Jump to content



Photo

set up my own vpn?


  • Please log in to reply
10 replies to this topic

#1 capr

capr

    Neowinian Senior

  • Joined: 01-July 05

Posted 28 July 2013 - 07:03

Hey, so I travel for work a lot and other countries don't' have netflix hulu access. I have a 100/100 connection in the us and would like to use my homeserver as a VPN end point? 

 

I have been googleing but all the vpn solutions seem to be related to me paying some monthly fee. I don't' really need it that often to go for those solutions and rather learn something new. 

 

How do I go about this? Most I know about free VPN is hamachi. 

 




#2 The Dark Knight

The Dark Knight

    Neowinian Senior

  • Joined: 06-June 04
  • OS: Windows 8 Pro x64
  • Phone: Nexus 4

Posted 28 July 2013 - 07:13

Very simple, just setup OpenVPN Access Server in a virtual machine. It shouldn't take you more than 15 minutes to have it up and running. And it is completely free, you will only be paying what you already pay for your internet. :)

 

http://openvpn.net/i...nvpn-as-vm.html



#3 UseLess

UseLess

    Neowinian

  • Tech Issues Solved: 1
  • Joined: 24-July 04
  • Location: Australia, West Coast

Posted 28 July 2013 - 07:39

Windows 7 can create an incoming VPN itself - http://www.sevenforu...onnections.html

 

I find this option to be easier, couple of clicks, and it'll use the internal user account andbe all peachy =)

 

The "hardest" part is your firewall/router/modem. Some do and some don't support incoming VPN connections (GRE Protocol 47 for PPTP VPNs). Mine for example, Netgear DGND3300 only allows ONE incoming connection, which would be enough for you :) (on a side note, if I am given the choice, I only get TP-Link gear =P)



#4 The Dark Knight

The Dark Knight

    Neowinian Senior

  • Joined: 06-June 04
  • OS: Windows 8 Pro x64
  • Phone: Nexus 4

Posted 28 July 2013 - 07:58

Using the VPN feature built-in to Windows is easier no doubt, but there is a chance Netflix and Hulu might detect it as a VPN and suspend or ban the account altogether due to to PPTP being inherently insecure. It may be fine also, I am no expert on networking. We need someone like BudMan to clarify this.



#5 The_Decryptor

The_Decryptor

    STEAL THE DECLARATION OF INDEPENDENCE

  • Tech Issues Solved: 4
  • Joined: 28-September 02
  • Location: Sol System
  • OS: iSymbian 9.2 SP24.8 Mars Bar

Posted 28 July 2013 - 08:13

...
The "hardest" part is your firewall/router/modem. Some do and some don't support incoming VPN connections (GRE Protocol 47 for PPTP VPNs). Mine for example, Netgear DGND3300 only allows ONE incoming connection, which would be enough for you :) (on a side note, if I am given the choice, I only get TP-Link gear =P)


I've never understood this, everything I can find on VPN passthrough makes it seem like a fancy name for a port forwarding/firewall rule, any router should be able to do it easily.

#6 UseLess

UseLess

    Neowinian

  • Tech Issues Solved: 1
  • Joined: 24-July 04
  • Location: Australia, West Coast

Posted 28 July 2013 - 08:33

Ah, TDK may have a point, I am not sure about the RULES of netflix/hulu about using a VPN - didn't think about that. While a PPTP VPN isn't as great as SSTP, I don't believe you can detect the IP of the originator if they go through a VPN? As TDK said...need a network guru to make a (more) final call =P

 

The_Decryptor, the "port" that PPTP VPNs use for initiating a connection is GRE Protocol 47. This sits outside of TCP/UDP and therefore can't be forwarded by the normal firewall rules on most routers. Some routers are unable to forward this traffic (over NAT) while some others can. My Netgear DGND3300 can only handle one connection, I had a D-Link that couldn't do any, and the TP-Link I installed at work can handle multiple.



#7 The_Decryptor

The_Decryptor

    STEAL THE DECLARATION OF INDEPENDENCE

  • Tech Issues Solved: 4
  • Joined: 28-September 02
  • Location: Sol System
  • OS: iSymbian 9.2 SP24.8 Mars Bar

Posted 28 July 2013 - 09:02

They wouldn't be able to detect you're using a VPN, since the traffic is being unencapsulated by the VPN server and then handled as normal, worst you'll get is a lower MTU.

Interesting to know about GRE though, I just assumed it'd use UDP or something. Still kinda strange to have a firewall/NAT that can only handle UDP/TCP though. My router's a normal Linux box, so it's a non-issue there, I've run non UDP/TCP traffic for years.

#8 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 90
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 28 July 2013 - 14:15

Yes depending on your flavor of windows - you can allow for incoming vpn. PPTP would not be a good choice if you ask me, for starters its not always going to be open from where your at.. Since it uses both tcp 1723 to start the connection and then brings up a GRE tunnel "protocol 47"

So depending on where your at, and the router features your box is behind - this might or might not work for you. AFIK there is no way to change the server type from pptp to say SSTP on non server version of windows. If you have server version of windows then sure you could use SSTP, now your tunnel is over a SSL connection port 443.. It can be forwarded on any router, simple port forward. If where your at has internet, its unlikely they don't allow outbound on 443, etc.

With ssl based, its even possible to bounce your tunnel off a proxy if where your at requires you to use a proxy, like work for example.

A dark knight mentioned -- you can just run a openvpn as appliance via VM and would have a vpn setup in minutes. That you can run on just 443 tcp which is much easier to work with.

#9 TPreston

TPreston

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 18-July 12
  • Location: Ireland
  • OS: Windows 8.1 Enterprise & Server 2012R2/08R2 Datacenter
  • Phone: Nokia Lumia 1520

Posted 28 July 2013 - 15:43

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SstpSvc\Parameters]
"NoCertRevocationCheck"=dword:00000001

SSTP FTW (L2TP over SSL 3 port 443) Its fairly easy to setup and you don't need to bother with a CRL if you use this registry entry ^

 

You also don't need any software like ciscos vpn client any version of windows since vista sp2 will work

 

 



#10 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 90
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 28 July 2013 - 15:45

^ So windows 7 can run a SSTP server? or Do you need server version - I thought desktop versions only can do PPTP?

It can connect to - but I am fairly sure you can only allow incoming PPTP on desktop versions of windows?

#11 TPreston

TPreston

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 18-July 12
  • Location: Ireland
  • OS: Windows 8.1 Enterprise & Server 2012R2/08R2 Datacenter
  • Phone: Nokia Lumia 1520

Posted 28 July 2013 - 16:13

No it needs RRAS or TMG which only run on Server operating systems. The clients can be vista sp2 and up