Getting your Windows 10 VPN working is going to be a three step process
that you can attack in any order. The three pieces of the puzzle are your
router, server and client; all require a bit of work to get everything working.
We are going to tackle the router configuration piece first because if your
network hardware is old or cheap you may not be able to get a VPN working. What is cool is you would perform this exact same process to forward
port 22 to a SSH server which is described in detail in my SSH book chapter
PDF. (See:
http://thatcybersecurityguy.ipage.com/index.php?option=com_sppagebuilder&view=page&id=20)
In
my book, I stress the importance of having a hardware firewall between your
network and the Internet. I hope that you have purchased an advanced router to
place between your computers and your cable modem. For this example, I am using
a NETGEAR R6300 router, which is the first device that we will configure to
setup our VPN. Log in to your router and
upgrade the firmware, if it needs it. To
do so in the NETGEAR R6300 log in as ‘admin’, click on the Advanced tab at the top >
expand the Administration menu on the left > click on Router
Update > click on the Check button upper left and hopefully you
will see the message No new firmware version available. If it does update, it may take a while for the
router to reboot so be patient as you will eventually be prompted to log in
again.
If you are planning to run your own VPN you will need to get the IP
Address of your computer selected to be your VPN server. Most routers will
reveal the MAC and IP Address that you will need by just showing the Attached
Devices. While in the Advanced
tab under Administration click on Attached Devices and write down
the IP Address, Device Name and MAC Address of the Windows
10 Pro computer you are planning to use as your VPN server. If
you can’t display attached devices, open a command prompt by clicking on Start > Run
> type CMD , or Start > All Programs > Accessories
> select Command Prompt > at the prompt type C:\...\ipconfig and make
note of your Windows 10 Pro VPN server's IP and MAC address.
Now we need to assure that your VPN server behind you hardware firewall
is assigned the same local network IP address every time. We will do this the
easy way by setting up an Address Reservation. We could also do this by setting
up a static IP address but a Address Reservation is easier and more convenient.
The DHCP feature called address reservation, you can have the best of both
worlds: You get automatic assignment and management of IP addresses without
giving up the ability to assign specific addresses set aside for the exclusive
use of specific devices. (See:
http://www.smallbusinesscomputing.com/webmaster/article.php/3799551/Networking-With-Address-Reservations.htm)
Click on the Advanced
tab at the top > on the left panel click on Setup, LAN Setup
> below Address Reservation click on the Add button > under
Address Reservation Table tick your VPN server's entry, which will fill
in the IP Address, MAC Address and Device name fields >
click on the +Add button at the top > This will bring you back to the
Lan Setup screen, which will show the Address Reservation for your
VPN server.
Now that we have hit the “that was easy” button we now need to tell the
router to forward VPN connection requests to our Windows 10 Pro server. We do
this by using port forwarding, also referred to as port mapping. Port forward is
simply a method of forwarding a network port from one network node to another.
This will allow external user to reach a port on a private IP address (your VPN
server inside a your LAN) from the outside your NAT-enabled router. Therefore,
we are going to open up and forward your routers VPN port and protocol to your
VPN server.
Click on Advanced Setup
arrow down to select Port Forwarding / Port Triggering > tick Port
Forwarding and under Service Name select VPN-PPTP > under Server
IP Address enter the IP Reservation Address that we just made above, click
on +Add. This will configure port 1723 to be forwarded to
your VPN server.
Your router is now setup to forward incoming VPN connections to your
Window 10 Pro VPN server which we will setup next.
No comments:
Post a Comment
Please leave a comment so I can improve my writing and content!