Tips on Using the VPN Server of Windows
If you use the VPN server of Windows by creating an incoming connection, here are a couple tips to keep in mind:
- Avoid IP conflicts: To reduce the chance of IP conflicts, you should set the router of the network hosting the VPN server to an uncommon IP/subnet. Stay away from the common default IPs, such as 192.168.0.1, 192.168.1.1, or 192.168.2.1. You might try something like 192.168.50.1.
- Configure any third-party firewalls: Windows automatically allows the VPN traffic through Windows Firewall when the incoming connection is configured. However, any third-party firewalls installed on the host PC need to be configured to allow traffic on port numbers 47 and 1723.
- Configure port forwarding on the router: If you’re using a router on the host network, you must setup port forwarding before you can access the VPN server via the Internet. Login to the web-based control panel of the router, find the virtual server or port forwarding settings, and then create an entry forwarding port 1723 to the local IP address of the host PC.
- Signup and configure a dynamic DNS service: If the Internet connection of the host network uses a changing or dynamic IP address, it can be a pain for remote users to keep track of the address. However, you can sign-up for a free dynamic DNS service (such as from No-IP) to get a hostname that will always point to the Internet IP of the host network. Once you signup, you can configure your router to update the service when the IP changes.