Top Nav

Setup a VPN – PPTP Host On Your Home Windows 7 PC [How-To]

More WIndows 7 Tips, Tricks, News, Tutorials, How-To, Quesitons, and Answers

Years and years ago before VPN (Virtual Private Network) became a common term for the corporate workforce, Microsoft created PPTP (Point to point Tunneling Protocol.)  Like VPN, PPTP allows you to securely connect to remote networks such as your home network or your friend’s/parent’s PCs (in the event they need some tech support.)

 

Additionally, the beautiful thing about Microsoft PPTP is you don’t need $10k of dedicated VPN hardware or a Network Admin to set it up.  All you need is a PC and 3 minutes to read this groovy How-To Tutorial!

 

How To Set Up A Home VPN / PPTP Host Using Windows 7

 

1.   Click the Windows Start Orb and Type network connections into the search bar.  Then Click the Network Connections link.

open your network connections dialog in windows 7

 

2.   In the Network Connections window if the File menu isn’t available Hold Alt, then Click New Incoming Connection.

create a new incoming connection in windows 7

 

3.   Check which users will be allowed to use the connection; you can add a new user if you like.  Click Next to continue.

add a vpn user to your vpn host

 

4.   Check the box Through the Internet then Click Next.

image

 

5.   Select Internet Protocol Version 4 (TCP/IPv4) and then Click Properties.  In the Properties window Check the box to Allow callers to access my local area network, and Set Assign IP addresses automatically using DHCP.  Now return to the previous window and Click Allow access.

adjust internet protocal 4 properties and allow callers to access local area network

 

6.   Voila, the VPN host connection is now created!  We’re not done yet, though; now we need to make sure that the gateway firewall (router) on your network is routing the Internet PPTP traffic to your Windows 7 Box.

a new vpn connection in windows 7

 

7.   From your Internet browser Type in your Router Network Address.  This address is usually 192.168.1.1 or 192.168.0.1 by default on most home networks.  Once you’ve accessed your router interface, some routers have the option to enable PPTP passthrough as well as other VPN ports.  If this option isn’t available for your router, you can adjust this with port forwarding in the next step.

enable vpn passthrough on your router

 

8.   If your router doesn’t have a built-in VPN setting, you can manually open your PPTP VPN port.  Under Port Range Forwarding Create a New forwardSet the Start to 1723 and the End to 1723.  aSet the protocol to TCP and the IP Address to your local network IP address.

create a port forward for PPTP on port 1723

 

Once the firewall rules are setup, it will forward all VPN/PPTP traffic to your Windows 7 box.  From there, your remote computer will be able to access all the network devices on your home network (Other computers, servers, etc.)

 

One thing to note – as great as PPTP is, is most likely the easier way to access your home network however RDP is limited to remote control only so if you’re looking to copy files sitting on your home server/PC, using a Home VPN/PPTP is probably the best option.

More Reading:

, , ,

28 Responses to Setup a VPN – PPTP Host On Your Home Windows 7 PC [How-To]

  1. Izzmo December 28, 2009 at 1:05 pm #

    I think the title is a little misleading. I think it should be changed to “How to connect to a VPN using Windows 7” or something of that nature.

    You had me all excited, lol. I thought setting up a VPN was going to be simple.. too bad it's not 🙁

  2. grooveDexter December 28, 2009 at 3:59 pm #

    @Izzmo,
    This process actually is how you would set up a home computer as a local vpn host. Connecting to it however is different entirely and I'll have the article on that up within the next day or two.

  3. MrGroove December 29, 2009 at 9:53 am #

    Greetz!

    Dex is right below, this is the How-To for the Server side. Here's the client side of the VPN How-To. Dex just posted it – http://www.groovypost.com/howto/microsoft/setup

  4. TomaszJW October 27, 2010 at 4:43 pm #

    Nice manual. Thanks a lot grooveDexter!
    For those of you who faced error 720, you should set custom IP pool instead of DHCP in TCP/IP properties. In my case Win7 was not able to utilize DHCP from the router. After I put start/end IPs error 720 was gone and everything worked nicely.

    • Michael December 7, 2011 at 5:20 am #

      Nice one. I was getting this error but had followed the instructions to the letter.
      I will try this out.

    • Cody Ainge October 21, 2014 at 12:56 pm #

      TomaszJW you saved my bacon today, could not for the life of me figure out why our newly implemented PPTP Passthrough would not work. Used static IP on win 7 host and POW!….worked. Thank you my friend 🙂

  5. Mike November 30, 2010 at 12:14 am #

    After setting this up, how do I access my home server from remote?

    • Ian February 16, 2011 at 8:34 pm #

      You would need to set up the VPN client on the remote computer to access the WAN IP your router is using at the time (assuming that you don’t have a static IP purchased from you ISP). If this IP changes, then you would have to obtain the new IP address and input that as the IP your VPN client would connect to.

      • wasuiniu April 3, 2012 at 11:37 am #

        I have found a couple of solutions to be able to connect with my ip changing since it is not static. One way is to have your router send log emails daily so when it changes you can see from your email what the new ip is. the other way is to use Logmein and log into your system and look at the router and see what the new ip is. One problem with this is most routers are set to email on port 25 and services such as comcast gmail and yahoo use port 587 i have not figured a way around this yet. Any help would be appreciated. I thought about local email server then forward to gmail?
        Wasuiniu

        • Ian April 7, 2012 at 7:41 am #

          You could always go with the ddns option. Purchasing a cheap domain name from DynDNS.org or TZO.com would be cheaper than a static IP and you would then connect to your domain name rather than keeping up with your IP address, they would do it for you.

          • J2C October 3, 2012 at 2:34 pm #

            If I have a domain name already (registered and hosted at Godaddy), can I do something with a subdomain to get around having a dedicated IP address?

          • caseydavis November 3, 2012 at 6:51 am #

            Sure, use something like dyndns.org to keep your dynamic ip address set to a hostname. Then, you can use your own domain name and make a CNAME record to point to your dyndns address, which then points to your ip. so like home.yourname.com -> username.dyndns.org -> home

  6. alishahi May 6, 2011 at 3:11 am #

    send plz

  7. saeed November 19, 2011 at 10:55 am #

    vpn is very good

  8. JJ December 6, 2011 at 8:43 am #

    Could You please teach me how to do the same in a lion (osx) device.

  9. ahong January 12, 2012 at 12:29 am #

    很好的服务

  10. Mark February 11, 2012 at 9:19 am #

    These are great step-by-steps. However, what I need now is precisely what to put into the VPN settings of the client to connect to the host Windows 7 machine.

    • Breadwinner September 5, 2012 at 8:07 am #

      In the client computer go to network and sharing center. Click on setup a new connection or network. Choose connect to a workplace. Select use my internet connection(VPN). In the internet address type your lan’s ip. in the destination name give it any name. In the username and password type the name and password you gave that user in step who may connect to this computer and click connect. That’s it and you are done.

  11. Sean Christmann August 27, 2012 at 3:26 pm #

    Does anyone know how I can access the machine that is also hosting the vpn. For instance I have a vpn hosted on a windows 7 machine with an ip address of 192.168.0.101. When I connect to this vpn from a remote location, I’m unable to access the smb shares at 192.168.0.101, I can’t even ping this machine? I have been able to ping other machines on the LAN as well as access the router at 192.168.0.1

    • J2C October 3, 2012 at 2:27 pm #

      You need to get your WAN IP address. The 192.168.0.X addresses are your local LAN addresses (they are the same for virtually everyone with a home network.) Your router is assigning those addresses to every machine that is hooked to it. But your ISP assigns your router (or, your home network) a WAN address. It is this address that you need to be able to talk to your network from the internet.
      There are two possible ways to get this. First, log into your router. Sometimes on the home page or configuration page, you will see the WAN address. The sure fire method is to call tech support for your ISP and just ask them. 🙂 (Tech support lives for those calls.)
      I’m now about to make stuff up that I don’t know to be true. Unless you pay extra for a static IP address, I think it’s possible that your WAN address will change sometimes, kind of at the whim of your ISP. I don’t *know* this to be true, but I think it’s one of the advantages of having a dedicated IP address.
      (Looking forward to flaming from folks more intelligent than myself.)

      • Austin Krause November 3, 2012 at 9:53 am #

        Correct, you have to connect to the WAN address. 192.168.x.x is used by local networks only for computers behind a router..To get your WAN address the easiest way is to just visit http://www.whatismyip.com/

        Unfortunately, this address is subject to change unless you pay for a static IP every month. (Usually about $5 per IP) This is because the internet service provider recycles old IP’s and hands them out based on a leased period of time. There is another way around it using a dynamic dns, which is basically a software program installed on the host computer that automatically checks the IP address for changes and reroutes it to a domain name like mycoolioaustincomputer.dyndns.org – in which case you could just put that domain name in when connecting to the VPN and automatically be rerouted to the correct IP.

    • Paul Alexandrescu December 12, 2014 at 10:27 am #

      Sean,

      Have you found a solution to your problem?

  12. Breadwinner September 5, 2012 at 7:48 am #

    Wow man your method is completely amazing. Thanks

  13. J2C October 3, 2012 at 2:31 pm #

    How about tech tips for this. My I have a wireless modem (thanks to Clear) with a crappy firewall built in. Then I have a real router – Zyxel USG20W – with a full firewall. How do I set up port forwarding to get down to the actual Win7 machine?

  14. Esben Nordentoft January 10, 2013 at 8:58 am #

    I got my VPN running, and the setup guide was great, but i noticed that the vpn is limited to one client connection.. Is there any way that i can configure it to let in more clients? Another thing is that my VPN does not share my internet connection. Is ther any easy way for that?

    • Hi Esben, March 1, 2015 at 10:47 pm #

      Regarding “Another thing is that my VPN does not share my internet connection”, have you found out a solution to this ? Thanks!

  15. Mark April 13, 2013 at 1:09 pm #

    @Esben Dont know about multiple VPNs. If your using VPN you should already have an Internet Connection. Only way to share your faster home internet is through using Team Viewer application ,but someone has to be on other side to sync logins.

    • Evan December 16, 2014 at 2:24 pm #

      @Mark Or you could set up unattended access on the host/home computer. That’s how I log in when I need to access my computer while I’m away from home for an extended period of time. Just remember your email and password to log in.

Leave a Reply