Paid VPN servers are more stable and provide Internet access at a higher speed than most free ones. But even among the free ones, you can find a decent free VPN server for Windows. Some are the best on this moment free VPN servers:
- CyberGhost
- (free for 7 days only)
- Hide Me (Free 2 GB / month available)
Hope our list free VPN servers helped you. What VPN servers do you use? Share in the comments.
Setting up a VPN on Windows is not difficult, and does not require special skills, but for the VPN to work correctly, you must clearly follow the instructions. To set up a VPN server on Windows, we will use free server HotFreeVPN and standard tools operating system to connect to it.
To set up a new VPN connection:
After you click "OK", your PC will connect to the configured VPN connection. In the same way, you can connect to other servers. To see if you are connected to a VPN, click on the connections icon in the tray.
Customization VPN connections on Windows is almost complete, it remains to agree to the terms of use of the server. To do this, open any browser. Regardless of which page is set as home, a page with a button will be loaded to confirm your agreement to the terms of use of the server. Click I AGREE.
After clicking on this button, VPN setup on Windows 10 is over. You will be able to use the Internet in browsers and programs as usual. Setting up a VPN on Windows 7 is no different. After you use the VPN server, you need to disconnect from it. To do this, click on the network connection icon in the tray, select your VPN connection and click on the "Disconnect" button.
Read, how to set up a VPN server on your PC, using special equipment or standard ways Windows. VPN (English Virtual Private network) - virtual private network is a collective name for a technology that allows one or more network connections ( logical networks) over another network (as an option - the Internet).
Content:
VPNs are very useful, no matter where you use them: whether you are traveling the world, working in an office, or connected to a public Wi-Fi hotspot at a coffee shop in your hometown. Only you don't have to use paid service VPN - You can host your own VPN server at home.
Enough important criterion when creating a VPN is an indicator of the download speed of your home internet connections... If your bandwidth is very low, then you're better off just using a paid VPN service. Internet service providers typically offer much less throughput than necessary to create virtual network... However, if your internet connection is capable enough, setting up a VPN server at home can be very relevant to you.
What is a VPN for?
A home VPN gives you an encrypted tunnel - a connection that allows you to use open public Wi-Fi networks to create a connection to the VPN you want–Network. You can use VPN from any device on different operating systems: Android, iOS, ChromeOS, Windows, Linux or macOS; can access various services specific country even outside of it. VPN will provide secure access to your home network from anywhere. You can even share the network with your family, friends, or colleagues by allowing them to use servers hosted on your home network. For example, it will allow you to exchange data, share photo and video files, documents, projects, be able to constantly communicate and be in touch. Also you can play computer games, intended for local network- although there are simpler ways to set up a temporary network for playing with friends.
A VPN is also useful for connecting to various services while traveling. For example, you can use Netflix or other services to get streaming video when traveling, use any library or catalog of films and recordings.
Method 1: Using a Router with VPN Capabilities
Instead of trying to set up a VPN yourself, you can buy a ready-made, pre-configured VPN solution right away. High performance home routers (routers) often come with built-in VPN servers - just search wireless router in which such a server is present. Often these are routers in the middle and high price ranges. Then you can use your router's web interface to activate and configure the VPN server. Be sure to check and select a router that supports that VPN type which you want to use.
Method 2. Use a router that supports DD-WRT or other third-party firmware
Custom router firmware is basically a new operating system that you can use on your router to replace your existing standard router operating system. DD-WRT is the most popular firmware, but other operating systems like OpenWrt also work well.
If you have a router that supports DD-WRT, OpenWrt, or any other third party operating system, then you can run it with this firmware to get more possibilities... DD-WRT and others similar firmware include built-in VPN server support. Therefore, you can host a VPN server even on routers that do not originally come with software to create and manage a VPN server.
Be sure to choose a router with built-in support third party manufacturers operating systems. Install custom router firmware and turn on the VPN server.
Method 3. Create your own dedicated VPN server
You can also just use software to set up a VPN server on one of your computers.
The Apple Server app (just like Windows) offers a built-in way to host a VPN server. However, these are not the most powerful and safe options... And they might be too demanding to set up a VPN server and get it working properly.
You can also install a third party VPN server like OpenVPN. VPN servers are available for every operating system, from Windows to Mac and Linux. You just need to forward the appropriate ports from your router to the computer that is running the server software.
There is also the option of converting your own dedicated device into a VPN server. You can take single board computer Raspberry Pi (raspberry) and install software OpenVPN servers, turning it into a lightweight, low-power VPN server. You can even install other server software on it and use it as a multipurpose server.
Where else can you host your own VPN server?
There is another option, which is halfway between hosting a VPN server on your own equipment and paying for the services of a VPN provider that provides you with a VPN service and a user-friendly app.
You can host your own VPN server on a web host. In fact, it will save you a small amount of money than using a dedicated VPN provider. You pay a hosting provider for server hosting and then set up a VPN server at the location they provide you with.
Depending on the capabilities and cost of the hosting provider's service packages, this may be quick way connections when you add a VPN server and get a control panel to it. Or you may have to tackle the manual server setup entirely from the beginning.
When setting up a VPN at home, you probably want to set up dynamic DNS on your router. Dynamic DNS always monitors changes in your IP-address and associates it with the current, at the moment, IP-address of your computer. This will give you an easy way to always access your VPN, even if the IP address of your home internet connection has changed.
However, it is very important not to forget to set up a secure VPN server. You need a reliable, secure network so that no one can connect to it without permission. This can be a password protection option (but it is advisable to change it regularly). Or another option, as OpenVPN suggests, is to use a pre-installed key, one of the most simple ways strong authentication.
In addition to powerful computer and an impressive list additional programs for comfortable surfing and safe work on the Internet, you need reliable server- a tool that provides communication with people, services, companies and information sites. Among different types most a good choice there will be a VPN server, if only because it is included in the operating room as an option Windows system... Read on and you will be able to run and configure it on Windows 7 on your own and at no cost.
Connecting and configuring a VPN server
Don't be alarmed. Create and prepare for correct work VPN server is not difficult, but required condition- if you have administrator rights.
What is a VPN Server
Literally VPN (Virtual Private Network) translates as "virtual private network". Technically, it is a set of protocols and solution architecture that provides secure communication in a digital environment. Essentially, a VPN is a secure add-on on top of a familiar virtual network.
Installing and configuring a VPN server does not take much of your time, since it is already built into the Windows operating system. According to experts, the most good configuration the private server is hosted on this platform.
This is what a simplified VPN server connection scheme looks like.
The server's job is to create tunnels that connect the user to the end "points" where he wants to go. Moreover, the information is encrypted using a complex algorithm, which is almost impossible to decode. No one from the outside can get inside the tunnel. The server blocks such attempts, leaving personal information well protected - correspondence, calls, messages, video and audio files.
What is it for
The essence of the answer lies in the tasks that the server performs. It not only connects many devices in a virtual space, such as computer terminals, laptops, tablets, and even mobile devices... Its technology provides anonymity, data encryption and protection confidential information from being intercepted by intruders.
Some will argue: we have no need for anonymity and data protection, because there is nothing to hide. Let me not believe you. Not only cybercriminals use encrypted traffic, most are not averse to protecting data in order not to "share" passwords to access their bank card or not become the object of blackmail due to leakage of personal information. As the saying goes: it is foolish to leave the door of the house open if the world does not consist of only good and kind people... Anonymity also adds a nice detail - the ability to visit resources that were previously unavailable for various reasons.
One of the most common reasons for using VPN is unwillingness to be tied to the workplace.
It's also a good idea to mention the benefits of using a VPN:
- scalability - no additional costs are required when connecting another participant;
- flexibility - it doesn't matter where you get access from;
- a valuable opportunity to work anywhere.
A VPN server is also extremely necessary when creating corporate networks, when for the safe operation of a company or enterprise it is necessary to restrict access of unauthorized persons to information circulating among employees. Using technical VPN solutions, it is not difficult to organize the confidentiality of clients outside the firm.
How to create and configure on a Windows 7 computer: step-by-step instructions
Steps to follow to start and configure the VPN server on Windows platform 7 is as follows.
- Open the Start menu and go to the Control Panel tab.
Go from Start Menu to Control Panel - In the "Computer Settings" select "Network and Internet".
Open the "Network and Internet" section - In the window that opens, click "Network and Sharing Center".
Select "Network and Sharing Center" - Then click "Set up a new connection or network".
Select "Set up a new connection or network" - Select "Connect to a workplace" in the new window.
Press the button "Connect to the workplace" - Then click on "Use my internet connection (VPN)".
Select "Use my Internet connection (VPN)" - When prompted to establish an Internet connection immediately or postpone this action, select “Postpone setting up an Internet connection”.
Select "Postpone Internet Connection Setup" - Next, write down the server address, destination name and name for the connection.
Enter the address of the VPN server, in the field "Destination name" write the name of the connection - In the next window, enter the login and password that are registered on the VPN server. In the “Remember this password” field, check the box so as not to enter it every time you connect. Be sure to save.
Enter the login and password registered on the VPN server. Check the box "Remember this password" - The connection has been created. Click the Close button. For convenience, create a shortcut to the program on the Desktop.
Close a window - Go back to the "Start" menu, then to "Control Panel", "Network and Internet", "Network and Sharing Management", where select "Change adapter settings".
Go to the item "Changing adapter parameters" - Find the VPN connection in this window and click on it right click mouse, then go to its "Properties".
In the VPN connection window, right-click on it and go to its "Properties" - Next, select the "Security" item, where in the "Type of VPN" field, select "Point-to-Point Tunneling Protocol (PPTP)", and in the "Data encryption" field, click on the "Optional" item.
Open "Security" and in the "Type of VPN" field select "Point-to-Point Tunneling Protocol (PPTP)", in the "Data encryption" field select "optional" - In the same window, only on the "Network" tab, uncheck the boxes next to the "Client for Microsoft networks"And" File and Printer Sharing Service for Microsoft Networks. "
On the "Network" tab, uncheck the boxes next to the items: "Client for Microsoft networks" and "Service of access to files and printers of Microsoft networks" - Then, without closing the window, go to the "Settings" tab and uncheck the box next to the item "Enable Windows logon domain", and then click "OK".
On the "Options" tab, uncheck the box next to the "Enable Windows logon domain" item, then click "OK"
Before starting the VPN, it will ask for a location. The best choice - « Public place", Then the greatest privacy in the digital space will be ensured. If desired, in the "Connection" menu, configure the settings for encryption and the use of other devices.
If you still have questions about installing and configuring a VPN server in Window 7, watch the video.
Video: how to set up and configure a VPN connection in Windows 7
Configuring for multiple clients
The process of connecting new members private network happens as follows.
- Go to "Control Panel" => " Network connections"=>" Create a new connection ".
- Start working with the "New Connection Wizard" => " Direct connection to another computer "=>" Accept incoming connections ".
- The "wizard" will offer to indicate those devices with which you plan to accept incoming connections, but they do not fit, so click on "Next". When the "Wizard" asks the question about VPN, stop at "Allow virtual private networks".
- Entering authorization parameters. The "wizard" offers to select those users who are allowed to enter the virtual private network. Select and click the "Add" button. When prompted by the Wizard, enter the new username and password.
- Configure TCP / IP protocols. Select the appropriate item in the list of protocols and click on the "Properties" button. In order for the client to be able to access the local network, activate the "Allow callers to access the local network" option. Next, designate the range of IP addresses that the connected participants can use.
Troubleshooting installation and operation problems
VPN startup is often accompanied by errors. The machine reports them in three digits. So, errors with numerical value 6 ** informs about the working state of the network, but it is required to check the entered information. This refers to the type of communication protocol, password and name. Code 7 ** gives information about the presence of errors in the connection settings. Code 8 ** hides network configuration problems or those associated with a banal lack of Internet connection.
Let's take a look at common mistakes and how to fix them.
Error 807
This error indicates a disconnected network connection. Common reason- problems in the transmission of traffic due to Low quality Internet work or server congestion.
This is how the system reports error 807
There are many options for solving the problem. Try to recreate the VPN connection. Did not help? This means, delete the KB958869 system or, better, restore it to its previous state. Did it fail again? Then translate the connection type from automatic function to "PPTP". Note that error 807 also occurs when blocking by a firewall / firewall, so try disabling them.
Error 868
This is about wrong work VPN ports. Often the disconnection is due to an invalid DNS server name. Therefore, first look at the TCP / IP protocol. There is either incorrectly specified DNS address, or not entered at all.
This is what error 868 looks like
Determine the status of the LAN connection. In the "Network Connections" tab, follow these steps in sequence: "Start" => "Control Panel" => "Network and Internet" => "Network Control Center" => "Changes to adapter settings". The discovered defect will dictate further actions.
So, if there is no local network connection, connect via VPN. No result? Check if the cable is working. If you disable it, you will see on the corresponding icon blue screens with a red cross. Try it right key first disconnect and then reconnect the connection. Again, nothing happened? Then do the same "disconnect / connect" operation with the cable (manually).
Does the error still exist? Go ahead and test the connection. Open it with the right button and see how many packets have been sent - there should be at least 5–7 of them. If the shipment took less or is completely empty, then find out how the equipment works. Go to "Administrative Tools" in this way: "Start" => "Control Panel" => "System and Security" => "Administrative Tools" => "Services". Find DHCP Client in the list of services. Restart it with the right click. Then restart your PC.
The reason for the inoperative state is the blocking of port 53. Your excessive caution has simply played a cruel joke - you yourself have programmed the security system in such a way that it does not allow absolutely everything. In this regard, it is recommended to check if port 53 is blocked. Even if it says "Port is open", this does not mean that the connection is going through. This refers only to the readiness to connect. Just create an allow rule for port 53 in TCP protocol and UDP. No result? Then you have to resort to at least, that is, reinstall Windows.
Be sure to watch the video with detailed instructions for opening the port. It also shows how to fix port connection errors.
Video: open a port on a local network
Errors 734 and 741
Error 734 occurs when the PPP Link Control Protocol is interrupted, and error 741 is due to the machine not recognizing this type of encryption.
Error 734 is fixed with a simple algorithm
They will help to fix the situation simple actions... Double-click the left button on the VPN and open Properties, then Security and uncheck Data Encryption Required. Confirm your intentions.
This is just a small part of the problems that arise when starting a VPN, but almost all of them can be solved quite simply and without much time consuming.
What is OpenVPN
The most popular private networking solution is OpenVPN. The main advantage is economy, since the traffic is compressed. Among the shortcomings of the program is the complexity of the setup, which we will now deal with.
OpenVPN - special program to set up a VPN connection. Naturally, you first need to install it on your computer. It is better to take the download file from the official website of the program:
The installation process is quite simple, except that you will need to temporarily disable the antivirus. When the program is loaded, a virtual network adapter TAP-Win32 Adapter V9 and driver for it. The task of OpenVPN is to set the IP address and mask of the local add-on.
First of all you need to copy config file which your provider should provide. Save the data in the C: \ Program Files \ OpenVPN \ config folder. While in it, click on the "Insert" item.
OpenVPN should be run only with administrator rights, otherwise the program may not work correctly. Be sure to change the compatibility properties in the OS. On OpenVPN, open Properties, find the Compatibility item, and check Run this program as an administrator. Then confirm your actions by clicking on "OK". The connection log window should appear.
If you followed all the steps correctly, then the VPN setup via the OpenVPN protocol for Windows 7 was successful. Do you have any difficulties? See screenshots step by step instructions settings Open VPN and a short video.
We set up the program step by step (photo)
Copy the config file to C: Program FilesOpenVPNconfig folder
Confirm the access request
Run Open VNP as administrator: go to "Start" and right-click on the OpenVPN shortcut, select "Properties"
Open the program menu in the tray (in the right corner) and select "Connect"
A window with the contents of the connection log will start
Video: Installing OpenVPN GUI
Configuring IPSec VPN
The IPSec standard is specifically designed to harden the security of the IP protocol. Allows you to verify the authenticity (authentication), and also checks the integrity and encryption of IP packets. IPsec contains protocols for safe exchange keys:
- RFC 2401 IPSec,
- RFC 2402 AH,
- RFC 2406 ESP,
- RFC 2409 IKE.
How you can set up a VPN using IPsec is outlined in step by step guide below.
- In the "Control Panel" click "View: Small Icons", then go to "Control Center".
- Next, find "Setting up a new connection" on the "Change network settings" tab.
- Complete the action by clicking on "Connect to a workplace". Go to it on the "Establish a connection or network" tab.
- Then you act depending on whether a VPN was previously installed on your machine. If yes, then in the pop-up window, click "No, create a new connection and continue with your actions." If not, then select "Use my internet connection".
- Don't forget to add your VPN address, and in the Destination Name line write the server name. Don't forget the mark. Select the "Installation for future connection" column and continue with your steps.
- Next, add your password and username registered on the VPN server. In the window that opens, consent to the connection.
- Then, in the "Network and Sharing Center" change the adapter settings.
- Finally, select "VPN Type". This is IPsec VPN. Of course, note that encryption is optional. VPN-channel to IPsec is ready!
At the end of the topic about IPsec VPN, I would like to emphasize the utility of the program, given the two disadvantages that VPN has. The first and most serious is vulnerability PPTP protocol... We are talking about the lack of reliability of one-factor authentication. In other words, when we confirm our right of access only with a username and password. In this case, the login or username is usually known, and the password quite often falls into the hands of a hacker (for example, when a Trojan virus is introduced into your OS). Then outsider gets full access to the local network. The second drawback is that there is no way to verify that the connection was made by a trusted user, and not by the same attacker who got access to account.
Video: configuring an IPsec tunnel between two Mikrotik routers
Now, user, you know, if not all, then the basic steps for creating and configuring your own, full-fledged and completely secure virtual network based on a VPN connection in Windows environment 7. You also learned how to properly configure the OpenVPN and IPsec VNP programs. Rest assured, a private server guarantees the same full connection as a regular one. Your computer will not notice the difference between a VPN and an unencrypted channel, but the security of your digital work is increased several times.
L2TP is the preferred protocol for VPN building-networks than PPTP, it is mainly about security and more high availability, due to the fact that one UDP session is used for data and control channels. Today we will look at configuring an L2TP VPN server on a Windows server 2008 r2 platform.
PPTP
Point-to-Point Tunneling Protocol is a protocol invented by Microsoft for VPN organizations through dial-up networks. PPTP has been the standard protocol for building VPNs for many years. This is a VPN only protocol and relies on different methods security authentication (most commonly used is MS-CHAP v.2). Available as a standard protocol on almost all operating systems and devices that support VPN, so it can be used without the need to install additional software.
Pros:
- PPTP client is built into almost all operating systems
- very easy to set up
- works fast
Minuses:
- insecure (vulnerable MS-CHAP v.2 authentication protocol is still used a lot)
L2TP and L2TP / IPsec
The Layer 2 Tunnel Protocol is VPN protocol which by itself does not provide encryption and confidentiality of the traffic passing through it. For this reason, the IPsec encryption protocol is typically used to ensure security and privacy.
Pros:
- very safe
- easy to customize
- available on modern operating systems
Minuses:
- slower than OpenVPN
- may need additional customization router
And so back to the settings for deployment VPN L2TP Server we will use Windows Server 2008 R2, however, everything said, with minor amendments, will be true for other Windows versions Server.
We will need established role, which should contain how to do this, we described in detail in the previous article where we raised PPTP VPN, therefore, I see no point in describing this process again, further we will assume that the role Network Policy and Access Services you already have it installed and contains Routing Services and remote access ... Generally deployment VPN L2TP Server very similar to deployment PPTP VPN, with the exception of a few settings, which we will talk about in detail.
Go to the Server Manager: Roles -Routing and remote access, right-click on this role and select Properties, on the tab Are common put a tick in the fields IPv4 router, choose LAN and demand-dial, and IPv4 Remote Access Server:
Now we need to enter the pre-shared key. Go to the tab Safety and in the field Allow specific IPSec policies for L2TP connection check the box and enter your key. ( About the key. You can enter there an arbitrary combination of letters and numbers, the main principle, the more complex the combination, the safer and also remember or write down this combination, we still need it) In the tab Authentication Provider choose Windows - Authentication.
Now we need to configure Connection security... To do this, go to the tab Safety and choose Authentication Methods, check the boxes EAP protocol and Encrypted verification (Microsoft version 2, MS-CHAP v2):
Next, go to the tab IPv4, there we will indicate which interface will accept connections VPN as well as set up a pool of issued addresses to clients L2TP VPN in the tab IPv4 (Set the interface to Allow RAS to select adapter):
Now let's go to the tab that appears Ports, right-click and Properties, choose a connection L2TP and press Tune, in a new window put Dial-up connection (inbound only) and Connect on demand (inbound and outbound) and expose maximum amount ports, the number of ports must match or exceed the expected number of clients. It is better to disable unused protocols by unchecking both checkboxes in their properties.
As a result, in the list of ports you should only have the ports you need in the number you specified.
This completes the server setup. All that remains is to allow users to connect to the server. Go to Server Manager: Configuration - Local users and groups - Users -Select user and right click - Properties... In the tab Incoming calls - Network access rights expose Allow access. (If your server is running Active Directory, then the settings must be entered in the corresponding snap-in)
And do not forget to switch ports on your router, as well as open from in your Firewall:
- IKE - UDP port 500 (Receive \ Send)
- L2TP - UDP port 1701 (Receive \ Send)
- IPSec ESP - UDP port 50 (Receive \ Send)
- IPSec NAT-T - UDP port 4500 (Receive \ Send)
Let's talk about virtual private networks (VPNs). What is it, how to set up a VPN for home computer and working equipment.
What is a VPN Server
A VPN server is a special piece of equipment that contains the accounts of clients using VPN technology(Virtual Private Network). VPN is needed in order to create a secure communication channel of the node-to-node, node-to-network or network-to-network type, for secure transmission traffic over the network. The technology is used by remote employees who work from home, but can enter working network"As in your own." VPNs are used by large companies to connect with branches in other cities or to connect several offices in the same city.
The technology allows not only encrypting traffic, but also accessing the Internet on behalf of the VPN server, spoofing the IP address and location. We can say that in modern world is very popular. It is used to increase anonymity on the network and bypass site blocking.
You can create a VPN server on your own, or you can rent it from a provider.
How to set up on Windows 7
- Go to "Control Panel" - "Network and Sharing Center".
- From the menu on the left, select Change adapter settings. A window with current connections will open. Click on Alt key, will appear on top standard menu... In the "File" section, select "New Inbound Connection".
- Let's start configuring, following the instructions of the connection wizard.
- The system will provide you with a list of users who will be allowed to connect to the computer. You can create a new user.
- Choosing a way to connect users to the computer.
- We select the network programs that we want to allow for incoming connections.
- We complete the connection.
To work through a VPN, you need to configure a firewall, otherwise the connection will be blocked. The easiest way is to specify "Home network" in the connection settings.
If the computer is behind a router, you need to configure port forwarding. This is not difficult.
Settings on routers different manufacturers may differ. You may need an individual instruction manual for your model.
Separately, it should be said that to connect to a computer from the outside, it must have a "white" IP-address. Permanent, which is visible from the Internet. It can be rented inexpensively from a supplier.
Client connection to VPN server on Windows 7
Everything is much simpler here:
- Go to the "Network and Sharing Center".
- Select "Set up a new connection or network", and in the list that opens - "Connect to a workplace".
- Create a new connection. To the question "How to connect?" answer "VPN". You will need to enter the server IP address, username and password from your account on the server. You won't be able to connect without an account.
- If you do not need to connect right now, check the "Do not connect now, only configure for future connection" checkbox.
Errors that may occur when connecting
- Error 807. Check your internet connection. If with physical connection everything is in order, restart your computer and router. Check if the time on the computer and the time zone are out of order - there should be no discrepancies. Antivirus and firewall can block the VPN connection. If you are not an expert, it is advisable to simply turn off everything during work. network filters... If you are concerned about data security, create an appropriate rule in your firewall configuration.
- Error 868. The hostname is not resolved to an IP address because it is missing or incorrectly specified DNS settings. DNS service disabled. May occur due to the fact that the 53rd port is closed by a firewall. We also do not exclude problems on the side of the provider.
- Error 628. Most often occurs due to server overload. It occurs when the equipment settings for connecting to the Internet are incorrectly set, Internet access has not been paid for.
Third party VPN connection tools
You can also create a connection using third-party tools.
Open VPN
OpenVPN - free service to create a secure connection (tunneling IP networks). You can download the program on the official website of the program of the same name.
The software is presented for both Windows and Linux. V Linux system just open a terminal and enter the command apt-get-install openvpn. For Windows you need to download setup file, corresponding to the bitness of the operating system (32 or 64 bits).
- Run the installation file.
- Follow the instructions of the installation wizard. All settings can be left as default.
- In the process, the program will ask you to install additional driver- agree.
- Information about the program can be found in the Readme file.
- To connect over a VPN, you must have a configuration file provided by the other party. Copy it to your OpenVPN folder.
- In the properties of the program shortcut, specify that it should be run as administrator.
- Start OpenVPN. In the settings select "Use config file". If you do not have this file, you can configure the proxy server connection yourself.
On the Linux startup performed by the service openvpn start command. Config file connection - openvpn / etc / openvpn / client.conf.
IPSec tunnels
IPSec security protocol allows you to encrypt traffic on network layer OSI model, that is, at the level of transmission of IP packets. For a successful connection, you need to configure the protocol on both sides of the connection. IPSec VPN is considered the most reliable means of connection, for example, for branch offices.
For example, consider the type of IPSec connection between two networks, as shown in the figure:
Consider the configuration for a Cisco router:
R1 (config) #int f0 / 0
R1 (config-if) #ip address 1.1.1.1 255.255.255.252
R1 (config-if) #no shut
R1 (config-if) #int lo0
R1 (config-if) #ip address 2.0.0.1 255.255.255.255
R1 (config-if) #no shut
R1 (config-if) #crypto isakmp policy 10
R1 (config-isakmp) #authentication pre-share
R1 (config-isakmp) #encryption aes 128
R1 (config-isakmp) #group 5
R1 (config-isakmp) #hash sha
R1 (config-isakmp) #exit
R1 (config) #crypto isakmp key 0 123 address 1.1.1.2
R1 (config) # access-list 101 permit ip host 2.0.0.1 host 2.0.0.2
R1 (config) #ip route 2.0.0.2 255.255.255.255 1.1.1.2
R1 (config) #crypto ipsec transform-set TR esp-aes 256 esp-sha-hmac
R1 (cfg-crypto-trans) #mode tunnel
R1 (cfg-crypto-trans) #exit
R1 (config) #crypto map MAPP 10 ipsec-isakmp
R1 (config-crypto-map) #match address 101
R1 (config-crypto-map) #set peer 1.1.1.2
R1 (config-crypto-map) #set transform-set TR
R1 (config-crypto-map) #do wr mem
When configuring IPSec to Cisco routers on the second router, similar operations should be carried out. The exception is the IP-addresses of the nodes, the names of the interfaces. The key specified in the settings can be anything, but it must be the same on both sides of the connection.
When configuring a tunnel with a MikroTik router, the following set of commands can be used:
> ip dhcp-server add interface = ether1 name = dhcp1
> ip ipsec proposal add enc-algorithms = aes-128-cbc nmae = 10 pfc-group = modp1536
> ip ipsec proposal add name = proposal
> ip address add address = 1.1.1.2 / 30 interface = ether1 network = 1.1.1.0
> ip address add address = 2.0.0.2 interface = ether2 network = 2.0.0.2
> ip dhcp-client add disabled = no interface = ether1
> ip ipsec peer add address = 1.1.1.1 / 30 dh-group = modp1536 enc-algorithm = aes-128 generate-policy = port-override secret = 123
> ip ipsec policy add dst-address = 2.0.0.2 / 32 priority = 10 sa-dst-address = 1.1.1.1 sa-src-address = 1.1.1.2 src-address = 2.0.0.01 / 3 tunnel = yes
> ip route add distance = 1 dst-address = 2.0.0.2 / 32 gateway = 1.1.1.1
Per additional information you can refer to your router manuals. For home use configuration between routers can be done in their web interface.
Video: Working with a VPN Server
In conclusion, a little about security. Although third-party services actively offer “secure” VPN services, remember that all logs are stored on the servers of VPN providers. Unscrupulous providers can thus collect information about customers, and then use it for their own purposes. A dangerous category includes various Internet browser extensions - "anonymizers" - which often do not even hide your real IP. Complete anonymity and online security can only be ensured by your common sense. Good luck!
