cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Is it possible to create a VPN server on a home account?

Leigh
Neighbour

I am trying to create a simple VPN, with Windows 10 on both client and server machines.  It's not working.  A chat session with Telus tech support was fruitless - the fellow was pleasant, but had little applicable knowledge.

My Telus gateway/router is the Actiontec V1000H, with firmware 31.122L.19.  On it,

1. I have forwarded port 1723 to the server computer.

2. I have locked the internal IP address for the server computer. 

On the Windows 10 server computer,

1. I have opened the firewall to "Routing and Remote Access."

2. I have created the "Incoming Connection" to be the VPN server.

On the Windows 10 client computer,

1. I have created the VPN client.

I won't get into the VPN software details unless we need to. 

The client VPN informs me that the "network connection between your computer and the VPN server was interrupted."

Telnet and Ping, running on the client PC, both return results of "timed out."

The ShieldsUp program could see my IP, and determined that port 1723 was open.

Does anyone know if what I am trying to do is possible?  I don't see any reason that it shouldn't be, but I'm not sure if Telus is blocking something, or if perhaps I have something configured wrong.

4 REPLIES 4

Kolby_G
Ambassador

Telus does not block running a VPN server, I have IPSec, L2TP, and OpenVPN all running fine. For PPTP, you will need to forward protocol 47 (GRE) which the Telus router may be incapable of doing, I would definitely suggest using your own router for this. That being said, I'd advise against using PPTP whenever possible due to it's known vulnerabilities.

 

Are both the client and the server on your network? Or are you trying to connect from outside.

How do you have RRAS configured? Are you using a domain controller to authenticate the login? Are you using the native windows VPN client?

 

Thank you very much for your reply, Kolby.  I am encouraged to know that Telus does not intentionally block the VPN server.

Since writing the first note, I have moved my "server" computer to my wife's office, which has a business account with Telus.  That should eliminate any problems of the "we don't want people to run businesses on residential services" variety.

I will forward GRE port 47.  I had no problem forwarding port 1723 earlier, with the Telus router.

Client and server are not both on the network.  For testing, I have the client (laptop) connected to the internet through my phone as a hotspot.

I'm afraid to tell you that I don't know what RRAS is.

Nor a domain controller.  I have been involved with computers for a very long time, but as an application developer on larger systems and working with simple PC networks.  I am way over my head on this, trying to learn as I go.  I do appreciate your patience.

I am using the native Windows 10 VPN client.  The reason I was bold enough to try this was that there was a Windows 10 app on each end, so I was hoping Microsoft had made it easy enough for a person like me to use.

Followup to my earlier reply to Kolby.  I forwarded GRE port 47, and I have achieved a "Connected" status from the client computer.  Now I have to figure out what to do with it, because the "server" computer does not show up on File Manager.  So back to head-in-the-book mode!

 

Running the server on a residential connection shouldn't be a problem, the problem comes when running anything for commercial purposes. I have 5 hypervisors and ~60 VMs running for 100% home use and have never had a problem.

Just to confirm, you forwarded the GRE protocol to your server correct? GRE doesn't have ports in the same sense that TCP/UDP does, GRE is protocol number 47 in the same way that TCP is protocol 6.

 

RRAS = Routing and Remote Access Server - The role I presumed you were running on Windows Server. Re-reading your post though it sounds like you are using a regular computer acting as a "server", I mistakenly thought by Windows 10 server you meant Windows Server 2016.

If you're not running on an actual server you can ignore my question about a domain controller as well as that's unlikely.

 

It's unlikely that the file manager will actually show both computers, you'll likely need to access them by IP or DNS name. Run ipconfig /all on both sides and post the results and I might be able to point out what is needed.

 

For a bit more info, what is your end goal with this? File transfers between the computers? Tunneling all internet traffic for privacy?

My point about PPTP still stands as well, don't use it. It is super vulnerable. L2TP/IPSec/OpenVPN are all better choices.