Setup a VPN – PPTP Host On Your Home Windows 7 PC [How-To]
Years and years ago before VPN (Virtual Private Network) Services became a common term for the corporate workforce, Microsoft created PPTP (Point to Point Tunneling Protocol.) Like VPN, PPTP allows you to securely connect to remote networks such as your home network or your friend’s/parent’s PCs (in the event they need some tech support.)
Additionally, the beautiful thing about Microsoft PPTP is you don’t need $10k of dedicated VPN hardware or a Network Admin to set it up. All you need is a Windows 7 PC and 3 minutes to read this groovy How-To Tutorial!
How To Set Up A Home VPN / PPTP Host Using Windows 7
1. Click the Windows Start Orb and Type network connections into the search bar. Then Click the Network Connections link.
2. In the Network Connections window if the File menu isn’t available Hold Alt, then Click New Incoming Connection.
3. Check which users will be allowed to use the connection; you can add a new user if you like. Click Next to continue.
4. Check the box Through the Internet then click Next.
5. Select Internet Protocol Version 4 (TCP/IPv4) and then Click Properties. In the Properties window Check the box to Allow callers to access my local area network, and Set Assign IP addresses automatically using DHCP. Now return to the previous window and click Allow access.
6. Voila, the VPN host connection is now created! We’re not done yet, though; now we need to make sure that the gateway firewall (router) on your network is routing the Internet PPTP traffic to your Windows 7 Box.
7. From your Internet browser Type in your Router Network Address. This address is usually 192.168.1.1 or 192.168.0.1 by default on most home networks. Once you’ve accessed your router interface, some routers have the option to enable PPTP passthrough as well as other VPN ports. If this option isn’t available for your router, you can adjust this with port forwarding in the next step.
8. If your router doesn’t have a built-in VPN setting, you can manually open your PPTP VPN port. Under Port Range Forwarding Create a New forward. Set the Start to 1723 and the End to 1723. aSet the protocol to TCP and the IP Address to your local network IP address.
Once the firewall rules are set up, it will forward all VPN/PPTP traffic to your Windows 7 box. From there, your remote computer will be able to access all the network devices on your home network (Other computers, servers, etc.)
One thing to note – as great as PPTP is, RDP is most likely the easier way to access your home network however RDP is limited to remote control only so if you’re looking to copy files sitting on your home server/PC, using a Home VPN/PPTP is probably the best option.
29 Comments
Leave a Reply
Leave a Reply
Izzmo
I think the title is a little misleading. I think it should be changed to “How to connect to a VPN using Windows 7” or something of that nature.
You had me all excited, lol. I thought setting up a VPN was going to be simple.. too bad it's not :(
grooveDexter
@Izzmo,
This process actually is how you would set up a home computer as a local vpn host. Connecting to it however is different entirely and I'll have the article on that up within the next day or two.
MrGroove
Greetz!
Dex is right below, this is the How-To for the Server side. Here's the client side of the VPN How-To. Dex just posted it – https://www.groovypost.com/howto/microsoft/setup…
TomaszJW
Nice manual. Thanks a lot grooveDexter!
For those of you who faced error 720, you should set custom IP pool instead of DHCP in TCP/IP properties. In my case Win7 was not able to utilize DHCP from the router. After I put start/end IPs error 720 was gone and everything worked nicely.
Michael
Nice one. I was getting this error but had followed the instructions to the letter.
I will try this out.
Cody Ainge
TomaszJW you saved my bacon today, could not for the life of me figure out why our newly implemented PPTP Passthrough would not work. Used static IP on win 7 host and POW!….worked. Thank you my friend :)
Mike
After setting this up, how do I access my home server from remote?
Ian
You would need to set up the VPN client on the remote computer to access the WAN IP your router is using at the time (assuming that you don’t have a static IP purchased from you ISP). If this IP changes, then you would have to obtain the new IP address and input that as the IP your VPN client would connect to.
wasuiniu
I have found a couple of solutions to be able to connect with my ip changing since it is not static. One way is to have your router send log emails daily so when it changes you can see from your email what the new ip is. the other way is to use Logmein and log into your system and look at the router and see what the new ip is. One problem with this is most routers are set to email on port 25 and services such as comcast gmail and yahoo use port 587 i have not figured a way around this yet. Any help would be appreciated. I thought about local email server then forward to gmail?
Wasuiniu
Ian
You could always go with the ddns option. Purchasing a cheap domain name from DynDNS.org or TZO.com would be cheaper than a static IP and you would then connect to your domain name rather than keeping up with your IP address, they would do it for you.
J2C
If I have a domain name already (registered and hosted at Godaddy), can I do something with a subdomain to get around having a dedicated IP address?
caseydavis
Sure, use something like dyndns.org to keep your dynamic ip address set to a hostname. Then, you can use your own domain name and make a CNAME record to point to your dyndns address, which then points to your ip. so like home.yourname.com -> username.dyndns.org -> home
alishahi
send plz
saeed
vpn is very good
JJ
Could You please teach me how to do the same in a lion (osx) device.
ahong
很好的服务
Mark
These are great step-by-steps. However, what I need now is precisely what to put into the VPN settings of the client to connect to the host Windows 7 machine.
Breadwinner
In the client computer go to network and sharing center. Click on setup a new connection or network. Choose connect to a workplace. Select use my internet connection(VPN). In the internet address type your lan’s ip. in the destination name give it any name. In the username and password type the name and password you gave that user in step who may connect to this computer and click connect. That’s it and you are done.
Sean Christmann
Does anyone know how I can access the machine that is also hosting the vpn. For instance I have a vpn hosted on a windows 7 machine with an ip address of 192.168.0.101. When I connect to this vpn from a remote location, I’m unable to access the smb shares at 192.168.0.101, I can’t even ping this machine? I have been able to ping other machines on the LAN as well as access the router at 192.168.0.1
J2C
You need to get your WAN IP address. The 192.168.0.X addresses are your local LAN addresses (they are the same for virtually everyone with a home network.) Your router is assigning those addresses to every machine that is hooked to it. But your ISP assigns your router (or, your home network) a WAN address. It is this address that you need to be able to talk to your network from the internet.
There are two possible ways to get this. First, log into your router. Sometimes on the home page or configuration page, you will see the WAN address. The sure fire method is to call tech support for your ISP and just ask them. :) (Tech support lives for those calls.)
I’m now about to make stuff up that I don’t know to be true. Unless you pay extra for a static IP address, I think it’s possible that your WAN address will change sometimes, kind of at the whim of your ISP. I don’t *know* this to be true, but I think it’s one of the advantages of having a dedicated IP address.
(Looking forward to flaming from folks more intelligent than myself.)
Austin Krause
Correct, you have to connect to the WAN address. 192.168.x.x is used by local networks only for computers behind a router..To get your WAN address the easiest way is to just visit http://www.whatismyip.com/
Unfortunately, this address is subject to change unless you pay for a static IP every month. (Usually about $5 per IP) This is because the internet service provider recycles old IP’s and hands them out based on a leased period of time. There is another way around it using a dynamic dns, which is basically a software program installed on the host computer that automatically checks the IP address for changes and reroutes it to a domain name like mycoolioaustincomputer.dyndns.org – in which case you could just put that domain name in when connecting to the VPN and automatically be rerouted to the correct IP.
Paul Alexandrescu
Sean,
Have you found a solution to your problem?
Breadwinner
Wow man your method is completely amazing. Thanks
J2C
How about tech tips for this. My I have a wireless modem (thanks to Clear) with a crappy firewall built in. Then I have a real router – Zyxel USG20W – with a full firewall. How do I set up port forwarding to get down to the actual Win7 machine?
Esben Nordentoft
I got my VPN running, and the setup guide was great, but i noticed that the vpn is limited to one client connection.. Is there any way that i can configure it to let in more clients? Another thing is that my VPN does not share my internet connection. Is ther any easy way for that?
Hi Esben,
Regarding “Another thing is that my VPN does not share my internet connection”, have you found out a solution to this ? Thanks!
Leon
I have the same problem, Imagine that my clinet/workplace PC only has the permition to connect to my host/home VPN server, how can I get my client PC to access the Internet through the VPN connection.
Mark
@Esben Dont know about multiple VPNs. If your using VPN you should already have an Internet Connection. Only way to share your faster home internet is through using Team Viewer application ,but someone has to be on other side to sync logins.
Evan
@Mark Or you could set up unattended access on the host/home computer. That’s how I log in when I need to access my computer while I’m away from home for an extended period of time. Just remember your email and password to log in.