useing XP Pro as a VPN Host

  • Thread starter Thread starter TC
  • Start date Start date
T

TC

Hi,

I'm looking to use Remote Desktop on my home computer and I got that
working. However, I want the connection beween my laptop and my desktop to
be secure. So I was thinking of making my home computer a VPN host as well.

Can someone help me set my XP Pro box up with VPN and have it work with
Remote Desktop?

Also, as an FYI: the laptop is running 2000 and as I said it's working
with the remote desktop right now.

Thank you,

TC
 
Sharoon has given an excellent link to setting up the host end of the VPN
connection.

You can definitely do this, and it is probably a good idea.

However, just to reassure you somewhat, the RD connection, from before you
put in your credentials, is, in fact, encrypted with Microsoft MPPE, which
uses RSA RC4 encryption, with a 128 bit key.

This is the same encryption which would be used with a PPTP VPN.

So--you will be using encryption within an encrypted tunnel with the VPN
added.
 
That is reassuring. While Sharon's link was a nice source but from my
understanding is that it says how to make XP a VPN client.My main concern is
going from a Win2K Pro box to a WinXP Pro box wanting a high level of
security and encryption. Know the RD is already encrypted does make me feel
better.

But also out of curiosity how do I make my XP Box the ending (one might say
server) of a VPN or other secure tunnel.
 
You are right--I didn't look hard enough at the link.

For local help, open Help and Support, and type in: incoming connection tcp,
and hit enter.

Basically, you go to network connections in control panel, click create a
new connection, advanced, incoming, skip the pane which lists your modem and
parallel ports, continue--ensuring that you set up a user with a password
which is authorized to use the incoming connection, and you're done.

You should then have an icon for "incoming connection."

You can modify properties of TCP/IP on that connection to give out a range
of number (perhaps 4) on your subnet, but not conflicting with those given
out by any other router/DHCP mechanism you have in place.

The network interface card won't show--either in the wizard as you set
things up, or in properties of the incoming connection--this is normal.

If there is a router involved, you need to forward port 1723, TCP to the
target machine, and you need to open GRE protocol 47 through the router.
This is sometimes labelled "PPTP Passthrough." Some routers or software
nats do this automatically when you forward port 1723. If in doubt--check
out web support at your router manufacturer--most will have some information
about how to host or make use of PPTP VPN's through their equipment.
 
I just wanted to thank everyone. I got the VPN working. I got remote
desktop working over the VPN. I bit redundant I know.
I do have 2 questions. with the VPN being done from MS to MS do I need to
have the IPsec ports open (500, 50-51)?
And is there a way to bind Remote Desktop to only listen/work on the VPN
network?

Thank you again

TC
 
Not normally.. IPSEC/L2TP VPN's need to be set up explicitly...

As for your other question, I don't think it is possible without third
party help (and I am not sure if there is a tcpserver-type software
for Windows either).

Jeffrey Randow (Windows Networking & Smart Display MVP)
(e-mail address removed)

Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....

Remote Networking Technology Support Site -
http://www.remotenetworktechnology.com
Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone
 
Back
Top