• How to set up your own VPN server

    Telegram was blocked, free proxies and VPNs work intermittently due to a large influx of users or completely stop functioning without explanation, like.

    Paid tools can also disappear at any time: the law banning anonymizers and VPNs was passed a long time ago, but has not yet been applied. In this situation, the only guarantee of freedom on the Internet is your own VPN. Lifehacker will tell you how to set it up in 20 minutes.

    Choosing hosting

    For VPN settings you need a VPS - virtual private server. You can choose any hosting provider, as long as the following conditions are met:

    • The server is located in a country that does not fall under the jurisdiction of Russian authorities, but is quite close to your real location.
    • Random access memory (RAM) must be at least 512 MB.
    • Speed network interface- 100 MB/sec and above.
    • Network traffic- 512 GB and above or unlimited.

    The amount of allocated hard disk space and the type of drive does not matter. You can find a suitable solution for $3–4 per month.

    When purchasing a server, choose KVM. OpenVZ and Xen are also suitable if they have TUN connected - you need to ask about this at technical service hosting provider.

    There is no need to perform any additional manipulations with KVM, although some hosting providers may limit the ability to create a VPN on it. You can also clarify this with the support service.

    When setting up a server, you can enter any value in the “Hostname” item: for example, test.test. The prefixes NS1 and NS2 are also not important: we write ns1.test And ns2.test.

    Operating system - CentOS 7.4 64 bit or any other distribution, fundamental differences not in the settings. Network traffic leave 512 GB or select additional volume, if you are afraid that what you have is not enough. Location - the closer, the better. The Netherlands will do.

    After payment, you will receive an email with all the necessary data to set up a VPN. You have purchased space on a server in another country, all that remains is to redirect all traffic to it.

    Setting up a VPN

    To connect to the server and send commands we will use the Putty program. I received a link to it in an email with registration information for hosting. You can download the program. Putty and its analogues are also available on macOS, the settings will be identical.

    Launch Putty. On the Session tab, in the Host Name field, enter the IP address that came in the letter and click Open.

    When a warning window appears, click Yes. After this, the console will launch, through which you will send commands to the server. First you need to log in - the authorization data is also in the letter from the hoster. Login will be root, type it by hand. Copy the password to the clipboard. To paste the password into the console, right-click and press Enter. The password will not be displayed in the console, but if you are logged in, you will see information about the system or server number.


    There should not be much time between entering your login and password. If an error message appears, restart Putty and try again.

    To set up the VPN I used ready script OpenVPN road warrior. This method does not guarantee complete anonymity, so that when committing illegal actions, the user can be easily found. But it is enough to bypass the blocking. If all VPN services stop working, this connection will continue to function as long as I pay for hosting.

    To use the script, paste the line wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh into the console.

    After successfully adding the script, a dialogue with the setup wizard will start. It independently finds the optimal values, all you have to do is agree or choose suitable option. All actions are confirmed by pressing the Enter key. Let's go in order:

    1. The IP address must match the IP address that you received in the letter from the hoster.
    2. Leave the default protocol as UDP.
    3. Port:1194 - agree.
    4. Which DNS to use - select Google. Erase 1 , write 3 and press Enter.
    5. Client name - enter the user name. You can leave client.
    6. Press any key - press Enter again and wait until the settings are completed.

    After completing the setup, you need to create a file through which you will connect to the VPN. Enter the command cat ~/client.ovpn.

    The contents of the file will appear in the console. Scroll up to the command cat ~/client.ovpn and select everything that appears below except the last line. The selection must end at. To copy a fragment, press Ctrl + V.

    Launch Notepad, paste the copied fragment and save the file on your desktop with the name client.ovpn.

    Connecting to the server

    To connect using the created file you need OpenVPN client. The computer version can be downloaded. Download and install the program, but do not run it. Right click on the file client.ovpn and select Start OpenVPN.

    A console window will appear with the connection initialized. If the connection was successful, the Initialization Sequence Completed status will appear below. During the connection process, a network selection window may appear, click on the public network.

    To make sure the connection is correct, . It must match the one that the hoster wrote in the letter. To stop sending requests to a server in another country, close the OpenVPN window.

    OpenVPN also has clients for mobile devices.

    To establish a connection, transfer the file to the phone memory client.ovpn. Launch the application and select OVPN Profile. Specify the path to the file and move the slider to the “Enabled” position.


    A VPN connection icon will appear at the top. To make sure that traffic is being redirected through a server in another country, open any IP address checking service in your mobile browser.

    They have become commonplace. True, no one really thinks about what is behind the concept like “VPN, setup, use, etc.” Most users prefer not to get into the jungle of computer terminology and use standard templates. But in vain. There are a lot of benefits that can be gained from knowing about such connections, such as increasing traffic or connection speed, etc. Let's take a look at what a connection to virtual network using the example of interaction between Windows operating systems on a stationary computer terminal and Android on a mobile device.

    What is VPN

    Let's start with the fact that VPN setup is impossible without the general principle of understanding the essence of the connection being created or used.

    If you explain in simple words, in such a network there is necessarily a so-called router (the same router), which provides computers or mobile devices trying to connect to existing network, standard additional IP addresses for access to LAN or the Internet.

    At the same time, a virtual network in which there is activated setting VPN connections are accepted by any device connected to it and assigned a unique internal IP address. The range of such addresses in the usual standard is from zero to the value 255.

    What’s most interesting is that even when accessing the Internet, the external IP address of the device from which the request is made is not so easy to determine. There are several reasons for this, which will be discussed below.

    The simplest VPN setup for Android

    Almost all virtual networks using wireless connection Wi-Fi types work on the same principle - assigning free IP addresses from the available range. It's no surprise that any mobile device can easily be connected to them (but only if it supports the appropriate connection protocols).

    However, today any smartphones or tablets based on the Android OS have in their functionality the option of connecting the same Wi-Fi. The network is detected automatically if the device is within its coverage area. The only thing you may need is to enter a password. The so-called “shared” ones do not require a password at all.

    IN in this case You need to go to the main settings on your smartphone or tablet and activate the Wi-Fi connection. The system itself will determine the presence of radio modules at a distance of 100-300 meters from the device (it all depends on the model of the distribution router). Once the network is identified, a menu will be displayed with all available connections and their blocking indication. If the network has an icon padlock, it is password protected (however, this will be indicated initially in the message). If you know the password, enter it.

    On networks public use, where login using a password is not provided, and even simpler. Has the network been determined? All. Click on connection and use it. As is already clear, VPN configuration in this case is not required at all. Another thing is when to use Windows settings or another operating system (even mobile) to create a connection or assign the status of a VPN distribution server to a computer terminal or laptop.

    Creation on Windows

    With "OS" Windows family not everything is as simple as most users think. Of course, automatic recognition of the network or connection via Wi-Fi, ADSL or even direct connection via network card They produce Ethernet (subject to availability installed equipment). The question is different: if the distributor is not a router, but a laptop or desktop computer how to get out of this situation?

    Basic parameters

    Here you will have to delve into the VPN settings. Windows as an operating system is considered first.

    First you need to pay attention not even to the settings of the system itself, but to its accompanying components. True, when creating a connection or using it to the maximum, you will have to configure some protocols such as TCP/IP (IPv4, IPv6).

    If the provider does not provide such services in automatic mode, you will have to make settings indicating previously obtained parameters. For example, when connecting automatically, the fields in the Internet browser properties for filling will be inactive (there will be a dot on the item “Obtain an IP address automatically”). That is why you do not have to enter the values ​​of the subnet mask, gateway, DNS or WINS servers manually (especially for proxy servers).

    Router settings

    Regardless of whether the VPN is configured on an ASUS laptop or terminal (or any other device), access to the network is still common.

    To do it correctly, you need to go to its own menu. This can be done using any Internet browser, provided that the router is directly connected to a computer or laptop.

    In the address field, enter the value 192.168.1.1 (this corresponds to most models), after which you should activate the enable function (using the router parameters in advanced mode). Typically this line looks like WLAN Connection Type.

    Using VPN Clients

    VPN clients are quite specific programs that work like anonymous proxy servers that hide the true IP address of the user's computer when accessing a local network or the Internet.

    Actually, the use of programs of this type comes down to almost complete automation. The VPN setting in this case, in general, is not important, since the application itself redirects requests from one server (mirror) to another.

    True, you will have to tinker a little with setting up such a client, especially if you want to make the most of your home virtual network available connections. Here you have to choose between software products. And it should be noted that some applications, the smallest in size, sometimes surpass the commercial products of many well-known brands, for which you also have to pay (by the way, a lot of money).

    What about TCP/IP?

    It goes without saying that almost all of the above settings affect the TCP/IP protocol to one degree or another. Today nothing better has been invented for comfort. Even remote ones anonymous proxy servers or local storage data still uses these settings. But you need to be careful with him.

    It is best to contact your provider or system administrator. But one thing must be clearly remembered: even when setting the values ​​manually, as a rule, the subnet mask has the sequence 255.255.255.0 (it can change), and all IP addresses begin with the values ​​192.168.0.X (the last letter can have from one to three characters ).

    Conclusion

    However, these are all subtleties computer technology. The same VPN client for Android can provide communication between multiple smart devices. But the biggest snag is whether it’s worth using such a connection on a mobile gadget.

    If you noticed, we didn’t go into too much technical detail. This is rather a descriptive instruction about general concepts. But even that simple example, I think, will help, so to speak, to understand the very essence of the issue. Moreover, with a clear understanding of it, the whole problem will be reduced only to the system settings, which will not affect a specific user in any way.

    But here you need to be very careful. Actually, for those who do not know what a VPN connection is, this will not help much. For more advanced users, it is worth saying that creating a virtual network using Windows OS’s own tools is not recommended. You can, of course, use the initial settings, however, as practice shows, it is better to have some kind of reserve additional client, which will always be like an ace in the hole.

    Besides powerful computer and an impressive list additional programs for convenient surfing and safe work on the Internet, you need reliable server- a tool that provides communication with people, services, companies and information sites. Among different types The best choice would be a VPN server, if only because it is included as an option in the Windows operating system. Read on, and you can launch and configure it on Windows 7 yourself and at no cost.

    Connecting and setting up a VPN server

    Don't be alarmed. Create and prepare for correct operation VPN server is not difficult, but prerequisite- you have administrator rights.

    What is a VPN server

    Literally, VPN (Virtual Private Network) translates as “virtual private network" Technically, this is a set of protocols and solution architecture that provides secure communication in the digital environment. By essence of VPN is a secure add-on on top of the usual virtual network.

    Installing and configuring a VPN server will not require much time from you, since it is already built into the Windows operating system. According to experts, the most successful private server configuration is contained on this platform.

    This is what it looks like simplified diagram connections via VPN server

    The server's job is to create tunnels connecting the user to those endpoints where he wants to get to. Moreover, the information is encrypted using a complex algorithm, which is almost impossible to decode. No one from the outside can enter the tunnel. The server blocks such attempts, leaving personal information well protected - correspondence, calls, messages, video and audio files.

    What is it for?

    The essence of the answer is in the tasks that the server performs. It not only brings together many devices in the virtual space, such as computer terminals, laptops, tablets and even mobile devices. Its technology provides anonymity, data encryption and security confidential information from interception by intruders.

    Some will object: we have no need for anonymity and data protection, because there is nothing to hide. Let me not believe you. It’s not just criminals who use encrypted traffic; most are not averse to protecting data so as not to “share” access passwords to their bank card or not become the target of blackmail due to leakage of personal information. As they say: it is stupid to leave the door of the house open if the world does not consist only of good and good people. Anonymity also adds a nice detail - the ability to visit resources that were previously inaccessible for various reasons.

    One of the most common reasons using VPN- reluctance to be tied to the workplace

    It’s also a good idea to mention the benefits of using a VPN:

    • scalability - no additional costs are required when connecting another participant;
    • flexibility - it doesn't matter where you access from;
    • A valuable opportunity to work anywhere.

    A VPN server is extremely necessary when creating corporate networks, when for the safe operation of a company or enterprise it is necessary to limit access to unauthorized persons to information circulating among employees. Using technical solutions VPN, it is not difficult to organize the confidentiality of clients located outside the company.

    How to create and configure on a computer with Windows 7: step-by-step instructions

    The sequence of actions that need to be performed to launch and configure the VPN server on Windows platform 7 is like this.

    1. Open the Start menu and go to the Control Panel tab.

      Go from the Start menu to Control Panel

    2. In Computer Settings, select Network and Internet.

      Open the “Network and Internet” section

    3. In the window that opens, click “Network and Sharing Center” shared access».

      Select "Network and Sharing Center"

    4. Then click “Set up a new connection or network.”

      Select “Set up a new connection or network”

    5. Select “Connect to Workplace” in the new window.

      Click on the “Connect to workplace” button

    6. Then click on “Use my Internet connection (VPN)”.

      Select "Use my Internet connection (VPN)"

    7. When prompted to establish an Internet connection immediately or defer this action, select “Delay setting up an Internet connection.”

      Select “Delay Internet connection setup”

    8. Next, write the server address, destination name and come up with a name for the connection.

      Enter the VPN server address and write the name of the connection in the “Destination name” field

    9. In the next window, enter the username and password that are registered on the VPN server. In the “Remember this password” field, check the box so that you do not have to enter it every time you connect. Be sure to save.

      Enter the username and password registered on the VPN server. Check the box "Remember this password"

    10. The connection has been created. Click the "Close" button. For convenience, create a shortcut to the program on the “Desktop”.

      Close window

    11. Go to the Start menu again, then Control Panel, Network and Internet, Manage Networks and Sharing, where select Change adapter settings.

      Go to “Change adapter settings”

    12. Find the VPN connection in this window and right-click on it, then go to its “Properties”.

      In the VPN connection window, right-click on it and go to its “Properties”

    13. Next, select “Security”, where in the “VPN Type” field select “Point-to-Point Tunnel Protocol (PPTP)”, and in the “Data Encryption” field click on “Optional”.

      Open “Security” and in the “VPN Type” field select “Point-to-Point Tunnel Protocol (PPTP)”, in the “Data Encryption” field select “optional”

    14. In the same window, only on the “Network” tab, uncheck the boxes next to the “Client for Microsoft networks" and "File and Printer Sharing Service for Microsoft Networks."

      On the “Network” tab, uncheck the boxes next to the items: “Client for Microsoft Networks” and “File and Printer Sharing Service for Microsoft Networks”

    15. Then, without closing the window, go to the “Options” tab and uncheck the box next to “Include Windows logon domain”, then click “OK”.

      On the “Options” tab, uncheck the box next to “Include Windows logon domain”, then click “OK”

    Before starting, the VPN will ask for a location. Best choice- “Public place”, then the greatest privacy in the digital space will be ensured. If desired, in the “Connection” menu, configure the settings for encryption and use of other devices.

    If you still have questions about installing and configuring a VPN server in Window 7, watch the video.

    Video: how to set up and configure a VPN connection in Windows 7

    Setting up for multiple clients

    The process of connecting new private network participants is as follows.

    1. Go to “Control Panel” => “ Network connections" => "Creating a new connection."
    2. Start working with the “New Connection Wizard” => “ Direct connection to another computer" => "Accept incoming connections."
    3. The “Wizard” will prompt you to indicate those devices with which you plan to receive incoming connections, but they are not suitable, so click on “Next”. When the “Wizard” asks a question about VPN, stop at the “Allow virtual private networks” item.
    4. Entering authorization parameters. The “Wizard” prompts you to select those users who are allowed to log into the virtual private network. Select and click the “Add” button. When prompted by the Wizard, enter the new username and password.
    5. Configure TCP/IP protocols. Select the appropriate item in the list of protocols and click on the “Properties” button. In order for the client to access local network, activate the “Allow callers access to the local network” option. Next, designate the range of IP addresses that connected participants can use.

    Troubleshooting installation and operation problems

    Launching a VPN is often accompanied by errors. The machine reports them in three digits. Thus, errors with a digital value of 6** report the working status of the network, but you need to check the entered information. This refers to the communication protocol type, password and name. Code 7** provides information about the presence of errors in the connection settings. Code 8** hides problems with network settings or those related to a banal lack of Internet connection.

    Let's look at common mistakes and how to fix them.

    Error 807

    This error indicates that the network connection has been interrupted. A common reason is problems with traffic transmission due to low quality Internet connection or server overload.

    This is how the system reports error 807

    There are many options to solve the problem. Try re-creating the VPN connection. Didn't help? This means remove the KV958869 system or, better yet, restore it to its previous state. Didn't work out again? Then change the connection type from automatic to “PPTP”. Please note that error 807 also occurs when blocked by a firewall/firewall, so try disabling them.

    Error 868

    We're talking about malfunction VPN ports. Often the failure occurs due to an incorrect DNS server name. Therefore, first of all, look at the TCP/IP protocol. It's either listed incorrectly DNS address, or not entered at all.

    This is what error message 868 looks like

    Determine the status of the local network connection. In the “Network Connections” tab, follow these steps: “Start” => “Control Panel” => “Network and Internet” => “Network and Sharing Center” => “Change adapter settings”. The detected defect will dictate further actions.

    So, if there is no local network connection, connect via VPN. No result? Check if the cable is working. When it is disabled, you will see it on the corresponding icon blue screens with a red cross. Try using the right key to first disconnect and then reconnect the connection. Nothing happened again? Then do the same “disconnect/connect” operation with the cable (manually).

    Is the error still there? Check your connection. Open it with the right button and see how many packets have been sent - there should be at least 5-7. If the shipment received less or is completely empty, then find out how the equipment works. Go to “Administration” in this way: “Start” => “Control Panel” => “System and Security” => “Administration” => “Services”. Find the DHCP client in the list of services. Restart it with the right button. Then restart your PC.

    A non-working state can also be caused by blocking port 53. Your excessive caution simply played a cruel joke - you yourself programmed the security system in such a way that it does not allow absolutely everything. In this regard, it is recommended to check whether port 53 is blocked. Even if “Port is open” is written, this does not mean that the connection is working. Here we only mean readiness to connect. Just create an allow rule for port 53 in TCP protocol and UDP. No result? Then you will have to resort to a last resort, that is, reinstall Windows.

    Be sure to watch the video from detailed instructions port opening. It also shows ways to correct port connection errors.

    Video: opening a port on a local network

    Errors 734 and 741

    Error 734 occurs when the PPP Link Control Protocol is interrupted, and error 741 is due to the machine not recognizing this type of encryption.

    Error 734 can be resolved using a simple algorithm

    They will help correct the situation simple steps. Double-left-click the VPN and open Properties, then Security, and uncheck “Data encryption required.” Confirm your intentions.

    This is only a small part of the problems that arise when launching a VPN, but almost all of them can be solved quite simply and without much time.

    What is OpenVPN

    The most popular solution for organizing a private network is OpenVPN. The main advantage is economy, since the traffic is compressed. Among the disadvantages of the program is the complexity of configuration, which we will now deal with.

    OpenVPN - special program to set up a VPN connection. Naturally, you first need to install it on your computer. It is better to take the download file from the official website of the program:

    The installation process is quite simple, except that you will need to temporarily disable the antivirus. When loading the program into the system, a virtual network adapter TAP-Win32 Adapter V9 and driver for it. OpenVPN's task is to set the IP address and mask of the local add-on.

    First of all you need to copy configuration file, which should be provided to you by your provider. Save the data in the C:\Program Files\OpenVPN\config folder. Once in it, click on the “Insert” item.

    OpenVPN should only be run with administrator rights, otherwise the program may not work correctly. Be sure to change the compatibility properties in the OS. On OpenVPN, open Properties, find Compatibility, and check Run this program as an administrator. Next, confirm your actions by clicking on “OK”. A connection log window should appear.

    If you followed all the steps correctly, then setting up a VPN via the OpenVPN protocol for Windows 7 was successful. Still having difficulties? Look at the screenshots step by step instructions Open VPN settings and a short video.

    Setting up the program step by step (photo)

    Copy the configuration file to the C:Program FilesOpenVPNconfig folder

    Confirm your access request

    Run Open VNP as an administrator: go to “Start” and right-click on the OpenVPN shortcut, select “Properties”

    Open the program menu in the tray (right corner) and select “Connect”

    A window will open with the contents of the connection log

    Video: Installing OpenVPN GUI

    Setting up IPSec VPN

    The IPSec standard is specifically designed to enhance the security of the IP protocol. Allows you to confirm authenticity (authentication), and also checks the integrity and encryption of IP packets. IPsec contains protocols for secure key exchange:

    • RFC 2401 IPSec
    • RFC 2402AH
    • RFC 2406 ESP,
    • RFC 2409 IKE.

    How to set up a VPN using IPsec is described in step by step guide below.

    1. In the Control Panel, click View: Small Icons, then go to Control Center.
    2. Next, find “Set up a new connection” on the “Change” tab network parameters».
    3. Complete the action by clicking on “Connect to Workplace”. Go to it via the “Connection or network setup” tab.
    4. What you do next depends on whether a VPN was previously installed on your machine. If yes, then in the pop-up window click “No, create a new connection and continue with your actions.” If not, select “Use my Internet connection.”
    5. Don't forget to add your VPN address and in the "Destination name" line write the server name. Don't forget the mark. Select the “Installation for future connection” column and continue with your actions.
    6. Next, add your password and login registered on the VPN server. In the window that opens, agree to connect.
    7. Then, in the Network and Sharing Center, change the adapter settings.
    8. Finally, select VPN Type. This will be an IPsec VPN. Of course, note that encryption is optional. IPsec VPN channel is ready!

    To conclude the topic about IPsec VPN, I would like to emphasize the usefulness of the program, given the two disadvantages that VPN has. The first and most serious is the vulnerability of the PPTP protocol. We are talking about the insufficient reliability of single-factor authentication. In other words, when we confirm our access rights only using a login and password. In this case, the login or user name is usually known, and the password quite often falls into the hands of a hacker (for example, when a Trojan virus is introduced into your OS). Then outsider receives full access to the local network. The second drawback is that there is no way to verify that the connection was made by a trusted user and not by the same attacker who gained access to the account.

    Video: setting up an IPsec tunnel between two Mikrotik routers

    Now, user, you know, if not all, then the basic steps for creating and setting up your own, full-fledged and completely secure virtual network based on a VPN connection in Windows environment 7. You also learned how to properly configure OpenVPN and IPsec VNP programs. Rest assured, a private server guarantees the same full connection as a regular one. Your computer will not notice the difference between a VPN and a channel without encryption, but the security of your work in the digital space increases several times.

    In this article we will take a closer look at the process of setting up a VPN server in the operating system. Windows Server, and also answer the questions: What is a VPN and how to set it up VPN connection?

    What is a VPN connection?

    VPN (Virtual Private Network) is a virtual private network that is used to provide a secure connection to the network. A technology that allows you to connect any number of devices into a private network. As a rule, via the Internet.

    Although this technology is not new, it is lately it has gained relevance due to the desire of users to maintain data integrity or privacy in real time.

    This connection method is called a VPN tunnel. You can connect to a VPN from any computer, with any operating system that supports a VPN connection. Or a VPN-Client is installed, which is capable of forwarding ports using TCP/IP to a virtual network.

    What does a VPN do?

    VPN provides remote connection to private networks

    You can also safely combine several networks and servers

    Computers with IP addresses from 192.168.0.10 to 192.168.0.125 are connected through a network gateway, which acts as a VPN server. Rules for connections via the VPN channel must first be written on the server and router.

    VPN allows you to safely use the Internet when connecting even to open wi-fi networks in public areas (in shopping centers, hotels or airports)

    And also bypass restrictions on displaying content in certain countries

    VPN prevents cyber threats from interception of information by an attacker on the fly, unnoticed by the recipient.

    How VPN works

    Let's look at how a VPN connection works in principle.

    Let's imagine that transmission is the movement of a packet along a highway from point A to point B; along the path of the packet there are checkpoints for passing the data packet. When using a VPN, this route is additionally protected by an encryption system and user authentication to secure the traffic containing the data packet. This method is called “tunneling” (tunneling - using a tunnel)

    In this channel, all communications are reliably protected, and all intermediate data transmission nodes deal with an encrypted package and only when the data is transmitted to the recipient, the data in the package is decrypted and becomes available to the authorized recipient.

    VPN will ensure the privacy of your information along with a comprehensive antivirus.

    VPN supports such certificates as OpenVPN, L2TP, IPSec, PPTP, PPOE and the result is completely secure and safe way data transfer.

    VPN tunneling is used:

    1. Inside the corporate network.
    2. Consolidation of remote offices, as well as small branches.
    3. Access to external IT resources.
    4. For building video conferences.

    Creating a VPN, selecting and configuring equipment.

    For corporate communications in large organizations or associations remote friend From other offices, hardware is used that is capable of maintaining uninterrupted operation and security on the network.

    To use the VPN service, the role of the network gateway can be: Linux/Windows servers, a router and a network gateway on which the VPN is installed.

    The router must ensure reliable operation of the network without freezes. The built-in VPN function allows you to change the configuration for working at home, in an organization or in a branch office.

    Setting up a VPN server.

    If you want to install and use a VPN server based on the Windows family, then you need to understand that client Windows machines XP/7/8/10 do not support this function; you need a virtualization system or a physical server on the Windows 2000/2003/2008/2012/2016 platform, but we will consider this function on Windows Server 2008 R2.

    1. First, you need to install the “Network Policy and Access Services” server role. To do this, open the server manager and click on the “Add role” link:

    Select the Network and Access Policy Services role and click next:

    Select "Routing Services" remote access" and click Next and Install.

    2. After installing the role, you need to configure it. Go to Server Manager, expand the "Roles" branch, select the "Network and Access Policy Services" role, expand it, right-click on "Routing and Remote Access" and select "Configure and enable routing and remote access"

    After starting the service, we consider the configuration of the role complete. Now you need to allow users access to the server and configure the issuance of IP addresses to clients.

    Ports that VPN supports. After the service is raised, they open in the firewall.

    For PPTP: 1723 (TCP);

    For L2TP: 1701 (TCP)

    For SSTP: 443 (TCP).

    The L2TP/IpSec protocol is more preferable for building VPN networks, mainly for security and higher availability, due to the fact that a single UDP session is used for data and control channels. Today we will look at setting up an L2TP/IpSec VPN server on the Windows Server 2008 r2 platform.

    You can try to deploy on the following protocols: PPTP, PPOE, SSTP, L2TP/L2TP/IpSec

    Let's go to Server Manager: Roles - Routing and Remote Access, right-click on this role and select “ Properties", on the “General” tab, check the IPv4 router box, select “local network and demand call”, and IPv4 remote access server:

    Now we need to enter the pre-shared key. Go to the tab Safety and in the field Allow special IPSec policies for L2TP connections, check the box and enter your key. (About the key. You can enter an arbitrary combination of letters and numbers there; the main principle is that the more complex the combination, the safer it is, and remember or write down this combination; we will need it later). In the Authentication Provider tab, select Windows Authentication.

    Now we need to configure Connection security. To do this, go to the tab Safety and choose Authentication Methods, check the boxes EAP and Encrypted Authentication (Microsoft version 2, MS-CHAP v2):

    Next let's go to the tab IPv4, there we indicate which interface will accept VPN connections, and also configure the pool of addresses issued to L2TP VPN clients on the IPv4 tab (Set the Interface to “Allow RAS to select an adapter”):

    Now let's go to the tab that appears Ports, right-click and Properties, select a connection L2TP and press Tune, we will display it in a new window Remote access connection (incoming only) And On-demand connection (incoming and outgoing) and set the maximum number of ports, the number of ports must match or exceed the expected number of clients. It is better to disable unused protocols by unchecking both checkboxes in their properties.

    List of ports that we have left in the specified quantity.

    This completes the server setup. All that remains is to allow users to connect to the server. Go to Server Manager Active Directory users – we find the user we want allow access press properties, go to the bookmark incoming calls

    VPN (Virtual Private Network) is the most commonly used ordinary users to access blocked sites or change the IP address for other purposes. Installing such a connection on a computer is possible in four various methods, each of which implies the execution of a specific algorithm of actions. Let's look at each option in detail.

    First of all, we recommend that you decide on the purpose for which you are installing a VPN on your computer. A regular browser extension will help you bypass simple blocking, the program will allow you to launch any other software that works via the Internet. Next, choose the most suitable method and follow the instructions provided.

    Method 1: Third Party Software

    There is free software that allows you to set up a VPN connection. They all work on approximately the same principle, but have different interfaces, number of networks and traffic restrictions. Let's take a look this method using Windscribe as an example:

    1. Go to official page program and download it by clicking on the appropriate button.

    2. Decide on the installation option. It would be best for the average user to choose "Express installation" to avoid specifying additional parameters.

    3. Next a warning will appear Windows security. Confirm the installation by clicking on "Install".

    4. Wait for the process to complete, then run the program.

    5. Log in to your profile if you have created one previously or proceed to create a new one.

    6. You will need to fill out the appropriate form, where you will only need to indicate your username, password and email.

    7. After completing registration on specified address A confirmation email will be sent. In the message, click the button "Confirm Email".

    8. Log in to the program and start the VPN connection mode.

    9. The network location settings window will open. Here you should indicate "Home network".

    10. All that remains is to specify a convenient location or leave the default IP address.

    Most free programs that create a VPN connection, there are restrictions on traffic or locations, so after testing the software you should think about purchasing full version or purchasing a subscription if you plan to use it frequently. Read about other representatives of similar software in our other article at the link below.

    Method 2: Browser extensions

    As mentioned above, you can bypass site blocking using a regular browser extension. In addition, this method is the simplest, and all actions are performed in just a few minutes. Let's look at installing the extension using an example:


    Exists large number other paid and free extensions for the browser. Get to know them in detail in our other material, which you will find at the link below.

    Method 3: Tor Browser

    One of best solutions maintaining anonymity on the Internet is a browser that, in addition to everything, provides access to a pseudo-domain top level .onion. It works on the principle of creating a chain of addresses through which the signal from the user to the Internet passes. The links in the chain are active users. Installation of this web browser occurs as follows:


    Thor has analogs whose functionality is approximately similar. Each such web browser is described in detail in our other material.

    Method 4: Standard Windows tool

    There are many services that provide VPN connection services. If you are registered on one of these resources, you can organize a connection using only standard OS capabilities. This is done this way:

    1. Click on "Start" and open "Control Panel".

    2. You will need to navigate to the menu "Network and Sharing Center".

    3. In the section "Changing network settings" click on "Set up a new connection or network".

    4. A menu will appear with four different connection options. Select "Connecting to the workplace".

    5. Data transfer is also carried out differently. Specify “Use my Internet connection (VPN)”.

    6. Now you should set the address that you received when registering with the service that provides VPN connection services, and proceed to the next step.

    7. Fill in the fields "Username", "Password" and, if necessary, "Domain", then click on "Connect". You should have provided all this information when creating a profile in the service you were using.

    8. You won’t be able to launch the VPN right away, since not all settings have been configured yet, so just close the window that appears.

    9. You will again find yourself in the window for interacting with networks, where you will move to the section "Changing adapter settings".

    10. Specify the created connection, right-click on it and go to "Properties".

    11. Immediately click on the tab "Options", where activate the item "Enable login domain in Windows", which will allow you to avoid entering your username and password every time you connect, and move to the window "PPP Settings".

    12. Uncheck the LCP extensions option to avoid sending information to the remote access server. In addition, it is recommended to disable software data compression for best quality connections. The connection negotiation option is also not needed; it can be turned off. Apply the changes and move on to the next step.

    13. IN "Safety" specify VPN type "Point-to-Point Tunnel Protocol (PPTP)", V "Data Encryption"“optional (connect even without encryption)” and deactivate the item "Microsoft CHAP protocol version 2". This setting is the most competent and will allow the network to operate without failures.

    14. Close the menu and right-click on the connection again, select "Connect".

    15. A new connection window will open. Here fill in all the required data and click on "Connection".

    That's all, the process is over, and work in the operating system will now be carried out through a private network.

    Today we looked at everything in detail available methods organizing your own free VPN connection on the computer. They are suitable for different situations and differ in operating principles. Check out all of them and choose the one that suits you fits better everything.

    Read more: