How to set up your own VPN server. How to create your own VPN server

Recently, methods of accessing the Internet through VPN networks have become increasingly popular. This allows you to maintain maximum confidentiality, as well as visit web resources blocked for various reasons by providers. Let's see what methods you can use to set up a VPN on a computer running Windows 7.

Setting up a VPN in Windows 7, like most other tasks in this OS, is carried out using two groups of methods: by using third-party applications and using only the internal functionality of the system. Next, we will consider in detail these methods for solving the problem.

Method 1: Third Party Programs

Let's look at the algorithm right away VPN settings using third party applications. We will do this using the example of the popular Windscribe software. This program good because, unlike other free analogues, it can provide quite quality level connections. But the limit of transmitted and received data is limited to 2 GB for anonymous users and 10 GB for those who indicated their email.

1. After downloading, run the program installer. In the window that opens, you will be offered two installation options:
   • Express installation;
   • Selective.



2. The installation procedure will start.



3. After its completion, the corresponding entry will be displayed in the installer window. If you want the application to launch immediately after closing the window, leave a checkmark in the checkbox "Launch Windscribe". Then click "Complete".



4. Next, a window will open asking if you have a Windscribe account. If this is your first time installing this program, then click "No".



5. The browser that is assigned by default in the OS will launch. It will open the official Windscribe website in the registration section.

   In field "Choose Username" enter the desired account. It must be unique in the system. If you choose a non-unique login, you will have to change it. You can also generate it automatically by clicking on the icon in the form of arrows forming a circle on the right.

   Into the fields "Choose Password" And "Password Again" enter the same password that you created. Unlike a login, it does not have to be unique, but it is advisable to make it reliable, using generally accepted rules for composing such code expressions. For example, combine letters in different cases and numbers.

   In field "Email (Optional)" enter your address Email. This is not necessary, but if this field is filled in, you will receive as much as 10 GB of Internet traffic instead of the basic 2 GB.

   Once everything is filled in, click "Create Free Account".



6. Then go to your email inbox, find the email from Windscribe and sign in. Inside the letter, click on the element in the form of a button "Confirm Email". By doing this, you will confirm your email and receive an additional 8 GB of traffic.



7. Now close your browser. Most likely, you will already be logged into Windscribe using the current account you just registered. But if this is not so, then in the window with the inscription "You already have an account" click "Yes". In the new window, enter your registration data: login and password. Next click "Entrance".



8. A small Windscribe window will open. To start the VPN, click on the large round button on the right side of it.



9. After a short period of time during which activation is carried out, the VPN will be connected.



10. By default, the program selects the best location with the most stable connection. But you can choose any other affordable option. To do this, click on the element "Connected".



11. A list will open with a list of locations. Those marked with an asterisk are only available for a paid premium account. Select the name of the region of the country through the IP of which you want to present yourself on the Internet.



12. A list of settlements will open. Select your desired city.



13. After this, the VPN will be reconnected to your chosen location and the IP will be changed. You can easily see this right in the main window of the program.

As you can see, the procedure for setting up a VPN and changing the IP address using the Windscribe program is quite simple and convenient, and specifying your email during registration allows you to increase the amount of free traffic several times.

Method 2: Built-in functionality of Windows 7

You can also set up a VPN using exclusively the built-in tools of Windows 7, without installation third party software. But to implement this method, you must be registered on one of the services that provide access services for the specified type of connection.

1. Click "Start" followed by transition to "Control Panel".



2. Click "Network and Internet".



3. Open the directory "Control center…".



4. Go to “Setting up a new connection...”.



5. Displayed "Connection Wizard". Select the option that involves solving the problem by connecting to the workplace. Click "Further".



6. Then a window for selecting a connection method opens. Click on the element that suggests your connection.



7. In the window that appears in the field "Internet address" Enter the address of the service through which the connection will be made, and where you registered in advance. Field "Destination name" determines what this connection will be called on your computer. You don’t have to change it, but you can replace it with any option convenient for you. Check the checkbox below "Don't connect now...". After that click "Further".



8. In field "User" Enter the login for the service you are registered with. In the form "Password" enter the login code and click "Create".



9. The next window will display information that the connection is ready for use. Click "Close".



10. Back at the window "Control Center", click on the element on the left side "Change settings…".



11. A list of all connections created on the PC will be displayed. Find a VPN connection. Right-click on it ( RMB) and select "Properties".



12. In the shell that appears, move to the tab "Options".



13. Uncheck the checkbox here "Enable domain...". It should be checked in all other checkboxes. Click "PPP Settings...".



14. In the window interface that appears, uncheck all checkboxes and click "OK".



15. After returning to the main connection properties window, move to the section "Safety".



16. From the list "VPN Type" stop by position "Tunnel Protocol...". From the dropdown list "Data Encryption" select an option "Optional...". Also uncheck the checkbox "Microsoft CHAP Protocol...". Leave other parameters in default state. After completing these steps, click "OK".



17. A dialog box will open warning you that if you use the PAP and CHAP protocols, encryption will not occur. We indicated universal settings VPNs that will work even if the service providing the corresponding service does not support encryption. But if this is critical for you, then register only with the external service that supports the specified function. In the same window, click "OK".



18. Now you can start a VPN connection by simply left-clicking on the corresponding item in the list of network connections. But every time go to this directory will be inconvenient, and therefore it makes sense to create a launch icon on "Desktop". Click RMB by VPN connection name. From the list that appears, select "Create shortcut".



19. A dialog box will prompt you to move the icon to "Desktop". Click "Yes".



20. To start the connection, open "Desktop" and click on the icon you created earlier.



21. In field "Username" Enter the login of the VPN service, which you already entered at the stage of creating the connection. In field "Password" Enter the appropriate code expression to enter. To always avoid having to enter the specified data, you can check the checkbox "Save username...". To start the connection, click "Connection".



22. After the connection procedure, the network location settings window will open. Select a position in it "Public Network".



23. The connection will be completed. Now you can send and receive data over the Internet using a VPN.

You can set up a network connection via VPN in Windows 7 using third party programs or using only the functionality of the system. In the first case, you will definitely need to download the application, but the actual settings procedure will be as simple as possible; you will not have to look for any proxy services that provide the corresponding services. When using built-in tools, you do not need to download anything, but you will need to first find and register on special VPN service. In addition, you will still need to perform a number of settings, which are much more complicated than when using the software method. So you need to choose for yourself which option suits you best.

Greetings! And straight to the point. What is a VPN server for? It is mainly used to change the IP address and your country in order to bypass various site blocking at work and at home. In addition, a VPN connection helps to encrypt the traffic and thus ensures the security of the transmitted data.

For example, using public wifi, all data transmitted through the network can be “hijacked”. Theoretically, these could be any files, but usually they steal passwords from wallets, mail, Skype, and anything else. In this article we will configure own VPN server, it is not difficult. Despite the volume of the text, the main action occupies a small part, and the rest is buns. The article also contains a video.

There are a lot of small ones on the Internet, from free to very paid ones. Disadvantages of free VPN services:

• limited in speed
• instability (everything is fine, then it’s terribly slow)
• traffic restrictions (up to several Gigabytes per month)
• Free period restrictions
• periodically you need to look for other services
• It’s not a fact that the transmitted data will be safe; you shouldn’t hope for anonymity at all, I would say.

Disadvantages of paid ones:

• the desired country or city is not always available
• hackneyed IP addresses (used by hundreds of clients), also applies to free ones
• there is simply a scam without a refund, for example, the traffic is not unlimited, some servers do not work or are too slow

There are also advantages of VPN services - ease of use and relative cheapness.

Own VPN server on VPS/VDS hosting

So, if you need a specific country or city, or you need a lot of traffic that VPN services do not provide, or a guarantee of security, then it makes sense to bother setting up a personal VPN server. Typically this requires in-depth knowledge system administration servers. But I tried to explain everything simply so that even a teapot could understand it)

This method also has disadvantages:

• there is only one IP address to which you can “transfer”, but there are additional ones for a fee
• non-trivial setup for the first time
• paid

Read to the end, and I will show you how to use your VPS server to bypass blocks without setting up a VPN on it.

What is a VPS/VDS server?

There are countless hosting providers on the Internet. All of them allow you to host your websites with them. The most popular service- This virtual hosting. A more advanced one is a dedicated virtual server - VPS (VDS is the same thing). On a VPS you can host websites, set up a VPN server, mail server, game server - whatever!

You need to know that VPS servers come in several types: OpenVZ, Xen and KVM. For the VPN server to work you need KVM. The server type is indicated in the hosting plans. OpenVZ and Xen are also sometimes suitable, but you need to write to the hosting technical support and ask if the “TUN” module is connected. Without going into details about what it is for, just asking. If not, can they enable it. It also doesn't hurt to ask if the VPN itself will work (even on KVM), because... some companies cover this possibility. Oh yes, operating system servers – Debian, Ubuntu or CentOS (generally Linux-like). Server power doesn't matter.

Setting up a VPN server

I have a KVM VPS server at my disposal. Everything works here right away, you don’t need to write anywhere.

• When ordering a service, you can choose the simplest tariff plan “Micro”
• All sites open even on servers in Russia
• There is a free trial period of 7 days
• Technical support helps
• For my visitors, when you enter the promotional code: itlike60 - you will receive a real 60% discount on your first payment.

“Hostname” enter any or the name of your site (if you will in the future). “OS Template” select “Ubuntu 14.04 64bit” or any of Ubuntu, Debian, CentOS:

The operating system can then be changed if suddenly something does not work out.

After payment, you will receive an email with login details for the control panel and a Root password for setting up the server. And also the IP address of the server, and this will be your IP address when we install a VPN and connect to it from a computer

Click the “Manage” button and get into the administration window:

We don't need to touch anything here. The only thing that may be needed is to reinstall the operating system - the “Reinstall” button, more on that later.

Now we need to connect to the server to send commands to it. For this we will use free program Putty.

Unpack the archive with the program and run the file

putty.org.ru\PuTTY PORTABLE\ PuTTY_portable.exe

In the “Host Name” field we paste the IP address of the server that came in the letter, you can also copy it from the control panel:

and click “Connect”. If a window like this pops up, then click “Yes”:

A black console window should appear in front of us ( command line). This is where we will give commands. But first you need to log in. To do this, enter “root” in the “login” field

Then copy the root password from the letter and paste it into the “password” field. To paste here from the clipboard, you just need to right-click once on the console window. However, the password is not printed on the screen, it feels like nothing happened. Everything is fine, press “Enter”. Lines with information about the system should appear. If you wrote some error, check everything again. Also, the console will not wait long while you look for the root password. If by that time an error occurs, then launch Putty again.

Installing and running the main script

We are already at the finish line in setting up our own VPN server. There are many instructions on the Internet on how to install a server, but they all require knowledge system administrator, because small nuances are overlooked. To the delight of all dummies, there is a universal script “OpenVPN road warrior” that will do all the work itself. We only need to give the command to download and run it.

So, copy this line and paste it into the console window with the right button and press “Enter”:

wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh

All sorts of lines will flash through and, if the script has been successfully downloaded and launched, a dialogue with us will begin with the VPN server setup wizard:

The script finds the expected value for each parameter and offers to agree with it, i.e. Press “Enter” or enter your value.

1. The first parameter is "IP address". The script should offer the same IP of the VPS server. This should be the case in 99.9% of cases, but if for some reason this is not the case, then correct it to the correct address.
2. Second - protocol UDP or TCP. Leave the default UDP.
3. Go ahead, "Port: 1194"- we agree.
4. "What DNS do you want to use with the VPN?"— select “Google”, i.e. Enter the number “2” instead of one, Enter. If Google is blocked, then we leave it as default.
5. "Client name"- Username. You can create access for different users. By default “client” - we agree.
6. "Press any key..."— press “Enter” and wait a few minutes until everything is installed and configured.

In general, the creation of a VPN server is now complete, it’s time to reap the benefits. During the installation process, the script created a file with settings for our computer. In order for us to use the server, this file must be downloaded. To do this, insert into the command line:

cat ~/client.ovpn

The contents of the “client.ovpn” file will be displayed on the screen. Now you need to carefully copy it to the clipboard. Scroll up until you enter the command, select with the mouse all the lines except the very last one (for new commands), i.e. the last highlighted line will be “ " To copy the selection to the clipboard, press “Ctrl-V”.

Now on a computer in Windows 7/8/10, open Notepad and paste the copied text into it. Save the file on your desktop under the name “client.ovpn”.

If you plan to give access to the server to other people, then it is better to create for them separate files, for example vasya.ovpn. To do this, simply run the script again and now select the 1st item - creating a new user.

Client installation for Windows 7/8/10/XP and Android

Congratulations, we are at the finish line! Now all that remains is to install a free program that will connect to our VPN server. It's called "OpenVPN".

Download the version for Windows and install it, no need to run it.

If during the installation process all sorts of windows pop up, we agree with everything.

To connect to the server, right-click on the “client.ovpn” file on the desktop and select “Start OpenVPN on this config file”:

A black window will appear indicating the connection initialization process. If everything went well, then the last line should be something like:

A window may also pop up asking you what type of new network to use, then select “Public Network”.

You can check, go to the website 2ip.ru and look at your IP, it must match the IP of the VPS server:

The server console window can now be safely closed. And to close the VPN connection and return the old IP, you need to close the OpenVPN window.

To connect next time, just right-click the “client.ovpn” file from the desktop; you don’t need to do anything else.

With phone It’s even simpler, you need to install the OpenVPN application through the playmarket, download the client.ovpn file into memory, select it in the application and connect to our VPN server.

What if something went wrong

If you feel that because of your mistake, everything is now going wrong, then you can reinstall the operating system on the hosting. To do this, click “Reinstall” in the control panel (see screenshot of the panel) and select a new operating system (or the same one):

Press the “Reinstall” button and wait 10 minutes. A new Root password will also be issued, do not lose it!

Connection errors

Most problems arise at the stage of connecting to the server in the OpenVPN program, especially in Windows 8/10. The black window may contain errors, for example:

• FlushIpNetTable failed on interface
• All TAP-Win32 adapters on this system are currently in use
• CreateFile failed on TAP device
• DNS failed..

In this case, the first thing to do is to give the program administrator rights and, accordingly, log into the system with administrator rights. Let's go to "C:\Program Files\OpenVPN\bin\", right-click on the file openvpn.exe -> properties. On the “Compatibility” tab, check the “Run this program as an administrator” checkbox. Now everything should work.

More treatment options:

• remove the program and reinstall as administrator
• disable the “Routing and Remote Access” service via “Control Panel -> Administration -> Services”
• try reinstalling from or here
• remove all VPN programs and gadgets from other paid and free services

You can find out whether the problem is with your computer or laptop if you install the OpenVPN application on your phone or tablet through the play market, upload the client.ovpn file to it and connect to our VPN server. If this doesn’t work, then you need to look for the reason on the server and write to support.

If everything works, the sites are stuck and open intermittently

Pay attention to the messages in the black window to see if there are repeated lines “read from TUN/TAP ... (code=234)”

and also to the message somewhere in the middle “WARNING: ‘tun-mtu’ is used inconsistently, local...”:

In this case, open the client.ovpn file in Notepad and in the new very first line write:

tun-mtu ‘server value’

server value is the number indicated at the end of the line in the text “remote=’tun-mtu 1500′”. Substitute your meaning! In the end it should look like this:

This is done because for some reason the MTU value on the computer and on the VPS server are different. We leave the .ovpn file for the smartphone untouched!

We allow traffic through a proxy without any settings at all

You can use our VPS/VDS server as a Proxy Server. To do this, we do everything as before until we click the “Connect” button in the Putty program. There is no need to open the console and run the script. Go to the “SSH->Tunnel” tab, set Source Port: 3128

Oops, I finished the article later, here I have Putty in English, but the essence is the same.

If it writes the error “You need to specify a destination address in the form host.name:port”, then switch to “Dynamic” instead of “Local”.

On the “Connection” tab, in the “Seconds between keepalives...” field, set it to 100 seconds, this is necessary so that the connection does not break due to downtime. Now let’s connect - click “Open” and enter your login/password. Next, go to the network settings in the browser and register the proxy server there. In chrome it's “Settings->Search for settings->write ‘proxy’->Proxy server settings.” We do everything as in the screenshot:

Now all sites will work through our server, but only in the browser and some programs. Other programs will not see the proxy and will work directly. In each program, in the connection settings, if provided, you need to specify the address, port and proxy type: Socks4/5. Or install OpenVPN and don't use a proxy.

How to allow only certain sites through a proxy

Install the extension for Google Chrome or Mozilla Firefox, called . In the settings you need to add our proxy server:

On the “URL Patterns” tab we add masks for sites that should be opened through our server. The site mask is its name with asterisks on the sides.

That's it, now the added site will go through a proxy, and all others will go directly. If you click on the extension icon, you can choose to allow all sites through it or none at all.

Shortcut for automatic connection

You can connect Putty to a proxy with one click. To do this, before connecting, you need to enter the server login in the “Connection->Data” section, the one that usually root

Now you need to create a shortcut on the desktop in which you specify the following parameters:

“C:\Program Files\PuTTY\putty.exe” -load myvpn -pw server_password

Where myvpn is the name of the saved session. That's it, there is only one detail left - remove the Putty window from the taskbar to the system tray. You need to download a modification of the utility and replace the exe file. Now in the settings tab Behavior a corresponding check mark will appear, but you don’t have to do this.

This is the most unusual article in this issue. Its peculiarity is that I tried to publish it several months ago, but every time I submitted the issue I forgot to do it. The first time I forgot it on my work computer. I thought, no big deal, I’ll publish it later on the site. “Later” turned into three weeks. Sometimes I didn’t have enough time, sometimes I simply forgot. When I remembered, I looked at the calendar. It was just the beginning of the month, and I decided to publish it in the upcoming issue. I recorded an article from work on a flash drive and... forgot the flash drive at work. Has it broken down again? I didn’t want to hold the number for another day, so I gave up on the matter and set a reminder in my phone. I’m sure I won’t forget by the next issue? What do you think, by the time the next issue was due, I forgot it again. This time, as usual. I brought the article home, and when I was collecting all the articles in a pile to send to the layout designer, I forgot to copy it from the flash drive. I don’t think it’s necessary to tell the result? Here's the story. The main thing is that now the article is in its place, and you can finally read it. Enjoy reading!

What is a VPN?

Our magazine is read by many newbies in computer matters, so I consider it my duty to start with the most basic thing - with the definition of VPN. Understanding technology without knowing the basics will not lead to anything good. It's better to move gradually.

VPN is an abbreviation for Virtual Private Network, or in Russian - “Virtual Private Network”. The essence of this wonderful technology is that it allows you to organize networks/multiple network connections on top of another network. Another network usually means the Internet, but a regular network can also serve this role.

If there is a network through which we can already connect to remote computers, then why bother with a VPN? It's actually simple. First of all, this is security. VPN connections are secure because... all traffic between them is encrypted. Consequently, even if an attacker manages to intercept your traffic, he will not extract anything useful from it. So the key point using a VPN- safety.

Let's consider another vital situation. Imagine that you need to connect to your corporate network. How to do it? If we are talking about connecting to one computer, then the problem can be solved simply using the tools remote administration, of which there are a lot now. A striking example of such tools is the one already familiar to many - Remote Administrator or, as people say: “Radmin”. You install the server part on the computer with which you will connect, and install the client for yourself. Everything is brilliantly simple and, in principle, safe, because... Radmin encrypts its traffic well, so the attacker is again left out.

The use of a VPN is by no means limited to creating access to remote networks. This technology is used by many Internet providers today. For example, my provider provides free access to resources local network, and to access the Internet, you need to establish a VPN connection.

In general, VPN allows you to provide three types of connections - node-to-node, node-to-network and network-to-network. You can always read more about this on the endless Internet. If you can’t find literature, contact me and I’ll share useful links.

VPN tunnels

You could see this phrase in various literature and especially in the magazine ][aker. It has already repeatedly described the nuances of creating and non-standard use this technology. If you are interested in hacking and security, I recommend going to the official website of the magazine and looking at the electronic binder. 100% that you will find a lot of interesting things.

Let's return to our rabbits. Oh! I wanted to say VPN tunnels. So, VPN tunnels are usually called the channel that is formed as a result of connecting a VPN client to a VPN server. You already know that such a connection is secure and all data transmitted over it is securely encrypted. If you have ever seen various university textbooks on networks, they usually use the term “point-to-point channel.” The concepts of “VPN tunnel” and “point-to-point channel” are identical and you can use either one. Throughout the entire article I will use “VPN tunnel”. I like it better.

Peers, but those who are in Torrents

Another important term in the VPN field is peers. Those who use torrent trackers are probably aware of the meaning of this word in that environment. In VPN, this term is applied to computers that have established a VPN connection. Those. when you install from your PC VPN connection, you can safely be called a feast.

A little about encryption

Encryption is one of the key points in VPN. The topic is quite large and you can write more than one good article on it. I will not go into details and will only say that both peers that established the tunnel are responsible for encryption. For example, we have two networks connected via VPN gateways. This model can be schematically represented as follows:

Network A -> VPN Gateway A -> INTERNET -> VPN Gateway B-> Network B.

In this situation, the algorithm will be like this. Data from network A is transmitted to VPN gateway A absolutely unchanged. Then (already at the gateway) they are encrypted and transmitted through a VPN tunnel, forwarded, through an insecure network. In my example, the insecure network is the INTERNET. Having received an encrypted set of data, VPN Gateway B will decrypt it and send a clean set to Network B. Based on the above, we conclude that the data remains encrypted only during its transmission through the VPN tunnel. Once delivery is complete, the data is no longer encrypted.

Please note that encryption applies to the entire IP packet. The packet headers themselves (i.e., the sender and recipient addresses) are also replaced. The new recipient and sender addresses will be the VPN gateway addresses. Thus, when intercepting a packet, it will only be possible to determine the addresses of the VPN gateways, and not the addresses of the end clients of the internal network.

A little about the principles of VPN operation

In general, all VPNs adhere to a few general rules:

1. Identification of nodes before creating a VPN tunnel.

2. Determining for both clients a list of data encryption protocols allowed to be used. You understand that if I use the DES algorithm, and you use AES, then we simply will not understand each other and will not be able to exchange data. More precisely, you can exchange, but you cannot decipher.

3. After checking the encryption algorithms used (of course, if it was successful), a key will be created. In the future, it will be used in symmetric algorithm for encryption/decryption of data packets.

Let's practice

I conveyed the most necessary theory to you and now I need to try this whole thing in practice. When I wrote the first version of the article, I devoted it entirely to setting up a VPN server on Kerio WinRoute. Of course, I could have done this - left everything as it is and not change anything, but on the very last day before handing over this issue, I decided to set aside a few hours of time and diversify the information. Start with the most simple example, which will definitely be useful for beginners, and in the next parts of the article we will consider more specific things, such as raising a VPN server using OpenVPN and Kerio Winroute. So, let's start with the simplest example - organizing a VPN tunnel between two computers running Windows XP. Important point. No additional software I won't use it. Everything will be done using standard means.

VPN tunnel for Windows XP

As I already said, we will start with the simplest. Not many people know that Windows XP has a built-in VPN server. Do you smell what it smells like? You can easily forward a tunnel to remote computer and enjoy all the joys of a VPN.

Let's not dabble in one thing at a time, but let's get down to business. First, let's learn how to accept external VPN connections, i.e. Let's prepare a VPN server. Sit down at the computer that will serve as a server and take the following steps.

1. START -> Settings -> Network connections.

2. Launch the New Connection Wizard.

3. In the first window (see Figure 1) select the item: “Install direct connection to another computer" and click "Next".

4. In the next window (Figure 2), select “Accept incoming connections”. Click "Next".

5. In the next window (Figure 3), the wizard for creating a new connection will ask you “Allow virtual private connections or not?” We are actually going to accept connections, so we select “Allow”. After this, click “Next”. It is likely that the appearance of your window will be different from what is shown in Figure 3. Don’t pay attention to this, just click “Next”. The next window should look like this.

6. In the next window (Figure 4) you need to define users who can connect. Choose from a list of existing ones or create new ones. Don’t forget, when you create a user, set a password. When finished, click “Next”.

7. Our efforts are nearing completion. At the next step, we are required to configure network parameters. You can leave everything as is. The only thing required is to configure the TCP/IP protocol. Select this item and click the “Properties” button. A window will appear in front of you as in Figure 5. Set the “Allow callers access to the local network” flag in it. Check the box “Specify TCP/IP addresses explicitly.” After that, write down the range “from” and “to”. I specified the following option here: 192.168.1.40-192.168.1.50. All clients that connect to us will receive IP addresses from this range. So, almost everything, all that remains is to uncheck the “Allow the caller to indicate their IP address.” That's it now. Click Ok and then “Next”.

8. The next step of the wizard is purely formal and all you have to do is click on the “Next” button.

That's it, now our VPN server is ready to accept connections. Note that we didn’t have to do anything complicated. Now let's see how you can connect to this server from another computer. This requires even fewer steps:

1. Launch the already familiar “New Connection Wizard”. After the first information step, select “Connect to the network at your workplace” (Figure 6). Click next.

2. Now you need to select the type of connection to create. Two options are available:
- Connection remote access
- Connection to a virtual private network.
It is not difficult to guess that we are interested in the second option (Figure 7).

3. Here we need to enter the name of the connection. Enter any name here. This makes no difference. Click on “Next” again.

4. At this step, the wizard will ask you to decide whether you need to connect to a public network before establishing a VPN connection. For example, if the VPN server is located on the Internet, then you first need to establish a connection to the Internet, and only then try to connect to the VPN server. For myself, I chose the “Do not dial pre-connection number” option.

5. This is the final step. Here you need to enter the IP address of the VPN server. My VPN server is on the local network and has the address 192.168.1.33. That’s it, click “Next” and then you’re done.

Try testing our connection. If you did everything correctly, the connection will be established and you will receive an IP address from the range we have defined. You can show dexterity and share the Internet on a computer server. Thus, you will have the opportunity to surf the Internet over a secure connection.

Connecting Complete

That's all for today. Conduct experiments with established connection– try to find a practical application for it (for example, organize access to the Internet for a VPN client), and in the next issue, I will tell you about setting up and practical use of OpenVPN. Good luck with your research.

Written by Igor Antonov aka Spider_NET

Every year electronic communications are improving, and increasingly high demands are placed on information exchange for speed, security and quality of data processing.

And here we will look at a VPN connection in detail: what it is, why a VPN tunnel is needed, and how to use a VPN connection.

This material is a kind of introductory word to a series of articles where we will tell you how to create a vpn on various operating systems.

VPN connection what is it?

So, a virtual private network vpn is a technology that provides a secure (closed from external access) connection of a logical network over a private or public one in the presence of high-speed Internet.

This network connection computers (geographically distant from each other at a considerable distance) use a “point-to-point” connection (in other words, “computer-to-computer”).

Scientifically, this connection method is called a VPN tunnel (or tunnel protocol). You can connect to such a tunnel if you have a computer with any operating system that has an integrated VPN client that can “forward” virtual ports using the TCP/IP protocol to another network.

Why do you need a VPN?

The main benefit of a vpn is that negotiaters need a connectivity platform that not only scales quickly, but also (primarily) ensures data confidentiality, data integrity, and authentication.

The diagram clearly shows the use of VPN networks.

Rules for connections over a secure channel must first be written on the server and router.

How VPN works

When a connection occurs via VPN, the message header contains information about the IP address of the VPN server and the remote route.

Encapsulated data passing over a shared or public network cannot be intercepted because all information is encrypted.

The VPN encryption stage is implemented on the sender's side, and the recipient's data is decrypted using the message header (if there is a shared encryption key).

After the message is correctly decrypted, a VPN connection is established between the two networks, which also allows you to work on a public network (for example, exchange data with a client 93.88.190.5).

Concerning information security, then the Internet is extremely unprotected network, and a VPN network with OpenVPN, L2TP / IPSec, PPTP, PPPoE protocols is a completely secure and safe method of data transfer.

Why do you need a VPN channel?

VPN tunneling is used:

Inside the corporate network;

To unite remote offices, as well as small branches;

For digital telephony services with a wide range of telecommunications services;

To access external IT resources;

For building and implementing video conferences.

Why do you need a VPN?

VPN connection is required for:

Anonymous work on the Internet;

Downloading applications when the IP address is located in another regional zone of the country;

Safe work in a corporate environment using communications;

Simplicity and convenience of connection setup;

Provisions high speed connections without interruptions;

Creating a secure channel without hacker attacks.

How to use VPN?

Examples of how VPN works can be given endlessly. So, on any computer in the corporate network, when you establish a secure VPN connection, you can use mail to check messages, publish materials from anywhere in the country, or download files from torrent networks.

VPN: what is it on your phone?

Access via VPN on your phone (iPhone or any other Android device) allows you to use the Internet in in public places maintain anonymity, as well as prevent traffic interception and device hacking.

A VPN client installed on any OS allows you to bypass many of the provider’s settings and rules (if the provider has set any restrictions).

Which VPN to choose for your phone?

Mobile phones and smartphones running Android OS can use applications from Google Playmarket:

• - vpnRoot, droidVPN,
• - tor browser for surfing networks, also known as orbot
• - InBrowser, orfox (firefox+tor),
• - SuperVPN Free VPN Client
• - OpenVPN Connect
• - TunnelBear VPN
• - Hideman VPN

Most of these programs serve for the convenience of “hot” system setup, placement of launch shortcuts, anonymous surfing Internet, selecting the type of connection encryption.

But the main tasks of using a VPN on a phone are checking corporate email, creating video conferences with several participants, and holding meetings outside the organization (for example, when an employee is on a business trip).

What is VPN on iPhone?

Let's look at which VPN to choose and how to connect it to your iPhone in more detail.

Depending on the type of network supported, when you first start the VPN configuration on your iPhone, you can select the following protocols: L2TP, PPTP and Cisco IPSec (in addition, you can “make” a VPN connection using third-party applications).

All of the listed protocols support encryption keys, user identification using a password and certification are carried out.

Among additional functions When setting up a VPN profile on an iPhone, you can note: RSA security, encryption level, and authorization rules for connecting to the server.

For iPhone phone From the appstore you should choose:

• - free application Tunnelbear, with which you can connect to VPN servers in any country.
• - OpenVPN connect is one of the best VPN clients. Here, to launch the application, you must first import RSA keys via iTunes into your phone.
• - Cloak is a shareware application, since for some time the product can be “used” for free, but to use the program after the demo period has expired, you will have to buy it.

VPN creation: selection and configuration of equipment

For corporate communications in large organizations or associations of offices remote from each other, they use hardware equipment that can support continuous, secure work on the network.

To implement VPN technologies, the role of a network gateway can be: Unix servers, Windows server, network router and network gateway on which VPN is installed.

The server or device used to create vpn networks enterprises or vpn channel between remote offices, must perform complex technical problems and provide a full range of services to users on both workstations and mobile devices.

Any router or VPN router must provide reliable operation on the network without freezes. And the built-in VPN function allows you to change the network configuration for working at home, in an organization or in a remote office.

Setting up VPN on the router

In general, setting up a VPN on a router is done using the router’s web interface. On “classic” devices for vpn organizations you need to go to the “settings” or “network settings” section, where you select the VPN section, specify the protocol type, enter the settings for your subnet address, mask and specify the range of IP addresses for users.

In addition, to secure the connection, you will need to specify encoding algorithms, authentication methods, generate agreement keys, and specify DNS server WINS. In the “Gateway” parameters you need to specify the gateway IP address (your own IP) and fill in the data on all network adapters.

If there are several routers in the network, you need to fill out the VPN routing table for all devices in the VPN tunnel.

Here is a list of hardware equipment used to build VPN networks:

Dlink routers: DIR-320, DIR-620, DSR-1000 with new firmware or Router D-Link DI808HV.

Routers Cisco PIX 501, Cisco 871-SEC-K9

Linksys Rv082 router with support for about 50 VPN tunnels

Netgear router DG834G and routers models FVS318G, FVS318N, FVS336G, SRX5308

Mikrotik router with OpenVPN function. Example RouterBoard RB/2011L-IN Mikrotik

VPN equipment RVPN S-Terra or VPN Gate

ASUS routers models RT-N66U, RT-N16 and RT N-10

ZyXel routers ZyWALL 5, ZyWALL P1, ZyWALL USG

In this article, I will talk about how to create your own VPN server for safe Internet use. You will learn how to configure your computer (Windows) and phone (IOS and Android) to work through this server.

In simple terms, VPN is a technology that allows you to network devices over another network. For example, on top of the Internet. But let's not bother with terminology, we'll just make sure that you surf the Internet through a server in San Francisco, London or Amsterdam. In general, where there is no Rostelecom.

Why do you need your own VPN or why others’ ones are bad?

Of course, you can use someone else's paid or free VPN servers. Fortunately, there are a lot of them on the Internet. Write a VPN in Yandex and receive a huge number of offers.

If we talk about paid servers, then the prices there are far from cheap. It's not even worth talking about free ones. Other VPNs have the following disadvantages:

1. Price - good VPNs they cost good money.
2. Traffic eavesdropping - you don’t know who runs the VPN, but he knows what sites you go to, what passwords you send, who you communicate with, and so on. Https, of course, partially solves this problem, but not all sites have switched to https yet. It remains the same Man attack in the middle - the VPN owner can return their certificates and certificate authorities to you. Initiate transition to more old version SSL, give you their sites under the guise of the ones you are looking for.
3. The VPN may be “dirty” - perhaps, before you or in parallel with you, the same VPN server (and its IP address) is used by some hacker from the USA - and this IP address is already being tracked by the FBI.
4. The VPN may be exposed - for example, spam was sent through it and it has already been blacklisted - and you will not be able to log into your favorite site because you are already banned.
5. Traffic modification - if your traffic is not encrypted or the VPN owner can decrypt it, then the sites you request will be returned with “extra banners” or modified BTC addresses and ETH for payment and so on.

In general, if you just want to hang out on entertainment sites, then take any free one - sometimes they won’t work, sometimes they will be very slow, but it’s free.

If you need a VPN for work, take a good paid one. If you are paranoid, or you want to make money on rent, or you are just interested in how it’s all done, move on.

Deploying your VPN server

In order to raise our VPN, we will need our own server on the Internet. In this article we will look at an example on Zomro, but any hosting where you can get a VDS will do. The simplest tariff plan is $2.99 ​​per month, we don’t need more.

Go to the site: go. Select the “Optimal VDS/VPS” section, select the VDS/VPS “Micro” tariff and click order.

Fill out the registration form and go to your personal account. Now you need to top up your balance by $3. Select “Top up balance” in the taskbar

Enter the replenishment amount and select convenient way payment. After replenishment, go to the “Products / Services” section and select “virtual servers”. Click “Order”

We choose the very first tariff “VDS/VPS “Micro” (1 CPU/1 GB RAM/20 GB SSD)”

After that, in the order form, where the operating system is, select “Ubuntu-16.04-amd64”. We agree to the terms and click “Add to Cart”.

After that, click pay in the cart. After processing your order, you will receive an IP address, login, password, and a link to the server management page and login details. Technical domain and so on. This is important information, do not share it with anyone.

What’s nice is that the IP will be yours and only yours, and no one else will go through your server (unless you allow it yourself, but more on that later).

Connecting and setting up a server

Now we need to connect to our new server and configure it. Download the putty program ( link). We launch the program and enter the IP address from the letter in the “Host Name” window, click the “Open” button.

On the window that appears, click “Yes”. A terminal window will open in front of us, where we need to enter the login and password from the letter. In order to paste text into the terminal, you need to press the right mouse button. Enter your login and press enter. Enter the password (when typing, the characters will not be displayed as if you were not typing anything - this is normal) and press enter. For ease of entry, you can copy the password and paste it into the terminal with the right mouse button. After connecting, minimize (do not close) the terminal and move on to the next step.

Deploying a VPN server

1. Now it's time to actually deploy your VPN. In your browser go to the site: openvpn.net"Community".

2. In the tab "Downloads""Access Server Downloads"

6. Now we return to putty and download the package to the server. To do this, run the command in the program:

7. Install the downloaded package. To do this, run the command:

dpkg -i openvpn-as-*.deb

where is the parameter " -i» initializes package installation

8. Change the password for the openvpn user, who is the default administrator. To do this, run the command:

passwd openvpn

Enter a new password and confirm the change (remember that password characters are not displayed).

9. After successfully changing the password, you can connect to the web interface of your VPN to change the settings according to your requirements. By default, the connection address is as follows:

https://Х.Х.Х.Х:943/admin/ (where Х.Х.Х.Х – IP of your server)

The default login is: openvpn, and you created the password in step 8.

Automatic settings and configuration files for a client connection to your VPN can be downloaded by connecting to the client link to OpenVPN, which looks like this:

https://Х.Х.Х.Х:943/ (where Х.Х.Х.Х is your server IP)

Connecting to VPN on Windows

1. To connect to the created VPN, you need to enter the address in the browser: https://Х.Х.Х.Х:943/ (where Х.Х.Х.Х is the IP of your server). In the window that appears, enter your username, password and select “Connect”

2. Next, click “click here to continue”. After clicking it will be available for download installation file with extension .msi, which includes both the client program and the correct configuration file. Download and install the program.

3. The OpenVPN client is installed in automatic mode(during installation the antivirus program will swear, we agree and allow all actions). Once the installation is complete, a shortcut will appear on your desktop OpenVPN connect, which needs to be launched.

4. In the window that appears, enter the user name and password, then click on the "Connect" button

The connection status can be monitored through the OpenVPN client icon in the taskbar

Connecting to VPN on iOS

1. Download from App Store program OpenVPN.

2. Just like on Windows, you need it in your browser ios devices enter the address: https://Х.Х.Х.Х:943/ (where Х.Х.Х.Х is the IP of your server).

3. In the window that appears, enter your username and password. Next, select the lowest line.

5. You will automatically be taken to the program. Here you need to click the green cross.

6. Agree by clicking “Allow”

7. To add a VPN to your device, enter your password or fingerprint.

8. This completes the setup. To connect, simply press the button where it says “Disconnected.” When you connect, the VPN icon will be displayed at the top. To disconnect, just click the button next to “Conntcted”

Connection to Android device done in the same way:

1. Download and install the program
2. Enter https://Х.Х.Х.Х:943/ in your browser (where Х.Х.Х.Х is the IP of your server).
3. Follow the link below
4. Open the package through the program
5. Add VPN settings
6. Connect by clicking the “Connected” button

Video instructions for creating your own VPN

Don't forget to connect a VPN when using free wifi in a cafe or entertainment center. If you have any questions, ask them in the comments.