To be able to connect via the Internet to a
VPN-server, the system with the activated
"Incoming connection" for VPN-connections ( = VPN
server) needs to have an IP-address,
which is valid and known on the Internet:
When you connect directly via a modem, using a phone-line, or via
broadband ( cable modem
or DSL/ADSL modem), your systems is getting an Internet
when you connect via a router (often the functions of Modem and
Router are integrated into
a single box, called ADSL-router ) :
then the router will have an Internet IP-address assigned, while
all connected systems will
use a local network IP-address, the router handles the
communication from the PC's to the
internet via IP-address translation (NAT), but that makes it
impossible to connect from the
internet through the router to a system on the LAN, no connection
can be established from
the Internet to a VPN-server on the local network.
possible solution: if you can get from your
ISP ( Internet Service Provider ) 2 IP-addresses,
one for the router and one for a second system and if you can
configure the router to allow
to connect onto the local network to the VPN-server, to which the
2nd Internet IP-address
is assigned to.
||In my example, the system acting as
VPN-server , allowing incoming VPN
connections, is connecting via
Dial-up modem to the Internet.
( I was not able to get my systems
connected via ADSL to work as
VPN-server. I can not say at this
time, whether this is a problem of
Windows XP or a limit of my
ISP provider on the ADSL-line.
If you have ADSL and can use
it for incoming VPN-connections,
please inform me with a short
In any case : please check your
||tab : Networking
for a secure connection,
only the TCP/IP protocol is used,
no File-and-Printer sharing to
avoid any uncontrolled access from
the Internet to your disk.
Also the build-in firewall or
third party firewall should be
||To allow VPN-connections to
your system, select in the
Network Properties from the
"Network Tasks" :
"Create a new connection"
This will start the
"New Connection Wizard",
the first page has just some
information message, just
continue with "Next"
"Network Connection Type"
"Set up an advanced connection"
"Advanced Connection Options" :
- "Accept incoming connections"
(allow other computers to connect
to this computer through the Internet,
"Devices for Incoming Connections"
I am not sure on the purpose of
this screen, maybe to limit a
connection only to a selected
device, and it does not allow
to define a network card as
communication device, maybe
because the same procedure is also
used to configure incoming connection
on a modem or parallel cable ?)
I did not select any device,
just continue with "Next"
"Incoming Virtual Private Network
"allow virtual private connections"
select from the list the Users,
which will be allowed to use
this incoming VPN connection.
since VPN allows a secure
connection, you can now allow
the use of "File and Printer sharing",
which will permit via the VPN
connection access to your disk
(if you have shared your disk
||The Wizard has completed
the connection, continue with
||In the "Network Connections",
it is now shown as "Incoming",
showing the status.
||Right-click on the
"Incoming Connection" and
select "TCP/IP Protocol" and
display the "Properties"
||Incoming connections are
allowed to connect to the
by default, TCP/IP addresses
for the connection will be assigned
by DHCP, either a DHCP-server
somethere on your network or by
IP-addresses from the range
if you use your own IP-address
range (like 192.168.1.x )and like to
access other systems on your network,
you should define a range of
IP-addresses to be used by the
A word of warning: If both the
network of the VPN-server and
the VPB-caller use the same
range of IP-addresses on a local
network, you will not be able to
connect, it will be required to change
one of these networks to a different
range of IP-addresses !