How to set up a vpn connection on windows. An easy way to set up VPN on computer and mobile devices. Using Android's native VPN connectivity

Read, how to set up a VPN server on your PC, using special hardware or standard Windows methods. VPN (English Virtual Private Network) is a collective name for a technology that provides the possibility of one or more network connections (logical networks) over another network (as an option - the Internet).

Content:


VPNs are very useful, no matter where you use them: whether you are traveling the world, working in an office, or connected to a public Wi-Fi hotspot at a coffee shop in your hometown. Only you don't have to use paid service VPN - You can host your own VPN server at home.

An important criterion when creating a VPN is the download speed of your home Internet connection. If your bandwidth is very low, then you're better off just using a paid VPN service. Internet service providers typically offer much less bandwidth than is required to create a virtual network. However, if your internet connection is capable enough, setting up a VPN server at home may be very relevant to you.

What is a VPN for?

A home VPN gives you an encrypted tunnel — a connection that allows you to use open public Wi-Fi networks to create a connection to the VPN you want to connect to. You can use VPN from any device on different operating systems: Android, iOS, ChromeOS, Windows, Linux or macOS; you can access various services of a specific country, even when outside of it. A VPN will provide secure access to your home network from anywhere. You can even share the network with your family, friends, or colleagues by allowing them to use servers hosted on your home network. For example, it will allow you to exchange data, share photo and video files, documents, projects, be able to constantly communicate and be in touch. Also you can play computer games for local network - although there are simpler ways to set up a temporary network for playing with friends.

A VPN is also useful for connecting to various services while traveling. For example, you can use Netflix or other services to stream video while traveling, or use any library or catalog of movies and recordings.

Method 1: Using a Router with VPN Capabilities


Instead of trying to set up a VPN yourself, you can buy a ready-made, pre-configured VPN solution right away. High-performance home routers (routers) are often sold with built-in VPN servers - just find a wireless router that has a VPN server in it. Often these are routers in the middle and high price ranges. Then you can use your router's web interface to activate and configure the VPN server. Be sure to check and select a router that supports the type of VPN you want to use.

Method 2. Use a router that supports DD-WRT or other third-party firmware

Custom router firmware is basically a new operating system that you can use on your router to replace your existing standard router operating system. DD-WRT is the most popular firmware, but other operating systems such as OpenWrt also work well.

If you have a router that supports DD-WRT, OpenWrt, or any other third party operating system, then you can run it with this firmware to get more features. DD-WRT and other similar firmware include built-in VPN server support. Therefore, you can host a VPN server even on routers that do not come with software to create and manage a VPN server.

Be sure to choose a router with built-in support for third-party operating systems. Install the custom router firmware and enable the VPN server.

Method 3. Create your own dedicated VPN server


You can also just use the software to set up a VPN server on one of your computers.

The Apple Server app (just like Windows) offers a built-in way to host a VPN server. However, these are not the most powerful or safest options. And they might be too demanding to set up a VPN server and get it working properly.

You can also install a third party VPN server like OpenVPN. VPN servers are available for every operating system, from Windows to Mac and Linux. You just need to forward the appropriate ports from your router to the computer that is running the server software.

There is also the option of converting your own dedicated device into a VPN server. You can take a Raspberry Pi single board computer (raspberry) and install the OpenVPN server software, turning it into a lightweight, low-power VPN server. You can even install other server software on it and use it as a multipurpose server.

Where else can you host your own VPN server?


There is another option that sits in the middle between hosting a VPN server on your own hardware and paying for a VPN provider, which provides you with a VPN service and a handy app.

You can host your own VPN server on a web host. In fact, it will save you a little more money than using a dedicated VPN provider. You will pay a hosting provider for server hosting and then set up a VPN server at the location they provided you with.

Depending on the capabilities and cost of the hosting provider's packages, this can be a quick way to connect when you add a VPN server and get a control panel to it. Or you may have to tackle the manual server setup entirely from the beginning.

When setting up a VPN at home, you probably want to set up dynamic DNS on your router. Dynamic DNS always keeps track of your IP address changes and associates it with the current one on this moment, The IP address of your computer. This will give you an easy way to always access your VPN, even if the IP address of your home internet connection has changed.

However, it is very important not to forget to set up a secure VPN server. You need a reliable, secure network so that no one can connect to it without permission. This can be a password protection option (but it is advisable to change it regularly). Or, another option, as OpenVPN suggests, is to use a pre-installed key, one of the easiest ways to securely authenticate.

A VPN service improves the privacy of users on the Internet by improving the security of connections, which is especially important for insecure public networks. In addition, a VPN makes it difficult for online trackers to track user activity and allows them to visit sites with regional restrictions.

Requirements: Opera 40 or higher web browser. Make sure you disable other proxy services before using VPN in Opera.

  • In the browser, press the Alt + P keyboard shortcut or go to Opera menu> Settings.
  • Choose a section Extras> Security Enable VPN.

The option "Bypass VPN on search engines by default" will be enabled by default. You can turn it off if you want to use VPN also in Google, Yandex, etc. search engines.

  • VPN.

How to set up a VPN connection for Opera on MacOS

  • In your browser, press Command +, or go to Opera menu> Settings.
  • Choose a section Extras> Security and in the VPN section make the switch active Enable VPN.
  • The button should appear in the address bar of the browser VPN.
  • Click on the icon to select a server location or view the amount of data used. When the VPN is active, the button will be blue.

Choosing a VPN server location

Opera 55 supports locations divided into regions: Europe, Asia and the United States. You can use Optimal Location mode to select the optimal server for performance.

Found a typo? Highlight and press Ctrl + Enter

Every year, electronic communications are improving, and increasingly higher requirements for speed, security and quality of data processing are imposed on information exchange.

And here we will take a closer look at a vpn connection: what it is, what a vpn tunnel is for, and how to use a vpn connection.

This material is a kind of introductory word to a series of articles where we will tell you how to create a vpn on various operating systems.

vpn connection what is it?

So, a virtual private network vpn is a technology that provides a secure (closed from external access) connection of a logical network over a private or public one in the presence of high-speed Internet.

Such a network connection of computers (geographically distant from each other at a considerable distance) uses a point-to-point connection (in other words, “computer-to-computer”).

Scientifically, this type of connection is called vpn tunnel (or tunnel protocol). You can connect to such a tunnel if you have a computer with any operating system in which a VPN client is integrated, capable of forwarding virtual ports using the TCP / IP protocol to another network.

What is vpn for?

The main advantage of vpn is that negotiating parties need a connectivity platform that not only scales quickly, but also (primarily) ensures data confidentiality, data integrity, and authentication.

The diagram clearly shows the use of vpn networks.

Previously, the server and router must have rules for connections over a secure channel.

How vpn works

When connecting via vpn, the message header contains information about the ip-address of the VPN server and the remote route.

Encapsulated data traveling over a public or public network cannot be intercepted because all information is encrypted.

The VPN encryption stage is implemented on the sender's side, and the data is decrypted at the receiver by the message header (if there is a common encryption key).

After correct decryption of the message, a VPN connection is established between the two networks, which also allows working in a public network (for example, exchanging data with the 93.88.190.5 client).

As for information security, the Internet is an extremely insecure network, and a VPN network with OpenVPN, L2TP / IPSec, PPTP, PPPoE protocols is a completely secure and secure way of transferring data.

What is a vpn channel for?

vpn tunneling is used:

Inside the corporate network;

For combining remote offices, as well as small branches;

To service digital telephony with a wide range of telecommunication services;

To access external IT resources;

For the construction and implementation of video conferencing.

Why do you need vpn?

vpn connection is required for:

Anonymous work on the Internet;

Downloading applications, in the case when the ip address is located in another regional zone of the country;

Safe work in a corporate environment using communications;

Simplicity and convenience of connection settings;

Providing high speed connection without interruptions;

Creation of a secure channel without hacker attacks.

How to use vpn?

There are endless examples of how vpn works. So, on any computer in the corporate network, when establishing a secure vpn connection, you can use mail to check messages, publish materials from anywhere in the country or download files from torrent networks.

Vpn: what is it in a phone?

Access via vpn on your phone (iPhone or any other android device) allows you to remain anonymous when using the Internet in public places, as well as prevent traffic interception and device hacking.

A VPN client installed on any OS allows you to bypass many of the provider's settings and rules (if the provider has set any restrictions).

Which vpn to choose for the phone?

Android mobile phones and smartphones can use applications from Google Playmarket:

  • - vpnRoot, droidVPN,
  • - tor browser for surfing networks, aka orbot
  • - InBrowser, orfox (firefox + tor),
  • - SuperVPN Free VPN Client
  • - OpenVPN Connect
  • - TunnelBear VPN
  • - Hideman VPN

Most of these programs serve for the convenience of "hot" system configuration, placement of launch shortcuts, anonymous Internet surfing, and the choice of the type of connection encryption.

But the main tasks of using a VPN on the phone are checking corporate email, creating video conferencing with several participants, and holding meetings outside the organization (for example, when an employee is on a business trip).

What is vpn in iPhone?

Let's consider which VPN to choose and how to connect it to an iPhone in more detail.

Depending on the type of network supported, when you first start the VPN configuration in the iphone, you can select the following protocols: L2TP, PPTP and Cisco IPSec (in addition, you can "make" a vpn connection using third-party applications).

All of these protocols support encryption keys, password authentication and certification.

Among additional functions when setting up a VPN profile in an iPhone, you can note: RSA security, encryption level and authorization rules for connecting to the server.

For an iphone phone from the appstore, you should choose:

  • is a free Tunnelbear app that lets you connect to VPN servers in any country.
  • - OpenVPN connect is one of the best VPN clients out there. Here, to run the application, you must first import the rsa keys via itunes into your phone.
  • - Cloak is a shareware application, because for some time the product can be “used” for free, but to use the program after the demo period expires, you will have to buy it.

VPN Creation: Selecting and Configuring Equipment

For corporate communications in large organizations or associations of offices remote from each other, hardware equipment is used that can support uninterrupted, secure network operation.

To implement vpn technologies, the following can act as a network gateway: Unix servers, Windows servers, a network router and a network gateway on which the VPN is installed.

A server or device used to create an enterprise vpn network or a vpn channel between remote offices must perform complex technical tasks and provide a full range of services to users both on workstations and on mobile devices.

Any router or vpn router should provide reliable network operation without freezing. And the built-in vpn function allows you to change the network configuration for work at home, in an organization or a remote office.

Configuring vpn on a router

In general, the VPN configuration on the router is carried out using the router's web interface. On "classic" devices for organizing vpn, you need to go to the "settings" or "network settings" section, where you select the VPN section, specify the type of protocol, enter the settings for your subnet address, mask and specify the range of ip-addresses for users.

In addition, to secure the connection, you will need to specify encryption algorithms, authentication methods, generate negotiation keys, and specify DNS WINS servers. In the "Gateway" parameters, you need to specify the gateway ip-address (your ip) and fill in the data on all network adapters.

If there are several routers in the network, it is necessary to fill in the vpn routing table for all devices in the VPN tunnel.

Here is a list of the hardware used to build VPN networks:

Dlink routers: DIR-320, DIR-620, DSR-1000 with new firmware or D-Link DI808HV router.

Cisco PIX 501, Cisco 871-SEC-K9 Routers

Linksys Rv082 router with 50 VPN tunnels support

Netgear DG834G router and FVS318G, FVS318N, FVS336G, SRX5308 routers

Mikrotik router with OpenVPN function. RouterBoard RB / 2011L-IN Mikrotik example

Vpn equipment RVPN S-Terra or VPN Gate

ASUS Routers RT-N66U, RT-N16 and RT N-10

ZyXel routers ZyWALL 5, ZyWALL P1, ZyWALL USG

More and more cafes, hotels and other public places are acquiring their own Wi-Fi networks. But by using unsecured traffic, device owners compromise the security of their own data. Therefore, the relevance of private networks is also increasing. To be on the safe side, you can create a VPN connection. About what it is and how to set it up correctly in Windows system 7, read our article.

What is a VPN connection and why you need it

This technology means a secure network built on top of an unsecured network. The VPN client, using a public network, connects to the VPN server through special protocols. The server accepts the request, verifies the identity of the client, and then transmits the data. This is provided by means of cryptography.

VPN capabilities allow you to use it for the following purposes:

  1. Hide your real IP and become anonymous.
  2. Download a file from a network that restricts access to the IP addresses of the user's country (if you use the IP address of a country that has access to this network.
  3. Encryption of transmitted data.

How do I set up a connection?

  1. Through "Start" open "Control Panel", then start "Network and Sharing Center".

    Select the "Network and Sharing Center" area

  2. Follow the link "Setting up a new connection or network".

    To create a new connection or network, you need to click on the corresponding line in the list

  3. Click "Connect to workplace".

    Select "Connect to the workplace"

  4. Select "Use my Internet Connection (VPN)".

    Select "Use my Internet Connection (VPN)"

  5. In the "Internet address" field, enter the address of your VPN server.
  6. To find it out, you need to run the Run tool (Win + R) and enter cmd.

    You need to enter cmd in the line and press "Enter"

  7. Then write the ipconfig command, run it and find the line "Default gateway", which contains the required address.

    You need the address that is in the line "Default gateway"

  8. Now you need to insert the address and tick the box "Do not connect now ..." and click "Next".

    Enter the received address in the field, put a tick in front of the item "Do not connect now ..."

  9. Enter the login and password provided by the provider and click "Create".

    Enter username and password

  10. Close a window.
  11. Open Network and Sharing Center again and click Change adapter settings.
  12. The VPN connection icon appeared here. To make a connection, you need to right-click on the icon and click "Connect". To disable - also right-click on the icon and click "Disable".

    There is a VPN connection icon here, through which you can connect or disconnect

  13. In the window that opens, you need to enter your username and password and connect.

    Enter your username and password (if necessary) and click "Connect"

Video: Create and Configure a VPN

Possible errors and solutions to problems

400 Bad Request

  1. Disable a firewall or other program that affects security and network activity.
  2. Update the version of the browser you are using or use a different one.
  3. Delete everything that the browser writes to disk: settings, certificates, saved files, etc.

611, 612

  1. Restart your computer and check if the local network is working. If this does not solve the problem, then call the technical assistance service.
  2. Close some programs to improve system performance.

629

Check firewall settings. As a last resort, you can disable it, but this is undesirable, as the level of security will decrease.

630

Reinstall the network adapter driver.

650

  1. Check if "Local Area Connection" is working.
  2. There is a problem with the network card or network cable.

738

  1. Perhaps the username and password were stolen by hackers.
  2. The session "hung up". After a few minutes, try to connect again.

752

  1. The local firewall is incorrectly configured.
  2. Access attributes changed (international phone number instead of VPN server address).

789

Open the VPN connection settings, go to the "Network" tab and select "Automatic" or "Point-to-Point Tunneling Protocol (PPTP)" from the available VPN types. Then reconnect.

800

The cable, router or router may be damaged. If they are ok, then you need to check the following:

  1. LAN connection properties. Perhaps they got lost or were removed. You need to open the properties of the VPN connection, select "Internet Protocol Version 4 (TCP / IPv4)" and open its properties. Then check the correctness of the parameters: IP address, subnet mask, default gateway. As a rule, they are indicated in the provider's Internet connection agreement. Alternatively, you can check the box next to Obtain an IP address automatically and Obtain DNS server address automatically.
  2. If a router or router is used, then the "Default gateway" field is 192.168.0.1 (192.168.0.1). Read more about this in the instructions for the router. If you know for sure that the access point has a default gateway of 192.168.0.1 or 192.168.1.1, then the IP addresses are in the range from 192.168.0.100 (192.168.1.100) and above.
  3. Conflict of IP addresses (there is a yellow exclamation mark on the monitor icon in the tray). This means that there is a computer on the local network with the same IP address. If there is no router, but there is a conflict, then the IP address is not the one specified in the contract with the provider. In this case, you need to change the IP address.
  4. There may be a problem with the subnet mask or DNS server. They must be specified in the contract. In cases where a router is used, DNS is often the same as the default gateway.
  5. The network card is turned off or burned out. To check the device, you need to click "Start", select the "Run" tool and enter mmc devmgmt.msc in the line. In the window that opens, click on "Network adapters". If it is disabled (crossed out), then you need to start it. If the card does not turn on, it means that it burned out or came out of the slot (the second option is possible only if the card is not built into motherboard). If the card works, then turn it off and start again. As a last resort, you can remove the network card from the configuration and click on the "Update hardware configuration" icon. The system will find the network card and install it.
  6. Invalid VPN server address. It must be indicated in the instructions. If there is no such information, then you need to contact the technical service. If the Internet works without a VPN connection, then go to the provider's website and find the address of the VPN server. It can be either alphabetic (vpn.lan) or in the form of an IP address. To see the address of the VPN server, you need to open the properties of the VPN connection.
  7. There is no money on the personal account.

Regardless of the error, if you cannot fix it yourself, you will have to contact the technical support service.

How do I enable automatic launch?

  1. In order for the connection to start automatically, you need to go to "Control Panel" - "Network and Internet" - "Network Connections".

    Find VPN in the control panel

  2. We find the VPN, open the properties, then go to the "Settings" tab and uncheck the "Show connection progress", "Prompt for username, password" and "Enable Windows logon domain" checkboxes.
  3. Then you need to open the Windows Task Scheduler. Go to "Control Panel" - "System and Security" - "Administrative Tools" - "Task Scheduler". Or you can go through the registry: Win + R, enter the line taskschd.msc.

    Opening the task scheduler

  4. In the menu, select "Action", then "Create a simple task".

Let's talk about virtual private networks (VPNs). What is it, how to set up a VPN on your home computer and work equipment.

What is a VPN Server

A VPN server is a special piece of equipment that contains the accounts of clients using VPN (Virtual Private Network) technology. VPN is needed in order to create a secure communication channel such as node-to-node, node-to-network or network-to-network, for the safe transmission of traffic over the network. The technology is used by remote employees who work from home, but can enter the work network "as if they are their own." VPNs are used by large companies to connect with branches in other cities or to connect multiple offices in the same city.

The technology allows not only encrypting traffic, but also accessing the Internet on behalf of the VPN server, spoofing the IP address and location. We can say that it is very popular in the modern world. It is used to increase anonymity on the network and bypass site blocking.

You can create a VPN server on your own, or you can rent it from a provider.

How to set up on Windows 7

  1. Go to "Control Panel" - "Network and Sharing Center".
  2. From the menu on the left, select Change adapter settings. A window with current connections will open. Press the Alt key, a standard menu will appear at the top. In the "File" section, select "New Inbound Connection".
  3. Let's start configuring, following the instructions of the connection wizard.
  4. The system will provide you with a list of users who will be allowed to connect to the computer. You can create a new user.
  5. Choosing a way to connect users to the computer.
  6. We select the network programs that we want to allow for incoming connections.
  7. We complete the connection.

To work through a VPN, you need to configure a firewall, otherwise the connection will be blocked. The easiest way is to specify "Home network" in the connection settings.

If the computer is behind a router, you need to configure port forwarding. This is not difficult.

The settings on routers from different manufacturers may differ. You may need an individual instruction manual for your model.

Separately, it should be said that to connect to a computer from the outside, it must have a "white" IP address. Permanent, which is visible from the Internet. It can be rented inexpensively from a supplier.

Client connection to VPN server on Windows 7

Everything is much simpler here:

  1. Go to the "Network and Sharing Center".
  2. Select "Set up a new connection or network", and in the list that opens - "Connect to a workplace".
  3. Create a new connection. To the question "How to connect?" answer "VPN". You will need to enter the server IP address, username and password from your account on the server. You won't be able to connect without an account.
  4. If you do not need to connect right now, check the "Do not connect now, only configure for future connection" checkbox.

Errors that may occur when connecting

  1. Error 807. Check your internet connection. If with physical connection everything is in order, restart your computer and router. Check if the time on the computer and the time zone are out of order - there should be no discrepancies. Antivirus and firewall can block the VPN connection. If you are not an expert, it is advisable to simply turn off all surge protectors during operation. If you are concerned about data security, create an appropriate rule in your firewall configuration.
  2. Error 868. The hostname is not resolved to an IP address because the DNS settings are missing or incorrect. DNS service is disabled. May occur due to the fact that the 53rd port is closed by a firewall. We also do not exclude problems on the side of the provider.
  3. Error 628. Most often occurs due to server overload. It occurs if the equipment settings for connecting to the Internet are incorrectly set, Internet access has not been paid for.

Third-party VPN connection tools

You can also create a connection using third-party tools.

Open VPN

OpenVPN is a free service for creating a secure connection (tunneling IP networks). You can download the program on the official website of the program of the same name.

The software is presented for both Windows and Linux. On Linux, just open a terminal and enter the command apt-get-install openvpn. For Windows, you need to download the installation file corresponding to the bitness of the operating system (32 or 64 bits).

  1. Run the installation file.
  2. Follow the instructions of the installation wizard. All settings can be left as default.
  3. In the process, the program will ask you to install an additional driver - agree.
  4. Information about the program can be found in the Readme file.
  5. To connect over a VPN, you must have a configuration file provided by the other party. Copy it to your OpenVPN folder.
  6. In the properties of the program shortcut, specify that it should be run as administrator.
  7. Start OpenVPN. In the settings select "Use config file". If you do not have this file, you can configure the proxy server connection yourself.

On Linux, it is started by the service openvpn start command. Config file connection - openvpn / etc / openvpn / client.conf.

IPSec tunnels

The IPSec security protocol allows traffic to be encrypted at the network layer of the OSI model, that is, at the level of transmission of IP packets. For a successful connection, you need to configure the protocol on both sides of the connection. IPSec VPN is considered the most reliable means of connection, for example, for branch offices.

For example, consider the type of IPSec connection between two networks, as shown in the figure:

Consider the configuration for a Cisco router:

R1 (config) #int f0 / 0
R1 (config-if) #ip address 1.1.1.1 255.255.255.252
R1 (config-if) #no shut
R1 (config-if) #int lo0
R1 (config-if) #ip address 2.0.0.1 255.255.255.255
R1 (config-if) #no shut
R1 (config-if) #crypto isakmp policy 10
R1 (config-isakmp) #authentication pre-share
R1 (config-isakmp) #encryption aes 128
R1 (config-isakmp) #group 5
R1 (config-isakmp) #hash sha
R1 (config-isakmp) #exit
R1 (config) #crypto isakmp key 0 123 address 1.1.1.2
R1 (config) # access-list 101 permit ip host 2.0.0.1 host 2.0.0.2
R1 (config) #ip route 2.0.0.2 255.255.255.255 1.1.1.2
R1 (config) #crypto ipsec transform-set TR esp-aes 256 esp-sha-hmac
R1 (cfg-crypto-trans) #mode tunnel
R1 (cfg-crypto-trans) #exit
R1 (config) #crypto map MAPP 10 ipsec-isakmp
R1 (config-crypto-map) #match address 101
R1 (config-crypto-map) #set peer 1.1.1.2
R1 (config-crypto-map) #set transform-set TR
R1 (config-crypto-map) #do wr mem

When configuring IPSec on Cisco routers, the same steps should be followed on the second router. The exception is the IP-addresses of the nodes, the names of the interfaces. The key specified in the settings can be anything, but it must be the same on both sides of the connection.

When configuring a tunnel with a MikroTik router, the following set of commands can be used:

> ip dhcp-server add interface = ether1 name = dhcp1
> ip ipsec proposal add enc-algorithms = aes-128-cbc nmae = 10 pfc-group = modp1536
> ip ipsec proposal add name = proposal
> ip address add address = 1.1.1.2 / 30 interface = ether1 network = 1.1.1.0
> ip address add address = 2.0.0.2 interface = ether2 network = 2.0.0.2
> ip dhcp-client add disabled = no interface = ether1
> ip ipsec peer add address = 1.1.1.1 / 30 dh-group = modp1536 enc-algorithm = aes-128 generate-policy = port-override secret = 123
> ip ipsec policy add dst-address = 2.0.0.2 / 32 priority = 10 sa-dst-address = 1.1.1.1 sa-src-address = 1.1.1.2 src-address = 2.0.0.01 / 3 tunnel = yes
> ip route add distance = 1 dst-address = 2.0.0.2 / 32 gateway = 1.1.1.1

Per additional information you can refer to your router manuals. For home use, configuration between routers can be done in their web interface.

Video: Working with a VPN Server

In conclusion, a little about security. Although third-party services actively offer "secure" VPN services, remember that all logs are stored on the servers of VPN providers. Unscrupulous providers can thus collect information about customers, and then use it for their own purposes. A dangerous category includes various Internet browser extensions - "anonymizers" - which often do not even hide your real IP. Complete anonymity and security on the network can only be ensured by your common sense. Good luck!