Sharing internet connection over VPN in Windows XP

Question

How can I share my internet connection with VPN clients using the Windows XP built-in VPN server?

I want to be able to use my home internet connection (on an XP machine) from my anywhere using my laptop (Windows 7 machine). The built-in VPN server in XP and the VPN client in Windows 7 seem to do a great job of giving me access to both machines securely over the internet, but I cannot find a way to use ICS in conjunction with the incoming connection to give access to my home internet connection to my laptop remotely.

Is there a way to do this? or is there an alternative VPN server software that is not limited to only local access?

Answer 1

You might use a proxy server on your home machine, such as the free Proxy.

Another solution might be to use a router that can function as VPN server.

Answer 2

You'll have to configure Windows to act as a NAT router from its VPN interface towards the Internet interface. I see no reason why configuring this would be any different from configuring it for a local (non-VPN) connection. Basically you need to tell it to share your Internet connection with computers on the VPN interface.

If for some reason you are unable to use the GUI, google for "windows xp nat routing" to see how it can be done from command line. Once you have NAT/ICS set up, it's just the matter of adding appropriate routes to the VPN clients:

• A default route via the Windows XP box's VPN IP address. This route needs a metric lower than the regular default route, so it will override it.
• A route to the Internet IP address of the VPN server via whatever was the original default route. This route needs a metric lower than the above added default route. This is needed because the above override for the default route has overridden it entirely - but we still need the connection to the VPN server itself (Windows box) to go directly through the Internet.

You haven't mentioned exactly which VPN protocol you use. I've read that Windows XP supports PPTP and L2TP. I suggest that you use L2TP and not PPTP, because L2TP is Layer 2, and I'm not sure how DHCP would work on a non-Layer-2 network.