Configuring a VPN w/ PPTP using VPC (Part 1)

A VPN, or Virtual Private Network, allows users to create a private network between two or more computers on the internet (or through your own network without being on the same workgroup or domain). For this lab, I will show you how to set up a basic VPN using PPTP for file sharing (mapping in our case) using MS’ Virtual PC (“VPC”).

What you will need

• MS Virtual PC (trial can be downloaded from here)
• Two Virtual Machines configured (Windows 2000 pro & Windows 2000 Server in our case). This could also be set up using Windows 2003 Server, but I decided to just stay using the Windows 2000 builds.
• At least 512MB of RAM (1GB recommended)

Configure TCP/IP Settings for Workstation

I assume that you have installed Windows 2000 Professional already and configured it the way I have in my other lab Configuring VPC. Great! Then let’s get started.

In Windows 2000 Pro, we will assign the workstation with a static IP address, and its corresponding subnet mask. We want to manually enter this using static addressing because we are not using DHCP for the VPN, if we do, we could run into a lot of connection errors and possibly have to reconfigure the workstation time and again (especially on a bigger network). To configure your Windows 2000 Pro host:

Right click My Network Places, and go down and left click Properties.

Next you will see a dialog box for the Network and Dial-up Connections. You need to right click the Local Area Connection, go down and click Properties.

Now we must edit your TCP/IP settings and configure them manually. So, select the Internet Protocol (TCP/IP) and click the Properties button.

When a dialog box opens, this is out Internet Protocol (TCP/IP) Properties. You will want to choose the Use the following IP address option and in IP address field, type: 192.168.54.2 and for your Subnet mask type: 255.255.255.0 (it might put the Subnet mask in automatically. Leave the rest of the settings at default, and no, you do not need to set anything for the Default gateway. Click OK when you are finished. Then click OK to save and exit the Local Area Connection Properies dialog.

For now, we are finished with the Windows 2000 workstation.

Configuring TCP/IP Settings Server

Setting up the servers’ TCP/IP settings are just like setting up the Workstations’ TCP/IP settings. Actually, EXACTLY alike. So instead of wasting time, configure your TCP/IP settings for the Server as you did for the Workstation. The only correction that needs to be made is the IP address for your Server machine. The IP address for the Server should be 192.168.54.1.

Configuring Routing and Remote Access

We need to configure the Routing and Remote Access so that we can connect the workstation to the server. So, on your Server, go to Programs – Administrative Tools – Routing and Remote Access.

Now you will see your computer name (local) with a server icon that has a red dot on it, letting you know that it is not running. Right click your computer name and click Configure and Enable Routing and Remote Access.

A dialog box with appear. This is the Routing and Remote Access Server Setup Wizard, what you will use to configure your VPN on the server. Click Next to continue.

Now we need to tell the computer what kind of configuration we want to give the connection. We want to set up a VPN, so we will choose Virtual private network (VPN) server. Click Next to continue.

The Server will let you know what protocols are required on the workstation. You should have TCP/IP configured on your workstation, since we have already manually configured it. So, select the option Yes, all of the available protocols are on this list, then click Next to continue.

The server will ask you for the internet connection, or the type of networking adapter that uses the internet. In this case, we are going to use our Local Area Connection, the one we configured using the IP address of 192.168.54.1. Select it from the list and click Next to continue.

In our simple case, we want to automatically assign IP addresses to the machine connecting to the server. So, we are going to click Automatically and click Next to continue.

Before going to the next section, an Alert message is displayed letting you know that your server is configured using a static IP address, and that you need to make sure that your static IP address is compatible with the DHCP address assigned when dialing in to the remote server. Just click OK and you will be directed to the next step.

RADIUS is the Remote Authentication Dial-In User Service that provides a central authentication when you have multiple remote servers. We only that one server and this section is an advanced topic, so we are going to select No, I don’t want to set up this server to use RADIUS now. Then click Next to continue.

We are now done setting up the Routing and Remote Access Server. You can click Finish and go grab a nice cold Coke. This concludes Part 1 of Configuring a VPN w/ PPTP using VPC.

UPDATE: There will not be a part two. I keep stating that I will, but it never happens. I don’t really dive into alot of Windows-related articles anymore. I’m a Unix administrator, so I’m not going to pretend that I know what I’m doing. At the time of writing this inital post, I knew what I was doing, as far as an update, you are better off searching Google, rather than me play around with Windows Server, just to figure this out and get it posted.