How many times have you forgotten something you needed in your home
computer? How much time, productivity and money have you lost because of
this? What if you could connect to your home computer from work? (or
anywhere for that matter). You probably already thought of the idea but
discarded it as being too complicated, time consuming or expensive. What
if I tell you that all you need is a $60 router and simple
instructions?. In this project I will teach you how to create your own
home virtual private network (VPN) connection with method that will work better than even the best remote access software. A
connection you will have at your service for free, 24 hrs a day and
without the need of having a computer or a server on all the time
consuming power. Everything will be done with the help of a simple but wonderful router and free, open source software.
What is Needed for this Project
2) Linksys WRT54GL wireless broadband router. You can usually find these routers for $60 anywhere on the web. (Check DD-WRT’s website first before purchasing this router, your existing router might already be compatible)
1) DD-WRT firmware for the router. This is free, you can find it at dd-wrt.com.
Advantages over other Remote-Connect Solutions
Having your own VPN connection.
For those of you not familiar with virtual private networks: A VPN is a tunnel to your network, meaning that once a secure remote connection is established, you will be as if you were sitting at your house inside your own network, with an IP of the same range and no firewall restrictions in the middle. Once you are connected to the VPN the possibilities are endless. You can establish a remote desktop connection to any of your home computers, print directly from your current computer to one of your printers at home. Even when you open a webpage, in your web browser it will come from your home Internet provider.
You will always have access to your network even if your external home IP address changes.
Home internet access has a flaw; your external IP is dynamic (It changes arbitrarily). If your external IP happens to change when you need to connect remotely, you are not going to know what the new one is unless you are at home. That already makes the possibility of a remote connection useless. To overcome this flaw, which is present in virtually all other remote-connect solutions; we will obtain a free subscription to a dynamic DNS provider. Dymanic DNS allows you to have a fixed IP or domain name that will point to your changing home IP address, For this project we have chosen DynDNS.
Your connection will be always on, even if all computers are off. (you can wake them up remotely)
What if you left your house and you forgot to turn your computer on, how will you be able to connect to your network? and how will you be able to access your files? This is where the Linksys WRT54GL with the DD-WRT firmware comes in. With this firmware you will be able to connect to DynDNS and inform when your external IP changes. But thats not all: you will also be able to host the VPN server at the router and not at the computer. Therefore when you connect remotely you will be connecting to your router which is always on. You may be asking yourselves at this point ”that’s fine. But I still won’t be able to access my files because my computer is off!!!!” DD-WRT has “Wake-on-LAN”. With Wake-on-LAN you can wake up any computer that is directly connected to the router (no wireless).
Step 1: Open a Free Account with DynDNS
Go to the DynDNS website and click on:
1) Dns and domains -> 2) Dynamic DNS free (or “learn more” button underneath) -> 3) Create hostname
On the next page enter a subdomain name of your preference, click on the domain button to pick from a wide variety of domains, do not change any other settings. On the next section, click on “your current location’s IP address is…” so that your external IP address can be automatically populated in the field above.
Step 2: Load your Router with DD-WRT Firmware
Set up the Linksys WRT54GL and load it with the DD-WRT firmware. There are two firmwares that you are going to have to load. The reason for this is that the original firmware in router does not allow enough space to perform the loading process of the full DD-WRT firmware. Therefore, a mini DD-WRT firmware has to be loaded first. This firmware will replace the original and it is small enough for its own installation to be completed. In addition, once installed, it is also small enough for the full firmware version of DD-WRT to be loaded.
Set your computer’s ip configuration from DHCP to the following:
To load DD-WRT you have to load two firmwares. and an initial “mini”
firmware that will erase the router’s current contents and will allow
you to load the second and final one; the VPN firmware. Do not try to
load the final VPN firmware directly to the router, it won’t fit and the
installation will get stuck half way.
1) Load the “Mini” version of DD-WRT:
To load the “mini” version of DD-WRT, access the routers configuration page by opening your Internet browser and going to http://192.168.1.1 (this address might be different if you have a different brand of router). The default credentials for the wrt54gl router are: Login: Password: admin. Once there, click on the administration tab -> “fimware upgrade” -> “browse” and pick the mini version -> “click on the upgrade button”. Once again do not interrupt this process until you get a confirmation on the screen that the process has been completed successfully or else you will turn your router into a brick! Restart the router and make sure it works; if not, reset it.
2) Load the VPN Version of DD-WRT
The process for loading the final VPN version of DD-WRT is basically the same as for the mini. Access the router’s configuration page by opening your Internet browser and going to http://192.168.1.1. The default credentials for a router loaded with DD-WRT are: Login: root Password: admin. Once there, click on the administration tab then on “fimware upgrade” -> “browse” and pick the VPN version -> “click on the upgrade button”. Once again do not interrupt this process or else you will turn your router into a brick! Restart the router and make sure it works; if not, reset it.
Step 4: Configure Router’s Connection to DynDNS
Go into the router’s configuration and under the “General” click on the “DDNS” tab
- DDNS service: Select DynDNS.org
- Do not use external IP Check: Leave it as “no”
- Enter the username and password you chose when you signed up to DynDNS
- Host Name: enter the domain name you chose. Example: house.dyndns.org
- Type: leave it as “Dynamic”
- Wildcard: Leave unchecked
- Force update interval: leave the default, “10” days
Step 5: Configure VPN Setup at the Router
Go to the router’s configuration and under the “Services” tab click on the “VPN” tab
- Set “PPTP Server“, “Broadcast Support“, “Force MPPE Encription” to “enable”
- “Server IP” will be your router’s IP, in this case 192.168.1.1
- “Client IP(s)” is the IP range dedicated to all computers that will connect through the VPN, in this example we are alocating 5 IPs in the 200′s range, so we will set it to 192.168.1.200-205
- “Chap Secrets” is basically your username and password, enter it exactly as you see in the picture (click to enlarge) including spaces and asterisks. Example: If your username is “administrator” and password “abcdefg” then enter:
administrator * abcdefg *
- Set “Radius“, “PPTP Client Options“, “Start OpenVPN” (under Daemon) and “Start OpenVPN” (under Client) to “disable”
Step 6: Configure VPN Client at Incoming Computer
The following is the VPN client setup you will implement at the computer you are using to connect to your remote computer. The tutorial on this section is for Windows XP. I won’t cover Windows Vista or 7 since I do not want to make this article bigger than what it already is:
- Click Start -> Settings -> Control Panel -> Network -> New Connection
- Select “Connect to the network at my workplace” and click “Next“.
- Select “Virtual Private Network connection” and click “Next“.
- Enter the name you would like to give to this VPN connection. Any name will be OK, this is just for your reference.
- Select “Do not dial my initial connection” and click “Next” and “Finish”.
- Enter your the domain name you selected with DynDNS. Example “house.dyndns.com” and click “Next“.
- Select “Do not use my smart card” and click “Next” and “Finish“.
This will create a new icon under:
Start -> Settings -> Control Panel -> Network.
You can drag this icon to your desktop if you prefer.
Step 8: Turn your Computer on Remotely with Wake-on-LAN
Before this can be accomplished, you must enable Wake-on-LAN on your
computer’s BIOS. Every computer is different, but usually to get into
the BIOS you have to turn the computer on and immediately start
pressing either the “DEL”, “F1″ or “F2″ buttons. Once there, look for
the “Wake-on-LAN” option and enable it. All computers will have it
unless the network card is not integrated into the motherboard.
Now, If you forgot to turn your computer on before you left, no problem. Just connect to your VPN, open your Internet browser and log into the router’s configuration page and perform the following these steps:
- Click on “Administration Tab” and “WOL” tab
- Select the computer you wish to wake up from the list of computers available in the router. To select the computer check the box to the right hand side; this will place the selected computer at the bottom on the “WOL addresses list”
- Press “Wake UP” button
Step 9: Connecting to the Remote Computer
Now that you are connected to the VPN and your remote computer is up and running, you can connect to it using a variety of methods, like “Shared Folders”, FTP, Telnet, etc. The most common and useful method, however, would be to connect via “Remote Desktop“.
Remote Desktop in Windows
To connect via Remote Desktop, you have to make sure that the remote desktop connection is enabled on the computer you are trying to connect to. The “Administrator” account will have access automatically once you enable Remote Desktop on the destination computer, however, other account will have to be added to the list of allowed users
Client Side Configuration
A VPN is a private network created over a public
one. It’s done with encryption, this way, your data is encapsulated and
secure in transit – this creates the ‘virtual’ tunnel. A VPN is a
method of connecting to a private network by a public network like the
Internet. An internet connection in a company is common. An Internet
connection in a Home is common too. With both of these, you could create
an encrypted tunnel between them and pass traffic, safely - securely.
If you want to create a VPN connection you will have to use encryption to make sure that others cannot intercept the data in transit while traversing the Internet. Windows XP provides a certain level of security by using Point-to-Point Tunneling Protocol (PPTP) or Layer Two Tunneling Protocol (L2TP). They are both considered tunneling protocols – simply because they create that virtual tunnel just discussed, by applying encryption.
What is Needed for this Project
2) Linksys WRT54GL wireless broadband router. You can usually find these routers for $60 anywhere on the web. (Check DD-WRT’s website first before purchasing this router, your existing router might already be compatible)
1) DD-WRT firmware for the router. This is free, you can find it at dd-wrt.com.
Advantages over other Remote-Connect Solutions
Having your own VPN connection.
For those of you not familiar with virtual private networks: A VPN is a tunnel to your network, meaning that once a secure remote connection is established, you will be as if you were sitting at your house inside your own network, with an IP of the same range and no firewall restrictions in the middle. Once you are connected to the VPN the possibilities are endless. You can establish a remote desktop connection to any of your home computers, print directly from your current computer to one of your printers at home. Even when you open a webpage, in your web browser it will come from your home Internet provider.
You will always have access to your network even if your external home IP address changes.
Home internet access has a flaw; your external IP is dynamic (It changes arbitrarily). If your external IP happens to change when you need to connect remotely, you are not going to know what the new one is unless you are at home. That already makes the possibility of a remote connection useless. To overcome this flaw, which is present in virtually all other remote-connect solutions; we will obtain a free subscription to a dynamic DNS provider. Dymanic DNS allows you to have a fixed IP or domain name that will point to your changing home IP address, For this project we have chosen DynDNS.
Your connection will be always on, even if all computers are off. (you can wake them up remotely)
What if you left your house and you forgot to turn your computer on, how will you be able to connect to your network? and how will you be able to access your files? This is where the Linksys WRT54GL with the DD-WRT firmware comes in. With this firmware you will be able to connect to DynDNS and inform when your external IP changes. But thats not all: you will also be able to host the VPN server at the router and not at the computer. Therefore when you connect remotely you will be connecting to your router which is always on. You may be asking yourselves at this point ”that’s fine. But I still won’t be able to access my files because my computer is off!!!!” DD-WRT has “Wake-on-LAN”. With Wake-on-LAN you can wake up any computer that is directly connected to the router (no wireless).
Step 1: Open a Free Account with DynDNS
Go to the DynDNS website and click on:
1) Dns and domains -> 2) Dynamic DNS free (or “learn more” button underneath) -> 3) Create hostname
On the next page enter a subdomain name of your preference, click on the domain button to pick from a wide variety of domains, do not change any other settings. On the next section, click on “your current location’s IP address is…” so that your external IP address can be automatically populated in the field above.
Step 2: Load your Router with DD-WRT Firmware
Set up the Linksys WRT54GL and load it with the DD-WRT firmware. There are two firmwares that you are going to have to load. The reason for this is that the original firmware in router does not allow enough space to perform the loading process of the full DD-WRT firmware. Therefore, a mini DD-WRT firmware has to be loaded first. This firmware will replace the original and it is small enough for its own installation to be completed. In addition, once installed, it is also small enough for the full firmware version of DD-WRT to be loaded.
Setup and Prepare for DD-WRT Firmware Installation
Connect your router to your DSL or Cable modem via the WAN interface and to the computer via one of its 4 existing LAN ports.Set your computer’s ip configuration from DHCP to the following:
IP address: 192.168.1.100 Mask: 255.255.255.0 Gateway: 192.168.1.1 DNS: 192.168.1.1Make sure you can get out to the web.
Load the Router with the DD-WRT Firmware
*** WARNING: It is very
important you do not interrupt the loading process once it starts or
your router might be permanently damaged. The process might last
several minutes, do not power-cycle your router until you see a message
on the screen advising your the process has been completed. Please read
this whole section before proceeding***1) Load the “Mini” version of DD-WRT:
To load the “mini” version of DD-WRT, access the routers configuration page by opening your Internet browser and going to http://192.168.1.1 (this address might be different if you have a different brand of router). The default credentials for the wrt54gl router are: Login: Password: admin. Once there, click on the administration tab -> “fimware upgrade” -> “browse” and pick the mini version -> “click on the upgrade button”. Once again do not interrupt this process until you get a confirmation on the screen that the process has been completed successfully or else you will turn your router into a brick! Restart the router and make sure it works; if not, reset it.
2) Load the VPN Version of DD-WRT
The process for loading the final VPN version of DD-WRT is basically the same as for the mini. Access the router’s configuration page by opening your Internet browser and going to http://192.168.1.1. The default credentials for a router loaded with DD-WRT are: Login: root Password: admin. Once there, click on the administration tab then on “fimware upgrade” -> “browse” and pick the VPN version -> “click on the upgrade button”. Once again do not interrupt this process or else you will turn your router into a brick! Restart the router and make sure it works; if not, reset it.
Step 4: Configure Router’s Connection to DynDNS
- DDNS service: Select DynDNS.org
- Do not use external IP Check: Leave it as “no”
- Enter the username and password you chose when you signed up to DynDNS
- Host Name: enter the domain name you chose. Example: house.dyndns.org
- Type: leave it as “Dynamic”
- Wildcard: Leave unchecked
- Force update interval: leave the default, “10” days
Step 5: Configure VPN Setup at the Router
- Set “PPTP Server“, “Broadcast Support“, “Force MPPE Encription” to “enable”
- “Server IP” will be your router’s IP, in this case 192.168.1.1
- “Client IP(s)” is the IP range dedicated to all computers that will connect through the VPN, in this example we are alocating 5 IPs in the 200′s range, so we will set it to 192.168.1.200-205
- “Chap Secrets” is basically your username and password, enter it exactly as you see in the picture (click to enlarge) including spaces and asterisks. Example: If your username is “administrator” and password “abcdefg” then enter:
administrator * abcdefg *
- Set “Radius“, “PPTP Client Options“, “Start OpenVPN” (under Daemon) and “Start OpenVPN” (under Client) to “disable”
Step 6: Configure VPN Client at Incoming Computer
The following is the VPN client setup you will implement at the computer you are using to connect to your remote computer. The tutorial on this section is for Windows XP. I won’t cover Windows Vista or 7 since I do not want to make this article bigger than what it already is:
- Click Start -> Settings -> Control Panel -> Network -> New Connection
- Select “Connect to the network at my workplace” and click “Next“.
- Select “Virtual Private Network connection” and click “Next“.
- Enter the name you would like to give to this VPN connection. Any name will be OK, this is just for your reference.
- Select “Do not dial my initial connection” and click “Next” and “Finish”.
- Enter your the domain name you selected with DynDNS. Example “house.dyndns.com” and click “Next“.
- Select “Do not use my smart card” and click “Next” and “Finish“.
This will create a new icon under:
Start -> Settings -> Control Panel -> Network.
You can drag this icon to your desktop if you prefer.
Step 8: Turn your Computer on Remotely with Wake-on-LAN
Now, If you forgot to turn your computer on before you left, no problem. Just connect to your VPN, open your Internet browser and log into the router’s configuration page and perform the following these steps:
- Click on “Administration Tab” and “WOL” tab
- Select the computer you wish to wake up from the list of computers available in the router. To select the computer check the box to the right hand side; this will place the selected computer at the bottom on the “WOL addresses list”
- Press “Wake UP” button
Step 9: Connecting to the Remote Computer
Now that you are connected to the VPN and your remote computer is up and running, you can connect to it using a variety of methods, like “Shared Folders”, FTP, Telnet, etc. The most common and useful method, however, would be to connect via “Remote Desktop“.
Remote Desktop in Windows
To connect via Remote Desktop, you have to make sure that the remote desktop connection is enabled on the computer you are trying to connect to. The “Administrator” account will have access automatically once you enable Remote Desktop on the destination computer, however, other account will have to be added to the list of allowed users
Client Side Configuration
If you want to create a VPN connection you will have to use encryption to make sure that others cannot intercept the data in transit while traversing the Internet. Windows XP provides a certain level of security by using Point-to-Point Tunneling Protocol (PPTP) or Layer Two Tunneling Protocol (L2TP). They are both considered tunneling protocols – simply because they create that virtual tunnel just discussed, by applying encryption.
Configure a VPN with XP
If you want to configure a VPN connection from a Windows XP client computer you only need what comes with the Operating System itself, it's all built right in. To set up a connection to a VPN, do the following:- On the computer that is running Windows XP, confirm that the connection to the Internet is correctly configured.
- You can try to browse the internet
- Ping a known host on the Internet, like yahoo.com, something that isn’t blocking ICMP
- Click Start, and then click Control Panel.
- In Control Panel, double click Network Connections
- Click Create a new connection in the Network Tasks task pad
- In the Network Connection Wizard, click Next.
- Click Connect to the network at my workplace, and then click Next.
- Click Virtual Private Network connection, and then click Next.
- If you are prompted, you need to select whether you will use a dialup connection or if you have a dedicated connection to the Internet either via Cable, DSL, T1, Satellite, etc. Click Next.
- Type a host name, IP or any other description you would like to appear in the Network Connections area. You can change this later if you want. Click Next.
- Type the host name or the Internet Protocol (IP) address of the computer that you want to connect to, and then click Next.
- You may be asked if you want to use a Smart Card or not.
- You are just about done, the rest of the screens just verify your connection, click Next.
- Click to select the Add a shortcut to this connection to my desktop check box if you want one, if not, then leave it unchecked and click finish.
- You are now done making your connection, but by default, it may try to connect. You can either try the connection now if you know its valid, if not, then just close it down for now.
- In the Network Connections window, right-click the new connection and select properties. Let’s take a look at how you can customize this connection before it’s used.
- The first tab you will see if the General Tab. This only covers the name of the connection, which you can also rename from the Network Connection dialog box by right clicking the connection and selecting to rename it. You can also configure a First connect, which means that Windows can connect the public network (like the Internet) before starting to attempt the ‘VPN’ connection. This is a perfect example as to when you would have configured the dialup connection; this would have been the first thing that you would have to do. It's simple, you have to be connected to the Internet first before you can encrypt and send data over it. This setting makes sure that this is a reality for you.
- The next tab is the Options Tab. It is The Options tab has a lot you can configure in it. For one, you have the option to connect to a Windows Domain, if you select this check box (unchecked by default), then your VPN client will request Windows logon domain information while starting to work up the VPN connection. Also, you have options here for redialing. Redial attempts are configured here if you are using a dial up connection to get to the Internet. It is very handy to redial if the line is dropped as dropped lines are very common.
- The next tab is the Security Tab. This is where you would configure basic security for the VPN client. This is where you would set any advanced IPSec configurations other security protocols as well as requiring encryption and credentials.
- The next tab is the Networking Tab. This is where you can select what networking items are used by this VPN connection.
- The Last tab is the Advanced Tab. This is where you can configure options for configuring a firewall, and/or sharing.
Connecting to Corporate
Now that you have your XP VPN client all set up and ready, the next step is to attempt a connection to the Remote Access or VPN server set up at the corporate office. To use the connection follow these simple steps. To open the client again, go back to the Network Connections dialog box.- One you are in the Network Connection dialog box, double-click, or right click and select ‘Connect’ from the menu – this will initiate the connection to the corporate office.
- Type your user name and password, and then click Connect. Properties bring you back to what we just discussed in this article, all the global settings for the VPN client you are using.
- To disconnect from a VPN connection, right-click the icon for the connection, and then click “Disconnect”
2 comments:
Thanks For sharing this great information i really appreciate your work i share this information to my all friends.
France VPN
These platforms have also become essential for businesses to establish an online presence and engage with their target audience. VPN For Netflix Guide By creating informative and engaging articles, companies can showcase their expertise, build brand authority, and drive traffic to their websites.
Post a Comment