Creating a vpn server windows 7. How to set up a VPN connection in different versions of Windows. Deploying your VPN server

Today we will set up.

The actions that we will perform today to configure VPN on the server under Windows control Server 2008R2, can be applied to Windows Server 2003, although it will look different in some places, the logic of actions is very similar.

First, we need to raise the role.

Role installation

V Server Manager go to Roles - Add Roles .

Choose from the list

An information window will open where you can find information about Network Policy and Access Service, then we press " Further».

Choose from the list "Routing and Remote Access Services" and all nested sub-items, click Further .

All the necessary data has been collected, we press the button "Install" .

The role has been successfully installed, press the button "Close"

After installing the role, you need to configure it, which we will do.

Role setting "Routing and Remote Access Services"

Go to the server manager, expand the branch "Roles", choose a role "Network Policy and Access Services", expand, click right click on "Routing and Remote Access" and choose "Configure and enable routing and remote access", set the following parameters:

A window will open Routing and Remote Access Server Installation Wizard after review, press the button "Further"

In the window "Configuration" select the item “ Special Configuration " push "Further"

In the window " Customizable configuration ” choose "Access to a virtual private network (VPN)" push "Further"

In the next window, click "Ready"

You will be prompted to start the service, which we will do by clicking on the button "Start service"

Well, we have everything ready in order to go directly to the setup. PPTP VPN on a server running Windows Server 2008R2.

Customization PPTP VPN on a server running Windows Server 2008R2.

In the event that you have already installed the role “ Network Policy and Access Services”Make sure you have the following settings:

We open Server manager - Roles - Routing and remote access, right-click on the role and select Properties, on the tab Are common check that the box is ticked IPv4 router, the option “ local area network and call on demand ”, as well as IPv4 Remote Access Server:

Now we need to check the settings Connection security... To do this, go to the tab Safety and check the parameters for Authentication Methods, there should be the following checkmarks on EAP protocol and Encrypted verification (Microsoft version 2, MS-CHAP v2):

Next, go to the tab IPv4, there we check which interface will accept VPN connections and the pool of addresses for issuing VPN to clients ( Set the interface Allow RAS to select adapter ):

After clicking on the OK button, the service will be restarted, and the role VPN server a will be added. Now you have a new item called Ports ... Now we need to disable services that we do not plan to use and configure PPTP. Click on the item Ports- right-click and select item properties... In the window that opens, select WAN Miniport (PPTP) and press tune at the bottom of the form. Set everything up as in the screenshot below:

The maximum number of ports is the number of clients that can connect to you. Even if the pool of addresses is greater than this value, the server will reject connections over this number..

The next step is to configure user permissions. Go to “Server Manager - Configuration- Local users and groups - Users ”, Select the user you want to allow to connect to this server on VPN and right click on the user - Properties. In the tab Incoming calls - Network access rights- expose Allow access. (If your server is running Active Directory, then the settings must be entered in the snap-in Active Directory ):

For the normal functioning of the vpn server, you need to open the following ports:

For PPTP: 1723 (TCP);
For L2TP: 1701 (TCP) and 500 (UDP);
For SSTP: 443 (TCP).

This completes the setup. You can create a connection and try to connect. To see connected clients on this moment use the Routing and Remote Access snap-in - Clients Remote access ... Also use the Network Policy and Access Services event log for monitoring and diagnostics.

I would like to remind you that connecting using PPTP VPNs are not the most secure, since authorization takes place using the Login - Password pair. Better to set up for safer work L2TP pre-key connection, which will significantly increase security VPN connections and use IPSec.

Don't forget to forward a port on your router and open it in FireWall:

• PPTP - TCP port 1723 (Receive \ Send)

You can read about how to connect to a vpn server from Windows 7.

You can read about how to connect to a vpn server from Mac OS X.

How to set up a VPN server - L2TP on the platform Windows server 2008 / 2008R2 can be read.

Have become commonplace. True, no one really thinks about what is behind the concept such as "VPN, configuration, use, etc.". Most users prefer not to go into the jungle of computer terminology and use standard templates. But in vain. From the knowledge of such connections, you can derive a lot of benefits, for example, increase traffic or connection speed, etc. Let's see what a connection to a virtual network really is using the example of the interaction of Windows operating systems on a stationary computer terminal and Android on a mobile device.

What is VPN

To begin with, VPN setup is impossible without general principle understanding the essence of the connection being created or used.

If explain in simple words, in such a network there is necessarily a so-called router (the same router), which provides computers or mobile devices trying to connect to existing network, standard additional IP-addresses for local or Internet access.

In this case, a virtual network in which there is activated setting VPN-connection, perceives any device connected to it, with the assignment of a unique internal IP-address. The range of such addresses is in the usual standard from zero to 255.

What is most interesting, even when accessing the Internet, the external IP address of the device from which the request is made is not so easy to determine. There are several reasons for this, which will be discussed below.

The simplest VPN setup for Android

Almost all virtual networks using wireless connection by the type of Wi-Fi, they work according to the same principle - the assignment of free IP addresses from the available range. No wonder any mobile device can be easily connected to them (but only if it supports the corresponding connection protocols).

However, today any smartphones or tablets based on the Android operating system have the option of connecting the same Wi-Fi in their functionality. The network is detected automatically if the device is within its coverage area. The only thing that may be needed is just entering a password. The so-called "shared" (share) do not require a password at all.

In this case, you need to go to the basic settings on your smartphone or tablet and activate Wi-Fi connection... The system itself will determine the presence of radio modules at a distance of 100-300 meters from the device (it all depends on the model of the distributing router). After defining the network, a menu will be displayed with all available connections, indicating their blocking. If the network has a padlock icon, it is password protected (however, this will be indicated in the message initially). If you know the password, enter.

In networks common use, where password entry is not provided, and even easier. Is the network defined? Everything. We click on the connection and use it. As it is already clear, VPN configuration is not required in this case at all. It's another matter when you need to use Windows settings or another operating system (even a mobile one) to create a connection or assign the status of a distributing VPN server to a computer terminal or laptop.

Create and on Windows

With "operating systems" Windows family not everything is as simple as most users think. Of course, automatic network or connection detection via Wi-Fi, ADSL or even direct connection across network card They produce Ethernet (subject to the availability of installed equipment). The question is different: if the distributor is not a router, but a laptop or stationary computer how to get out of this situation?

Main settings

Here you have to delve into the VPN settings. Windows as an operating system is considered first and foremost.

First, you need to pay attention not even to the settings of the system itself, but to its accompanying components. True, when creating a connection or using it to the maximum, you will have to configure some protocols such as TCP / IP (IPv4, IPv6).

If the provider does not provide such services in automatic mode, you will have to make settings with the indication of the previously obtained parameters. For example, when auto-connecting, the fields in the properties of the Internet browser for filling will be inactive (there will be a dot on the item "Obtain an IP-address automatically"). That is why you do not have to register the values ​​of the subnet mask, gateway, DNS or WINS servers manually (especially when it comes to proxy servers).

Router settings

Regardless of whether you are setting up a VPN on an ASUS laptop or terminal (or any other device, by the way), access to the network is still common.

For the correct one, you need to go to its own menu. This is done using any Internet browser, provided that the router is directly connected to a computer or laptop.

In the address field, enter the value 192.168.1.1 (this corresponds to most models), after which you should activate the power-on function (enable the router's parameters in advanced mode). Typically, this line looks like WLAN Connection Type.

Using VPN Clients

VPN clients are quite specific programs that work in the likeness of anonymous proxy servers that hide the true IP address of the user's computer when accessing local area network or on the Internet.

Actually, the use of programs of this type comes down to almost complete automation. The VPN setting in this case, in general, is not important, since the application itself redirects requests from one server (mirror) to another.

True, you will have to tinker a little with setting up such a client, especially if you want to do the maximum on your home virtual network available connections... Here you have to choose between software products... And it should be noted that some applications, the smallest in size, sometimes exceed the commercial products of many famous brands, for which you also have to pay (by the way, a lot of money).

What about TCP / IP?

It goes without saying that almost all of the above settings affect the TCP / IP protocol to one degree or another. To date, nothing better has been invented for a comfortable one. Even remote anonymous proxies or local datastores still use these settings. But you need to be careful with him.

It is best to contact your ISP or system administrator before changing settings. But one thing must be clearly remembered: even when setting the values ​​manually, as a rule, the subnet mask has the sequence 255.255.255.0 (it can change), and all IP addresses start with the values ​​192.168.0.X (the last letter can have from one to three characters ).

Conclusion

However, all these are subtleties. computer technology... The same VPN client for Android can provide communication between multiple smart devices. But the biggest snag is whether it is worth using such a connection on a mobile gadget.

If you noticed, we did not go into technical details too much. Rather, it is a descriptive instruction about general concepts. But even that simple example, I think, will help, so to speak, to comprehend the very essence of the question. Moreover, with its clear understanding, the whole problem will be reduced only to the system settings, which will not affect a specific user in any way.

But here you need to be very careful. Actually, for those who do not know what a VPN connection is, it will do little. For more advanced users, it is worth saying that to create virtual network native means of Windows is not recommended. You can, of course, use the initial settings, however, as practice shows, it is better to have some kind of additional client, which will always be like a bargaining chip in the sleeve.

Please note that the task here is not to explain everything thoroughly technically correctly, the task is to explain "on the fingers" so that even novice users can understand. Hope it worked out. If you have any questions, ask them in the comments.

The essence of a VPN server is as follows... For example, you want to go to the site yandex.ru. More precisely, connect to a server with IP 77.88.21.11 (residents of the eastern regions of Russia can be sent to a server with a different IP, but that's not the point). When working without a VPN, your computer sends a packet (one might say, a request) directly to the server with the address 77.88.21.11 and receives a response from it. When working through VPN, your computer sends a packet to the VPN server, the VPN server sends the exact same packet to 77.88.21.11, 77.88.21.11 sends a response to the VPN server (because the VPN server originally sent the request), and the VPN server sends this packet to your computer.

What do we have? Requests to the address 77.88.21.11 are sent not by your computer, but by the VPN, respectively, the server 77.88.21.11 records the IP address of the VPN server, not your computer.

One of possible reasons VPN Applications - the need to hide your IP address.

Another application is need to reroute traffic... Let's take a real life example. The author of this article lives in the city of Orel (Central Russia) and wants to connect to the yunpan.360.cn server located in Beijing. The author uses (more precisely, used at that time) the services of the Internet provider "Beeline". As shown by the tracert yunpan.360.cn command entered in the command Windows prompt, outbound internet traffic to this Chinese server goes through the US. Trace does not show how the traffic goes back, but judging by the ping, it goes roughly the same route. Below is a screenshot from the VisualRoute 2010 program.

This routing is due to the fact that Beeline did not pay backbone Internet providers for a more direct channel to China.

With this route, large packet loss occurs, the speed is low, and the ping is huge.

What to do? Use VPN. Such a VPN server, to which we have a direct route, and from which there is a direct route to yunpan.360.cn. I (the author of the article) searched for an acceptable solution for a very long time and eventually found it. Was rented virtual server(what it is, we will talk later) in Krasnoyarsk (just imagine where the city of Krasnoyarsk is) at a hosting provider. Tracing to the server showed that traffic goes through Russia, ping 95 ms (I had a mobile LTE (4G) Internet, on wired internet ping will be 5-10 ms lower).

Ping Is the delay of the internet signal. The delay for the passage of Internet traffic in both directions (back and forth) is measured. Measure delay one way only by standard means impossible, because your computer sends a request to the pinged server and timed the response time.

In traces, the ping to each point (to each route point, otherwise called a hop - jump) is also shown for traffic in both directions.

It often happens that the route is different in different directions.

Next, a trace was made from the Krasnoyarsk server to yunpan.360.cn. Ping around 150 ms. Tracing showed that traffic from the Krasnoyarsk server to the Chinese one goes through direct peering (interconnection) of the provider Transtelecom and China Telecom.

Here is this very trace (made from under Linux):

tracepath yunpan.360.cn
1 ?: pmtu 1500
1: srx.optibit.ru 0.361ms
1: srx.optibit.ru 0.381ms
2: border-r4.g-service.ru 0.392ms
3: kyk02.transtelecom.net 0.855ms asymm 5
4: 10.25.27.5 112.987ms asymm 8
5: ChinaTelecom-gw.transtelecom.net 125.707ms asymm 7
6: 202.97.58.113 119.092ms asymm 7
7: 202.97.53.161 120.842ms asymm 8
8: no reply
9: 220.181.70.138 122.342ms asymm 10
10: 223.202.72.53 116.530ms asymm 11
11: 223.202.73.86 134.029ms asymm 12
12: no reply

What do we see? The Krasnoyarsk server is hosted (hosting is a service for hosting and renting server facilities) optibit.ru, connected to the Internet provider Game-Service (g-service.ru). Game-Service, in turn, lets traffic to yunpan.360.cn through the large Russian trunk provider Transtelecom (for which it pays money). TTK sends traffic through its direct connection to the network of the Chinese backbone provider China Telecom, the hop domain ChinaTelecom-gw.transtelecom.net tells us about this.

Let's remember what our problem was. Our traffic before that Chinese server went through the USA, the speed was low. What I've done? I installed VPN on this Krasnoyarsk server. And I configured my computer to work through this VPN server. What happened? Now the traffic to yunpan.360.cn did not go along the old route Orel-Moscow-USA-China, but like this:

first to the VPN server - Oryol-Krasnoyarsk,

then from the VPN server to Beijing - Krasnoyarsk-Beijing.

Got the point? We turned the route. What did it do? Outbound speed from me to yunpan.360.cn has increased. The ping has been reduced. The result has been achieved.

How do you determine your route? For beginners, the easiest way to do this is to use the VisualRoute program, which can be found on the Internet in both licensed and hacked forms.

You need to run this program and set the following settings:

It will turn out like this:

From this table, you can see which countries the traffic goes through. Once again, I draw your attention to the fact that the trace shows the route of only outgoing traffic (that is, traffic from your computer to the server). Route to reverse side can only show a trace taken from the server to your computer. VisualRoute has a small glitch: it often shows Australia (?) as a country when it cannot determine the true geolocation of the site.

VPN- Virtual private network is, one might say, its own network over the Internet, all traffic inside which is encrypted. You can study this technology in detail and. If you explain it completely on the fingers, then:

• your computer and VPN server connect over the internet
• all traffic between you and the VPN server is encrypted
• The VPN server sends it to its destination
• your IP is hidden, instead of it you can see the IP address of the VPN server

It is recommended to use VPN when working via free (or just someone else's) WiFi, since it is possible to intercept all traffic passing through the WiFi router. And when using a VPN, all traffic will be encrypted. Moreover, if you go to yandex.ru, vk.com and google.ru without a VPN, then connections to yandex.ru, vk.com and google.ru will be recorded at the level of the router and your Internet provider. When using a VPN, all connections go to the VPN server address.

There are many paid services VPN. Their advantages include only ease of use. Among the shortcomings should be highlighted high cost, lack of 100% confidentiality (you can write a lot, but what actually happens on the VPN server, whether traffic is intercepted, is impossible to guarantee). The inability to change the IP address in a couple of clicks should also be attributed to the disadvantages of paid services.

Let's compare the cost of our self-configured solution and paid VPN services. The latter cost around 300 rubles. per month. Our solution will cost $ 0.007 per hour. We don’t use VPN right now - we don’t pay. When used for 2 hours every day for 30 days, this pleasure will cost us 30-50 rubles.

We will do the following:

1. We rent a server for VPN.
2. Let's set up a VPN on it.
3. We will use them and pay only for every hour of real VPN use.

Step # 1. Server rent.

No, we will not rent a full-fledged server. We rent virtual server - VPS(virtual private server). In very many cases, for hosting sites on the Internet or for other purposes (including for VPN organizations) does not require large server capacities, but it is necessary to "customize" the operating system of the server. Simultaneously, several operating systems cannot work on one computer (including a server, because this is the same computer, only usually more powerful). How to be? Virtual machines come to the rescue. This technology allows the operating system to run inside the operating system, which is called virtualization. In the case of servers, analogs of virtual machines are also created - virtual servers.

There are several common virtualization technologies. The most common ones are OpenVZ, KVM, Xen. Roughly speaking, Xen and KVM for each virtual machine they create their own "hardware imitation", their own OS, and so on. In the case of OpenVZ, a common OS kernel is used, as a result of which some functions (for example, making edits to the OS kernel) become unavailable, or they can be enabled and disabled only for all VPS at once. VPS on Xen and KVM, as a rule, are more stable in operation, however, the difference is significant only for major projects for which server fault tolerance is critical.

VPS on OpenVZ is always cheaper, since one virtual server requires fewer resources. Due to the lower price, we will turn our attention to VPS based on OpenVZ.

Attention! Some hosting companies (companies that provide server rental services) intentionally block VPN work on servers based on OpenVZ! Therefore, before renting such a server, you need to check with the support service (at good hosting it should respond within 15 minutes, maximum an hour), whether the VPN will work.

To work on a personal VPN server, the minimum configuration is enough - 256 MB of RAM and a 0.5-1 GHz processor. However, not all hosting providers provide VPS with 256 MB of RAM: many have a minimum tariff of 512 MB of RAM. This VPS is enough for us.

What other criteria for choosing a VPS are there? As you already understood, Internet traffic will constantly "go" from you to the VPS and back. Therefore, the main canals must have sufficient throughput round trip. In other words, the speed of the Internet connection between your computer and the VPS should be sufficient to perform the tasks you require. For everyday comfortable work, 15 Mbps is enough, and if you are going to download torrents via VPN, then you may need all 100 Mbps. But! If you and the VPS are in the networks of different Internet providers (especially in different cities), the backbone networks are unlikely to "stretch" more than 70 Mbps within Russia (or your country) and more than 50 Mbps with servers in Europe.

Most hosting services require a monthly payment. It should be noted right away that the range of prices is very large with approximately the same quality. We will use services with an hourly rate: $ 0.007 per hour of our server's work. Thus, if we use VPN for 2 hours every day, then we will pay about 30 rubles per month. Agree, this is not 350 rubles / month for a paid VPN service!

The first step is to go to the website and register:

Next, a page will open on which you need to specify the data of your bank card... Without this, the system will not work and will not provide an opportunity to use the bonus 10 dollars (more on that later). You can specify any data, the system will "eat" fake.

In this case, an amount of several rubles may be blocked on your card, which will then be returned. Your card will be debited only after the servers are used.

What if there is no bank card? Get yourself, it automatically gives you a virtual card, the balance of which is equal to the balance of the wallet. You can replenish your wallet almost everywhere, see.

However, if you enter the Kiwi card details into DigitalOcean, the system will "spit it out", referring to the fact that DigitalOcean does not work with prepaid and virtual cards... In this case, you need to top up your balance by $ 5 through PayPal by paying with a Kiwi card.

After all this, on the same page in your DigitalOcean personal account, enter the promo code DROPLET10, crediting us with 10 dollars, which we can fully use on the server, without fear of additional debits from our card.

Ready! Now let's move on to creating a VPS. Watching the video tutorial:

When creating a server, select the Ubuntu OS version 14.04, and not any newer one, incl. don't choose 16.04.

Server location		Ping domain
Frankfurt, Germany	http://speedtest-fra1.digitalocean.com/	speedtest-fra1.digitalocean.com
Amsterdam-1, Netherlands	http://speedtest-ams1.digitalocean.com/	speedtest-ams1.digitalocean.com
Amsterdam-2	http://speedtest-ams2.digitalocean.com/	speedtest-ams2.digitalocean.com
New York-1, USA	http://speedtest-ny1.digitalocean.com/	speedtest-ny1.digitalocean.com
New York-2	http://speedtest-ny2.digitalocean.com/	speedtest-ny2.digitalocean.com
New York-3	http://speedtest-ny3.digitalocean.com/	speedtest-ny3.digitalocean.com
San Francisco, USA	http://speedtest-sfo1.digitalocean.com/	speedtest-sfo1.digitalocean.com
London, Great Britain	http://speedtest-lon1.digitalocean.com/	speedtest-lon1.digitalocean.com
Singapore	http://speedtest-sgp1.digitalocean.com/	Speedtest-sgp1.digitalocean.com

Note. Amsterdam or Frankfurt is suitable for most residents of Russia and the CIS countries (ping to Frankfurt in most cases will be slightly less than to Amsterdam). Residents Far East I recommend Russia to test Singapore and compare the indicators with European servers.

Server locations abroad will allow using a VPN bypass the prohibitions of state bodies on visiting certain sites (if this is relevant for you).

DigitalOcean's price includes 1 terabyte (1024 GB) of traffic (see). Most of this will be enough with their heads. The rest of the hosting services have formally unlimited traffic, but it becomes unprofitable for them when the threshold of 1-2 TB / month is reached.

That's it, we ordered a VPS. Congratulations. Now it's time to move on to setting it up.

Step # 2. VPN setup.

Don't be alarmed, the process of setting up your own VPN is as easy as two or two!

In the video tutorial above, we connected to our server using Putty. Now let's continue.

Copy and paste (by right-clicking, as we did in the video tutorial) the command:

Now copy and paste the following into the opened file editing window:

Press Ctrl + O, then Enter.

Press Ctrl + X.

Copy and paste the command:

Enter 1 and press Enter. We wait. According to the system's requests, enter the desired username and press Enter. Likewise with a password. For the questions “[Y] / [N]” enter Y and press Enter. After completing the configuration, our username and password and the IP address of the server will be shown.

Ready! VPN is configured!

Now open the "Network Control Center and general access»Windows:

We select the setting of a new connection:

We select "Connection to the workplace":

We are waiting a little. We are now working via VPN! To make sure of this, go to and make sure that our IP address shown to us matches the IP address of our VPS.

Now attention! Across Personal Area DigitalOcean, we can turn off our VPS (droplet in DigitalOcean terminology), however, even for the server when it is turned off, it is written off Money at the standard rate. Therefore, we will do backup our server, delete it, and when we need the VPN again, we'll restore it from a backup!

Let's go to server management (the DigitalOcean control panel is located at cloud.digitalocean.com, you can enter it through the Sign In button on the digitalocean.com main page in the upper right corner).

We need to create a backup (snapshot) of our VPS. But to do this, you first need to turn it off.

We are waiting for about a minute until the server turns off. Then go to the Snapshots section, enter an arbitrary name for the snapshot and create it:

For each gigabyte of "weight" of our VPS when creating a picture, 2 cents will be charged. It will take a few minutes to create a backup (snapshot).

Now we remove the server:

Everything! No more money is debited from us.

What to do when you need a VPN again

We need to create a new VPS from the backup we made before.

Click "create a droplet":

Now, as before, enter any server name in Latin letters without spaces, select the first minimum tariff, the region must be the same, as the one in which we had the server before.

Below we click on the name of the picture that we took (it was gray, but should turn blue):

... and click the big green "Create droplet" button.

We are waiting for about a minute.

Let's see if the IP address of our server matches the previous one. If so, then in Windows we simply resume the previously created connection:

If not, then right-click on the name of our connection and change the IP address to a new one:

Enter a new IP and click "OK":

Attention! Now, to turn off the VPN, we do not need to make a backup, we just delete the server right away, and next time we will restore everything from the old snapshot. It is not necessary to shut down the server before deleting it. Just in case, the following procedure is in the screenshots:

We removed the VPS while the VPN was not being used. Now let's restore it from the old snapshot:

Again, we check if the old IP is preserved and continue working.

On the same server (or another one), you can raise your personal proxy, for example, to the 3proxy software base, but this is not the topic of this article.

Found a typo? Highlight and press Ctrl + Enter

Technology that creates logical network on another network, received the abbreviation "VPN", which literally means English language stands for "Virtual Private Network". Speaking simple language, VPN includes different methods communication between devices within another network and provides the ability to apply different ways protection, which significantly increases the safety of information exchanged between computers.

And this is very important in the modern world, for example, for networks of large commercial corporations and, of course, banks. Below are detailed guides on how to create a VPN, instructions on the procedure for making a VPN connection and how to properly configure the created VPN connection.

Definition

To understand more easily what a VPN is, you just need to know what it can do. VPN connection allocates a certain sector in the existing network and all computers and digital equipment located in it are in constant communication with each other. But most importantly, this sector is completely closed and protected for all others in big network devices.

How to connect VPN

Despite the initially seeming complexity of VPN definition, its creation on Windows computers and even the VPN setup itself will not present much difficulty if detailed guidance... The main requirement is to strictly follow the strict sequence of the following steps:

Further, the VPN setup is performed, taking into account the various accompanying nuances.

How do I set up a VPN?

It is necessary to configure it taking into account the individual characteristics of not only the operating system, but also the operator providing communication services.

Windows XP

To have a VPN in the operating room Windows system XP has successfully carried out its work, it is required to perform the following sequential steps:

Then, when operating in the created environment, you can use some convenient functions. To do this, you need to do the following:

Note: The parameters are always entered differently, as they depend not only on the server, but also on the service provider.

Windows 8

In this OS, the question of how to set up a VPN should not cause any particular difficulties, because here it is almost automated.

The sequence of actions consists of the following steps:

Next, you need to specify the network options. To this end, perform the following actions:

Note: Entering the settings can vary significantly depending on the network configuration.

Windows 7

The process of making settings in Windows 7 is simple and accessible even to inexperienced computer users.

To produce them Windows user 7 requires the following sequential steps:

Note: in order to work correctly, a careful individual selection of all parameters is required.

Android

To configure the normal functioning of an Android gadget in a VPN environment, you need to do a few steps:

Connection characteristics

This technology includes different types delays in data transfer procedures. Delays occur due to the following factors:

1. It takes some time to establish a connection;
2. There is a constant process of encoding the transmitted information;
3. blocks of transmitted information.

The most significant differences are present in the technology itself, for example, for VPN you do not need routers and separate lines. To function effectively, you only need to enter the world wide web and applications for encoding information.

Telegram was blocked, free proxies and VPNs work intermittently due to a large influx of users, or even stop functioning without explaining the reasons, how.

Paid tools can also disappear at any time: the law banning anonymizers and VPNs has long been adopted, but has not yet been applied. In this situation, the only guarantee of freedom on the Internet becomes own VPN... A life hacker will tell you how to set it up in 20 minutes.

Choosing a hosting

To set up a VPN, you need a VPS - a virtual private server. You can choose any hosting provider, as long as the following conditions are met:

• The server is located in a country that does not fall under the jurisdiction of the Russian authorities, but is close enough to your real location.
• Random access memory (RAM) must be at least 512 MB.
• The network interface speed is 100 MB / sec and higher.
• Network traffic - 512 GB or more or unlimited.

The amount of allocated space on the hard disk and the type of drive does not matter. You can find the right solution for $ 3-4 a month.

When buying a server, choose KVM. OpenVZ and Xen are also suitable if they have TUN connected - you need to ask about this in technical service hosting provider.

With KVM, no additional manipulations will have to be done, although some hosting providers may restrict the ability to create a VPN on it. You can also clarify this in the support service.

When configuring the server in the "Hostname" item, you can enter any value: for example, test.test... The prefixes NS1 and NS2 are also not important: we write ns1.test and ns2.test.

Operating system - CentOS 7.4 64 bit or any other distribution kit, there are no fundamental differences in setup. Leave the network traffic at 512 GB or choose an additional amount if you are afraid that the existing one will not be enough. Location - the closer the better. The Netherlands will do.

After payment, a letter will be sent to the mail with all the necessary data for setting up a VPN. You have purchased space on a server in another country, it remains to redirect all traffic to it.

Configuring VPN

We will use the Putty program to connect to the server and send commands. I received a link to it in an email with registration data for hosting. You can download the program. Putty and its counterparts are also available on macOS, the settings will be identical.

Run Putty. On the Session tab, in the Host Name field, enter the IP address that came in the letter and click Open.

When a warning window appears, click Yes. After that, the console will start, through which you will send commands to the server. First you need to log in - the authorization data is also in the letter from the hoster. Login will root, print it by hand. Copy the password to the clipboard. To paste the password into the console, right-click and press Enter. The password will not be displayed in the console, but if you are logged in, you will see the system information or server number.

There shouldn't be a long time between entering your username and password. If an error message appears, restart Putty and try again.

To set up the VPN, I used a ready-made OpenVPN road warrior script. This method does not guarantee complete anonymity, so it is easy to find the user when committing illegal actions. But it is enough to bypass the blocking. If all VPN services stop working, this connection will continue to function while I pay for hosting.

To use the script, paste the line wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh into the console.

After successfully adding the script, a dialog with the configuration wizard will start. He independently finds the optimal values, you just have to agree or choose the appropriate option. All actions are confirmed by pressing the Enter key. Let's go in order:

1. The IP address must match the IP address that you received in the letter from the hoster.
2. Leave the default protocol UDP.
3. Port: 1194 - agree.
4. Which DNS to use - choose Google. Erase 1 , write 3 and press Enter.
5. Client name - enter the username. You can leave client.
6. Press any key - press Enter again and wait for the setup to finish.

After completing the configuration, you need to create a file through which you will connect to the VPN. Enter the command cat ~ / client.ovpn.

The contents of the file will appear in the console. Scroll up to the cat ~ / client.ovpn command and select everything that appears below except the last line. The selection should end with... To copy a fragment, press Ctrl + V.

Launch Notepad, paste the copied snippet and save the file on your desktop with the name client.ovpn.

We connect to the server

To connect using the created file, you need an OpenVPN client. The PC version can be downloaded. Download and install the program, but don't run it. Right click on the file client.ovpn and select Start OpenVPN.

A console window will appear with the initialization of the connection. If the connection was successful, the Initialization Sequence Completed status will be at the bottom. In the process of connecting, a window for selecting a network may appear, click on the public network.

To make sure the connection is correct,. It must match the one that the hoster wrote in the letter. To stop sending requests to a server in another country, close the OpenVPN window.

OpenVPN also has mobile clients.

To establish a connection, transfer the file to the phone's memory client.ovpn... Launch the application and select the OVPN Profile item. Specify the path to the file and move the slider to the "Enabled" position.

A VPN connection icon will appear at the top. To make sure that traffic is being redirected through a server in another country, open any IP address checker service in your mobile browser.