Windows 7 / Networking

---

Configuring a Network Gateway for VPN

The best way to use VPN is when the client has a broadband Internet connection and the server has a public IP address or domain name. This enables you to access the server directly using your fast Internet connection. What happens, however, if the Windows 7 machine you set up as the VPN server sits behind a gateway or firewall and so uses only an internal IP address?

You can often get around this problem by setting up a network gateway to pass through VPN packets and forward them to the VPN server. (Note that some broadband routers come with VPN capabilities built in, so they can handle an incoming VPN connection automatically.)

The details depend on the device, but the usual first step is to enable the gateway's support for VPN passthrough, which allows network computers to communicate via one or more VPN protocols (such as PPTP and IPSec).

In some cases, just enabling VPN passthrough is all you need to do to get VPN up and running through your gateway. If your VPN connection doesn't work or if your gateway doesn't support VPN passthrough, you have to open a port for the VPN protocol you're using and then have data to that port forwarded to the VPN server. (This is similar to the port forwarding described earlier for Remote Desktop connections.) The forwarded ports depend on the protocol:

PPTP Forward TCP to port 1723
IPSec Forward UPD to port 500