In Windows, you can create your own VPN server to access shared folders or other internet facing applications on the go. Windows do this by using the PPTP (Point-to-Point Tunneling) protocol. In fact, most companies use this method to give their employees access to company resources, files, and applications. Since this is a good old VPN, your connection is encrypted all the way. In case you are wondering, follow the below steps to create your own VPN server in Windows.
Before You Proceed
Before you create a Windows VPN server to access certain applications or shared folders via the internet, you should know that the procedure is not beginner friendly. You should know things like port forwarding, creating a new user account, basic firewall settings, local IP addresses, etc.
Also, it is helpful if you have a static IP address. However, most internet service providers only assign dynamic IP addresses. If that’s your case, I recommend you sign up for a dynamic DNS service like OpenDNS or No-IP and get a static address for your dynamic IP. This makes it easy when you are configuring the VPN.
To make things easier to understand, I divided the whole procedure into four sections. Follow each section and you should be good.
How to Setup Vpn on Windows 10
The first thing we need to do is create a VPN server on the machine you’d like to access via the internet. You can think of this machine as the server with a static address. Like I said, if your IP address is dynamic, use a dynamic DNS service and create a static address for your dynamic IP address.
To start off, search for the control panel in the start menu and open it. Here, go to “Network and Internet > Network and Sharing Center”. Next, click on the “Change adapter settings” link on the left panel.
In the new window, press the ALT key on your keyboard to expose the top navigation menu. Click on the “File” option and select “New Incoming Connection” option.
In the new window, select a user account you’d like to be accessible via the internet and click on the “Next” button. If you want to, you can create a new user account for this specific purpose. To do that, click on the “Add someone” button and fill in the required details.
Now, select “Through the Internet” option.
Let the default options be and click on the “Allow Access” button.
The above action will create an incoming connection adapter. Once done, the window will show your computer name. Click on the “Close” button.
If you take a look at the control panel, you will see a new adapter.
Generally, Windows automatically assigns an IP address for this adapter as and when needed. However, under certain circumstances, this behavior can cause problems. To avoid that, you can manually assign an IP range. To do that, right-click on the Incoming Connections adapter and select “Properties”.
In the properties window, go the Networking tab. Here, select “Internet Protocol Version 4” and click on the “Properties” option.
Select the “Specify IP Addresses” option and type in the range of local IP addresses you’d like to assign to this VPN adapter. Make sure that these IP addresses are not in use by any other system. For instance, I assigned the IP range from 192.168.100.100 to 192.168.100.121 which is outside my regularly used range 192.168.100.1 to 192.168.100.20. Click on the “Ok” button to save changes.
Next, proceed to create the firewall exception.
Configure Windows Firewall
After creating the VPN, you need to make an exception to it in the Firewall. Otherwise, the connection might be blocked by Windows Firewall.
Search for “Windows Defender Firewall” in the start menu and open it.
In the firewall window, click on the “Allow an app or feature through Windows Defender Firewall” link appearing on the left panel.
Now, scroll down the list until you find the “Routing and Remote Access” feature and select both the checkboxes next to it. Click on the “Ok” button to save changes.
That is it. You are done adding the firewall exception.
Configure Port Forward in Your Router
To make all this work, you need to forward the ports on your router to your VPN server machine. In case you are wondering, without proper port forwarding, your router doesn’t know where to send the incoming traffic and simply rejects the connection. This is a built-in security feature. Depending on your router manufacturer and the firmware version, the placement of the port forward option can be a bit different. However, it is very easy to configure port forwarding.
No matter what router you are using, log into it, find the port forwarding option and configure it as below.
- Service type: PPTP
- Protocols: select both TCP and UDP
- IP Address: Type in the IP address of the computer that is hosting the VPN server. In my case, that is 192.168.100.1.
- Starting port: 1723
- Ending port: 1723
Once you are done with the changes, save them and exit the router page.
Create a Windows VPN Client
Finally, you can create the VPN client on the machine with which you’d like to access the other computer over the internet. The good thing is, Windows has built-in options that let you connect to the other computer over the internet.
In Windows, open the Settings app and go to “Network & Internet > VPN” and click on the “Add a VPN Connection” button.
Now, configure the VPN connection as follows.
- VPN Provider: Windows (built-in)
- Connection name: Name it anything you want.
- Server name or address: Type in your public facing IP address. You can find it with a simple Google search. If you are using a dynamic DNS service, enter the address provided by the service.
- VPN type: PPTP
- Type of sign-in info: User name and password
- Username: Enter the username of the user you selected while creating the VPN server. In my case, the user name is “techwiser”.
- Password: Enter the password of the above user
Select the “Remember my sign-in info” and click on the “Save” button.
Finally, click on the newly created VPN connection and then click on the “Connect” button.
If everything goes well, the VPN should connect to your other system over the internet.
From here on out, you can access any shared folders via File Explorer by selecting the Network option on the left navigation or work with other enabled services or apps over this connection. To access an application, you need to further configure the said application to monitor the port and respond to the incoming connection. Depending on the application, the configuration will be completely different.
That is all. Comment below to share your thoughts and using the above approve to creating a VPN server on Windows to access it over the internet via another computer.