locked
Windows 7 - Setup a VPN Server (No internet access) RRS feed

  • Question

  • Server Machine:

    Dedicated Server VM provided by a provider (similar to an amazon ec2 powered system) - All ports are opened

    OS: Windows 7 Professional  - Fresh install (+newest windows updates (as of start of this month) preapplied)

    Firewall: Only windows firewall (turned it all off in : Control Panel\All Control Panel Items\Windows Firewall\Customize Settings)

    Since it is not behind a router, DHCP is done through windows and I have disabled on the main network adapter (I have manually configured the IPv4 ip/gw/subnet).  Tried enabling it so it auto gets it, no difference.

    Fyi: I have contacted one of the tech support responsible for maintaining the vms on site and assured me that everything is open and nothing is blocked. Any sort of firewall is the client’s responsibly to setup on their system.

    Fyi2: I do have a second dedicated server provided by the same provider but on a completely different system (not the same place as the windows 7 machine being hosted… I hope this makes sense) but with Ubuntu installed. I have pptpd installed, configured and running on the same ip range [10.0.0.10 – 10.0.0.20] that I have setup for the windows VM. VPN clients that connect gets the correct 10.0.0.* ip and are able to access the web fine using the VM’s vpn connection.  And no, I don’t run both vpn connections at same time.

    Following most examples on the web on how to setup a vpn server (which all show exact same way) and supposedly it just works is my struggle here.

       eg) http://www.howtogeek.com/135996/how-to-create-a-vpn-server-on-your-windows-computer-without-installing-any-software/

    I have already setup an incoming connection on the server. For properties,  IPv4 range: 10.0.0.10 - 10.0.0.20

    Client

    • Setup a new vpn connection (pptp) and 'use default gateway on remote network' IS CHECKED. I want all traffic routed through the vpn connection.
    • Connecting through the vpn works fine but the status says 'no internet connection'
      • I able to ping the 'Server IPv4 address [10.0.0.10] and I am also able to browse to \\10.0.0.10. I can also ping the servers wan ip (66.*.*.17)
      • I cannot ping google.com or (googles ip) nor browse any website from my local machine

    I would like to say that I should not have to change anything on the client side  (just like I didn't have to when connecting to the other vpn server [ubuntu one]).

    So what exactly am I missing here? Any help would be great!



    • Edited by .Rain Tuesday, November 17, 2015 9:46 PM
    Tuesday, November 17, 2015 9:45 PM

Answers

  • "Did you try to use the other client to check if the issue persist?".  If you mean the vpn connection to my ubuntu VM, it works exactly like I would expect it to work. Internet is accessible.

    "Did you ping Google before you connect to VPN server?"  Yes, pings went through with 0% loss.

    "Did the IP 10.0.0.10 ping Internet without any problems?"  Well, that IP belongs to the 66.*.*.17 IP and through rdp, I could ping with 0% loss.

    I have tried switching the network card priority, in my case it was just 2 adapters (the incoming connection and internet adapter.

    -----

    After hours of research and several days of figuring this out, I have finally solved it (in an acceptable matter). There have been some posts on superuser, stackoverflow and a bunch others that said to do this; the client needs to setup a custom routing (through command prompt) for the vpn connection. With no other alternative, this just seemed very wrong to me.

    I spent some time reading the windows server 2008 vpn routing / nat configuration pages and it seems that it is better suited for this particular case (routing traffic through vpn) and windows 7 does not quite support this (instead, windows 7 uses 'internet connection sharing' which is not the same thing).

    The solution:

    I managed to find a software called, "NAT32", which I installed on the windows 7 vm, linking the incoming connections adapter with the internet adapter. Tested my vpn connection to that vm and I can access the internet (pinging google.com works!) with the 66.*.*.17 IP (perfect!). No client side changes / special configurations needed... Just setup vpn connection, name/username and connect.

    I suppose there is also OpenVPN and SoftEther but those require a custom client vpn software which I did not want nor should need to connect to a pptp.

    Hopefully, this will help anyone with a similar problem to mine and save them the countless wasted hours spent on figuring this out.

    • Marked as answer by .Rain Thursday, November 19, 2015 3:57 PM
    Thursday, November 19, 2015 3:56 PM

All replies

  • Hi Rain,

    Thank you for your question.

    Did you try to use the other client to check if the issue persist?

    Did you ping Google before you connect to VPN server?

    Did the IP 10.0.0.10 ping Internet without any problems?

    When we connect to VPN server, we could adjust the network card priority to check if the issue persist. 

    http://blogs.technet.com/b/networking/archive/2015/08/14/adjusting-the-network-protocol-bindings-in-windows-10.aspx 

    Notice: this link also apply to Windows 7.

    Best Regard,

    Jim Xu

    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Jim Xu
    TechNet Community Support

    Thursday, November 19, 2015 8:08 AM
  • "Did you try to use the other client to check if the issue persist?".  If you mean the vpn connection to my ubuntu VM, it works exactly like I would expect it to work. Internet is accessible.

    "Did you ping Google before you connect to VPN server?"  Yes, pings went through with 0% loss.

    "Did the IP 10.0.0.10 ping Internet without any problems?"  Well, that IP belongs to the 66.*.*.17 IP and through rdp, I could ping with 0% loss.

    I have tried switching the network card priority, in my case it was just 2 adapters (the incoming connection and internet adapter.

    -----

    After hours of research and several days of figuring this out, I have finally solved it (in an acceptable matter). There have been some posts on superuser, stackoverflow and a bunch others that said to do this; the client needs to setup a custom routing (through command prompt) for the vpn connection. With no other alternative, this just seemed very wrong to me.

    I spent some time reading the windows server 2008 vpn routing / nat configuration pages and it seems that it is better suited for this particular case (routing traffic through vpn) and windows 7 does not quite support this (instead, windows 7 uses 'internet connection sharing' which is not the same thing).

    The solution:

    I managed to find a software called, "NAT32", which I installed on the windows 7 vm, linking the incoming connections adapter with the internet adapter. Tested my vpn connection to that vm and I can access the internet (pinging google.com works!) with the 66.*.*.17 IP (perfect!). No client side changes / special configurations needed... Just setup vpn connection, name/username and connect.

    I suppose there is also OpenVPN and SoftEther but those require a custom client vpn software which I did not want nor should need to connect to a pptp.

    Hopefully, this will help anyone with a similar problem to mine and save them the countless wasted hours spent on figuring this out.

    • Marked as answer by .Rain Thursday, November 19, 2015 3:57 PM
    Thursday, November 19, 2015 3:56 PM