, all this may seem, so to speak, too homegrown. It’s much easier to set up a VPN server using special automated programs.
Consider one of the most popular. It is called SecurityKISS. Installing it is simple. Next, you need to launch the application, after which the user will be prompted to make the minimum initial settings and enter some necessary data. You will need to specify your own IP. You can recognize it through the ipconfig command, and with several terminals on the network, ipconfig / all.
The main recommendation for this SecurityKISS client is to select the one that is geographically located closest to the terminal from which you plan to connect from the proposed list of servers. Note, in this case we are not talking about creating a server - it will be possible to connect to existing servers. And this saves the user from the work of all those procedures that were described above.
Connection is made to the already created server, and by and large, absolutely no matter where in the world it is located. With good high speed communications, even geolocation does not play a significant role.
What is the result?
In principle, this is where the question of creating a VPN server can be. However, many users of computer systems should pay attention to some minor inconsistencies. The fact is that, depending on the installed version of the same "seven", the names of some fields or lines to be filled may differ in the names. In addition, some “cracked” modifications of Windows 7 may have rather limited capabilities, because certain functions were disabled in them to save disk space or increase performance. This is exactly the case with network connection controls at the global level. Even access rights at the super administrator level will not save. Moreover - in the settings of local group policies or in the system registry, which by and large duplicates them, nothing really can be configured.
Returning to the question of creating a VPN server, it remains to add that this technology, oddly enough, in most cases remains unclaimed, unless it is useful to gamers who want to play with an opponent who is very far from him. This is probably not useful for system administrators either, since the connection itself, although it uses a 128-bit encryption system, is still not immune to data loss or unauthorized access to a virtual network. So to create a VPN server or not is a personal matter.
However, for Windows systems, the settings are quite complicated, especially from the point of view of an unprepared user. For the simplest connection, it is better to use VPN clients, which you can download for free and configure in automatic mode. Yes, and there are far fewer problems with them than with a change in the system configuration, which is fraught with a global “rally” when committing the wrong actions.
Nevertheless, information on this issue should be perceived by each user, because knowledge of how to connect to such networks can ultimately protect their terminals from threats. Sometimes with an active Internet connection, the user may not even suspect that his machine is connected to the network, and he himself is not able to determine the level of risk and security.