Last month, we completed our discussion on how to setup and configure a VPN client to connect to the VPN host we configured the month before. We also outlined some common troubleshooting techniques to help you resolve some of the connection issues you might run into. This month we conclude our discussion by how to access your network resources via the VPN.
First off, we need to make sure that both the host and the client computers use the same Workgroup name. Verify this by going to Control Panel and clicking on System. Look under the section Computer name, domain, and workgroup settings. In Vista, the default Workgroup name is WORKGROUP, but you can change this to practically anything. For Vista PCs, this step isnt absolutely necessary, but it will increase performance, and it's a must if your client PC uses Windows XP.
Next, Vista makes use of two different connection types, Public or Private. Private, as you might suspect, is the setting you want for your home or work network, as it will allow your system to see, and be seen, by other devices on the network. This is the setting to use with the VPN connection.
You should use the Public setting only in unsecured locations (like airport or coffee shop hotspots) to help protect your system from unauthorized or malicious access. This is managed by Vistas Network Discovery function. If your network is set to Private, then by default Network discovery is on. You can verify these settings by clicking Start > Control Panel > Network and Internet > Network and Sharing Center and clicking on the down arrow next to the word Network Discovery.
With that now out of the way, we can get started. There are three primary functions available to you when using the VPN: file and folder sharing, remote printing and Remote Desktop.
File and Folder Sharing
VPNs are most commonly used for file and folder sharing. This is where people on a network can access and files and folders stored on a networked computer no matter where that computer is physically located. Setting up this functionality isnt all that complicated, but there are a few specific steps you need to perform.
- Log into your Host PC using an account with administrative privileges and click Start > Control Panel > Network and Internet > Network and Sharing Center.
- Go to the Sharing and Discovery section and click on the down arrow next to the word File sharing
- Select Turn on file sharing and press Apply.
You now have the capability to Share files and folders. However at this point, you havent configured any shared folders. So lets do that now.
- Create a folder on your desktop to share. For our example well call ours VPN_Projects and populate it with some data (documents, pictures, presentations, etc.)
- When finished, right-click on VPN_Projects and select Share.
- This will bring up a dialog box asking you to Choose people to share with. Your user account will be listed by default. If you use another account for your VPN access, enter it here. During the last column we used VPNUSER. When finished, press Share.
- This process might take a few minutes. Once it's finished, your folder will be shared. Click Done to complete.
- Now right-click on the VPN_Projects folder and select the Sharing tab.
- Press the Advanced Sharing button. *Windows might ask for your permission to continue. If it does just press Continue.
- One the next screen, check the Share this folder option. You also have the option of setting the number of simultaneous users who could access this folder. If youre going to be the only one you can set it for 1. Well leave it at the default of 10.
- Now press Permissions. By default Everyone has Read access to the folder. My advice would be to remove Everyone and only add the specific user accounts which will need access. This would be the account you use to connect to the VPN (again, in last month's column that was vpnuser).
- Type the username and then press Check Name to verify it. Once verified press OK. Under the Permissions for VPNUSER check Allow for Full Control. Press OK. Press OK again and then Close.
Now if you go to the Network and Sharing Center, at the bottom of the dialog box click where it says, Show me all the shared network folders on this computer. Doing so opens a window showing you all of your shares. The VPN_Projects folder should now be visible.
*Note that if you're using a third-party software firewall (e.g., something other than Vista's built-in Windows Firewall) you might run into some configuration issues. If you do, try TEMPORARILY disabling it until you can isolate the problem.
On the client PC, you need to map a drive to the shared folder. Unfortunately, the odds are you wont be able to browse for the host PC since the VPN wont pass NetBIOS traffic. For this reason youll need to know the IP address of the Host PC and the shared folder name.
Remember, the IP address is not the global IP address you used to connect the VPN client to the Host PC, but the local LAN address of the PC. If you dont remember the address, you can find it by opening a DOS window on the host PC and typing IPCONFIG. Ours is 192.168.0.101.