In this lab I will show you how to create a PPTP VPN connection from your local area network to a remote PPTP server. Especially for those of you who use a PIX firewall, you need a single command to allow outbound PPTP connection to be successful. In this blog I will show you not only how to create the VPN connection but I will also show you what that command is.
First, launch the Control Panel. Choose Network and Sharing Center.
Click Set up a new connection or network.
Choose Connect to a workplace and click Next.
Click Use my Internet connection (VPN).
Type in the Internet address (public IP address or host name) of the VPN server and a description for the connection. In this case, I enter the address as vps.dalaris.com and the description as My VPN. Click Create.
Click Change adapter settings to reveal the connection that we just created.
The newly created VPN connection is shown disconnected. Double-click it to connect.
Click the Connect button.
Enter user name and password for the VPN connection. Click OK when ready to connect.
If you are ad administrator that uses a Cisco PIX firewall, make sure you have this line configured; otherwise the connection will not work.
pixfirewall(config)# fixup protocol pptp 1723
As you can see that the VPN connection is now connected.
At this point, every time we go to the Internet, traffic needs to go through the VPN tunnel. This could be slow at times due to the VPN speed. We need to change the Properties of the VPN Connection so that it uses local default gateway for Internet access. Otherwise, your browsing will be through the VPN connection and it could be slow depending on your VPN connection speed. To do that, right-click on the VPN connection My VPN and choose Properties.
Highlight Intenet Protocol Version 4 (TCP/IPv4) and choose Properties.
Make sure the Use default gateway on remote network option is not checked. Click OK when done.
Now click OK again to dismiss this dialog box.
Click OK again to dismiss the following dialog box.
At this point, when you connect to the VPN, and in your web browser, go to:
The IP address shown should be your Public IP address instead of the VPN’s gateway public IP address.
Conclusion: In this blog post I showed you how to create a PPTP VPN connection from the Internal LAN to the Internet. I also show you the Cisco PIX firewall fixup command to allow the connection to be established successfully.