Turn your Windows Home Server V1 in to a VPN server

Turn your Windows Home Server V1 in to a VPN server

I was looking on the Internet for an easy to follow guide to be able to setup a WHS to act as a VPN server. However the guide I found on a popular WHS website didn’t seem to work for me. So I did it a way I knew would work using Routing and Remote Access which is part of Windows Server 2003.

Why would you want to do this? If you are away from your home and you want full LAN access to your home network then VPN on WHS is ideal for this. I’m sure most of you will have used VPN’s to connect to your companies corporate networks before when you are remote working, its the same kind of deal.

To setup your WHS as a VPN server you can follow these steps.

Remotely connect to your WHS using RDP.

To use Routing and Remote Access you first need to disable the Windows Firewall/Internet Connection Sharing (ICS) service.

Go to the Start Menu –> Run and enter Services.msc then press OK.

Scroll down and find Windows Firewall/Internet Connection Sharing (ICS) right click it and select services. Stop the service then set the startup type to disabled on the General tab.

WHS-VPN1[1]

Now open Routing and Remote Access

Start –> All Programs -> Administrative Tools -> Routing and Remote Access.

Right click the server name and select Configure and Enable Routing and Remote Access

WHS-VPN3[1]

You will then see the Setup Wizard, click Next.

WHS-VPN4[1]

 

 

 

 

 

 

 

 

 

 

 

 

 

Select Custom Configuration and click Next.

WHS-VPN5[1]

Select VPN Access and click Next

WHS-VPN6[1]

Click Finish

WHS-VPN7[1]

Click Yes to start the Routing and Remote Access service.

WHS-VPN8[1]

WHS-VPN9[1]

Now we have to tell Routing and Remote Access which device on our network is doing DHCP?

Expand IP Routing and right click DHCP Relay Agent and click Properties.

Enter the IP address of your DHCP service. Normally your broadband router / gateway. In my case this is 192.168.1.1

Click OK.

WHS-VPN2[1]

Now we need to specify which users on the WHS will have VPN access. Go to the Start Menu and right click Computer and select Manage.

In the Computer Management console, select the Local Users and Groups and then Users from tree on the left.

WHS-VPN10[1]

On the right hand side right click the user account you want to enable for VPN access and select Properties.

On the Dial-in tab select Allow access under Remote Access Permission (Dial-in or VPN) and click OK.

WHS-VPN11[1]

You now need to configure your router to allow inbound the VPN ports to your WHS.

These ports are:

  • 1723 TCP
  • 47 TCP

How you do this will depend on the make and model of your broadband router. But basically we need to use NAT to port forward requests coming from the Internet (WAN) to the Windows Home Server on the LAN.

My test router was a D-Link DSL-2542B and I had to select Advanced Setup –> NAT

Its also sometimes called Virtual Server on some routers.

You might be able to see on this screen shot that I have TCP ports 1723 and 47 port forwarded to the internal IP of the WHS which is our case is 192.168.1.6

WHS-VPN12[1]

That’s it, you just need to setup a Windows Client VPN connection on your PC or Laptop and point it to the WHS domain name for your server and login with the user account you enabled for VPN access earlier.

Windows 7 PPTP Client VPN connection.

WHS-VPN13[1]

Clubhouse Tags: Clubhouse , WHS , VPN
Share

13 thoughts on “Turn your Windows Home Server V1 in to a VPN server

  1. The screenshots don’t show up for me in IE9 in compatibility mode. What’s broken? My browser or your web page? If the problem is on your side I’d appreciate being able to see the screen shots if you still have them.

    Thanks

  2. Will this process allow connections to other devices on my network or simply the WHS? I have a Home Automation controller that I want to access on my network which is why I’m asking. I have followed the instructions and added the details to my iphone and it appears I am connected but when I run my HA app it can’t connect although in theory it is supposed to. My router doesn’t have its own VPN which is why this option seems like a perfect solution.

    1. >>Will this process allow connections to other devices on my network or simply the WHS? I have a Home Automation controller that I want to access on my network which is why I’m asking. I have followed the instructions and added the details to my iphone and it appears I am connected but when I run my HA app it can’t connect although in theory it is supposed to. My router doesn’t have its own VPN which is why this option seems like a perfect solution.<<

      Jay,
      Did you make this work for you? I have similar situation. I want to control Home Automation when I am away from home using iPhone. The software that I use on iPhone require VPN connection. I have WHS and router without VPN. Would be interested to konw how you solve your issue.

      sjmjnk

  3. I can’t comment on VPN connections made from an iPhone as I’ve never tried
    It however a VPN connection should give you internal access to your whole LAN and not
    Just the whs box. Can you try pinging other internal local LAN ip addresses?

  4. You still have to connect each computer to the WHS VPN manually? Why not just connect each directly to the VPN manually? I don’t get the benefit of this. My router maintains a constant connection to my VPN that applies to all network devices automatically. Can a WHS be set up this way?

  5. @Dude

    This is so you can connect a remote client pc to your entire home LAN via a VPN connection.

    It’s for inbound VPN connections to your home LAN. Not outbound VPN connections to someone else’s VPN server.

  6. I can’t access the internet on the client PC once I have dialed into the VPN. Switching on split tunneling doesn’t work. Any solution?

  7. Off the top of my head, I remember when setting up client VPN connections there use to be an option some where to tell the client not to use the remote Internet gateway, the client will then use it’s own gateway for Internet traffic but still be connected to the LAN where the WHS VPN server is.

  8. I was using this guide to connect my blackberry playbook to our home network. I have managed to connect windows 7 machines to my home network, but not the playbook yet. It asks for extra settings. I have it set to:
    Gateway type – microsoft IKEv2 VPN Server
    Authentication Type – EAP-MSCHAPv2
    Authentication ID Type – Identity Certificate General Name
    MSCHAPv2 EAP Identity – blank (i don’t know what to put here)

    Would these be the correct settings, following this guide to create the VPN? And if so, what do I put in for the MSCHAPv2 EAP Identity? Thanks

Leave a Reply

Your email address will not be published. Required fields are marked *