I was looking on the Internet for an easy to follow guide to be able to setup a WHS to act as a VPN server. However the guide I found on a popular WHS website didn’t seem to work for me. So I did it a way I knew would work using Routing and Remote Access which is part of Windows Server 2003.
Why would you want to do this? If you are away from your home and you want full LAN access to your home network then VPN on WHS is ideal for this. I’m sure most of you will have used VPN’s to connect to your companies corporate networks before when you are remote working, its the same kind of deal.
To setup your WHS as a VPN server you can follow these steps.
Remotely connect to your WHS using RDP.
To use Routing and Remote Access you first need to disable the Windows Firewall/Internet Connection Sharing (ICS) service.
Go to the Start Menu –> Run and enter Services.msc then press OK.
Scroll down and find Windows Firewall/Internet Connection Sharing (ICS) right click it and select services. Stop the service then set the startup type to disabled on the General tab.
Now open Routing and Remote Access
Start –> All Programs -> Administrative Tools -> Routing and Remote Access.
Right click the server name and select Configure and Enable Routing and Remote Access
You will then see the Setup Wizard, click Next.
Select Custom Configuration and click Next.
Select VPN Access and click Next
Click Finish
Click Yes to start the Routing and Remote Access service.
Now we have to tell Routing and Remote Access which device on our network is doing DHCP?
Expand IP Routing and right click DHCP Relay Agent and click Properties.
Enter the IP address of your DHCP service. Normally your broadband router / gateway. In my case this is 192.168.1.1
Click OK.
Now we need to specify which users on the WHS will have VPN access. Go to the Start Menu and right click Computer and select Manage.
In the Computer Management console, select the Local Users and Groups and then Users from tree on the left.
On the right hand side right click the user account you want to enable for VPN access and select Properties.
On the Dial-in tab select Allow access under Remote Access Permission (Dial-in or VPN) and click OK.
You now need to configure your router to allow inbound the VPN ports to your WHS.
These ports are:
- 1723 TCP
- 47 TCP
How you do this will depend on the make and model of your broadband router. But basically we need to use NAT to port forward requests coming from the Internet (WAN) to the Windows Home Server on the LAN.
My test router was a D-Link DSL-2542B and I had to select Advanced Setup –> NAT
Its also sometimes called Virtual Server on some routers.
You might be able to see on this screen shot that I have TCP ports 1723 and 47 port forwarded to the internal IP of the WHS which is our case is 192.168.1.6
That’s it, you just need to setup a Windows Client VPN connection on your PC or Laptop and point it to the WHS domain name for your server and login with the user account you enabled for VPN access earlier.
Windows 7 PPTP Client VPN connection.
Thanks for the post. Like you, I was not able to get other methods to work. Unlike you, I'm still having problems. I followed your steps adn still cannot connect. It hanges on verifying username and password.
ReplyDeleteAny suggestions or troubleshooting tips?
Thanks
Jed
This should work OK I tried it on two WHS servers at different locations. As a test on the internal LAN just create a VPN connection with the internal IP of your WHS. i.e. 192.168.1.x and see if you can connect to the VPN? If this works it means Routing and Remote Access is setup properly and your issue is with your router setup.
ReplyDeleteI like ur post. i tried myself to figure out how everything works with RRAS. But i stopped because i couldn't fix a problem. When i setup the VPN connection (almost like this) and i tried the settings of the WHS console ... the WHS consule crashes. So i tried ur solution but i found the same problem (crash of the WHS console when i push settings). U have the same problem? Or is something wrong at my WHS settings? I hope u have the solution.
ReplyDeleteThanks, Jac
This comment has been removed by the author.
ReplyDeleteHello Stuart. I've just upgraded my WHS into 2011 version. Would you by any chance know how to create the same VPN in WHS 2011?
ReplyDeleteI don't currently have a WHS 2011 box here. Its based on Windows Server 2008 however so maybe search on that.
ReplyDeleteI am stuck at IP Routing. I do not see this. I only see Remote Access Policies and Remote Access Logging. Any help will be appriciated
ReplyDeletesjmjnk
Just like Ali, I followed all the steps on identical systems (WHS and Windows 7 client), the VPN is not working! the process hangs on verifying username and password.
ReplyDeleteQuestions:
1. What protocol does this tutorial create? PPTP, L2TP or IPsec?
2. Are there any seeting we need to modify on the Windows 7 client?
Thanks,
Jack
PPTP is the protocol used. I just used the inbuilt Microsoft VPN client in Windows to connect to the WHS / VPN server.
ReplyDelete