How to Setup a VPN in Windows Vista: The Host

Friday Nov 21st 2008 by Ronald Pacchiano

In the first of a two-part series, network guru Ron Pacchiano guides you through setting up the host PC for a Virtual Private Network in Windows Vista.

As an advertising consultant, I work primarily out of my home office and spend a lot of time traveling and giving presentations. Occasionally I've left home without transferring important documents to my laptop. By the time I discover my mistake, all I can do is call home and hope someone can e-mail them to me.

At my old company we used a VPN (Virtual Private Network) to access the corporate network while out of the office. I would love to be able to set one up at home, but I don’t have a clue how to do it. I have a desktop PC running Windows Vista Home Edition, a cable modem and a wireless router. I also have a notebook for when I travel, which also runs Vista Home Edition. Is there a way to set up my own VPN with my current equipment?

I have the perfect low-cost VPN solution for you. I understand that you’re not very technical and that VPN solutions can be expensive and technically demanding. Don't worry, that’s not the situation here. For a standalone computer on a small network like yours, where you only need a single incoming connection, then Windows Vista already includes everything you need.

A VPN creates a secure connection to a private network, such as your company network, using the infrastructure of a public network like the Internet. Once you have established this virtual connection to your office network, you can access all of its resources (data files, applications, printers, etc.) just as if you were back in the office using your desktop PC. This is a very efficient and cost effective way for remote users to maintain their productivity, while still retaining their mobility.

Configuring a VPN within Vista is done in two parts. Part one configures a PC as the VPN Host. The Host system is the machine that will listen for a remote connection and is either part of the network you need to access or contains the data that you’re looking to retrieve. Part two configures the VPN client. The client is any remote system you use to gain access to those network resources.

In this case the VPN Host will be your desktop PC and your laptop will be the VPN Client.

In order to setup and configure the VPN technologies built into the Vista operating system you need to be logged on as a user with Administrator privileges. Note that this VPN functionality exists in all versions of Windows Vista. These include Home Basic, Home Premium, Business, Enterprise and Ultimate.

Set up the VPN Host

1. Log into the desktop PC using an account with administrative privileges. The first thing you want to do is assign the VPN Host a static IP address. Or to put it simply, one that does not change.

2. With that complete, click Start Control Panel Network and Internet Network and Sharing Center and select Manage network connections from the Tasks Pane on the left.

3. Now, if the Menu bar is not visible press the ALT key on the keyboard to toggle it on. Then click on File and select New Incoming Connection from the drop-down menu. Note: if you receive any dialog boxes that say “Windows needs your permission to continue” just click Continue.

4. On this next screen you need to select which people can log into the VPN Host. You can either select a person from the list of accounts already on the system or you can create a new one. To add a new account select Add Someone. From here you enter the new person’s name and password. You MUST assign the person a password (preferably a strong password that contains letters, numbers and symbols). When you finished this step select Next.

5. The next screen asks you “How will people connect?” Select the Through the Internet check box, and then click on Next.

6. You’ll see a list of the various Networking software already installed on the machine. By default you should see three items selected; Internet Protocol Version 4 (TCP/IPv4), File and Printer Sharing for Microsoft Networks and QoS Packet Scheduler. Select Internet Protocol Version 4 (TCP/IPv4), and then click on Properties. Verify that the Allow callers to access my local area network option is checked. Under that you’ll see the IP address assignment. By default it says, “Assign IP addresses automatically using DHCP”. Or if you like you can “Specify IP addresses”. Click Allow Access to continue.

7. At this point you’ll see a dialog box that says, “The people you choose can now connect to this computer.” Make a note of the computer name, or click where it says “Print this information”. Now click Close.

8. Finally, if you go back into the Manage network connections window you’ll find a new icon that says Incoming Connections. This will indicate whenever a VPN connection is active. For a bit of extra security, I suggest that you right-click the Incoming Connections icon then select Properties. Go to the Users tab and check the box that says, “Require all users to secure their passwords and data”.

At this point the VPN Host has been successfully configured. However in order for the VPN Client to be able to communicate with it, your router/firewall (both hardware and software) need to be configured to pass PPTP traffic. Generally speaking, you need to create a rule in your firewall associated to the static IP address of the VPN Host system which opens up TCP Port 1723. You might also need to enable GRE Protocol 47 (more commonly referred to as VPN Pass Through. For specific instructions though you’ll need to consult your router's user manual for details.

This completes Part 1 of our Windows Vista VPN configuration. Next month in Part 2, we’ll walk you through the VPN Client configuration, as well as discuss some of the typical problems you might run into while establishing a connection to your VPN. In addition, we’ll also outline common troubleshooting techniques that should help you get your VPN up and functioning in no time.

