How many times have you forgotten something you needed in your home computer? How much time, productivity and money have you lost because of this? What if you could connect to your home computer from work? (or anywhere for that matter). You probably already thought of the idea but discarded it as being too complicated, time consuming or expensive. What if I tell you that all you need is a $60 router and simple instructions?. In this project I will teach you how to create your own home virtual private network (VPN) connection with method that will work better than even the best remote access software. A connection you will have at your service for free, 24 hrs a day and without the need of having a computer or a server on all the time consuming power. Everything will be done with the help of a simple but wonderful router and free, open source software.
What is Needed for this Project
2) Linksys WRT54GL wireless broadband router. You can usually find these routers for $60 anywhere on the web. (Check DD-WRT’s website first before purchasing this router, your existing router might already be compatible)
1) DD-WRT firmware for the router. This is free, you can find it at dd-wrt.com.
Advantages over other Remote-Connect Solutions
Having your own VPN connection.
For those of you not familiar with virtual private networks: A VPN is a tunnel to your network, meaning that once a secure remote connection is established, you will be as if you were sitting at your house inside your own network, with an IP of the same range and no firewall restrictions in the middle. Once you are connected to the VPN the possibilities are endless. You can establish a remote desktop connection to any of your home computers, print directly from your current computer to one of your printers at home. Even when you open a webpage, in your web browser it will come from your home Internet provider.
You will always have access to your network even if your external home IP address changes.
Home internet access has a flaw; your external IP is dynamic (It changes arbitrarily). If your external IP happens to change when you need to connect remotely, you are not going to know what the new one is unless you are at home. That already makes the possibility of a remote connection useless. To overcome this flaw, which is present in virtually all other remote-connect solutions; we will obtain a free subscription to a dynamic DNS provider. Dymanic DNS allows you to have a fixed IP or domain name that will point to your changing home IP address, For this project we have chosen DynDNS.
Your connection will be always on, even if all computers are off. (you can wake them up remotely)
What if you left your house and you forgot to turn your computer on, how will you be able to connect to your network? and how will you be able to access your files? This is where the Linksys WRT54GL with the DD-WRT firmware comes in. With this firmware you will be able to connect to DynDNS and inform when your external IP changes. But thats not all: you will also be able to host the VPN server at the router and not at the computer. Therefore when you connect remotely you will be connecting to your router which is always on. You may be asking yourselves at this point “that’s fine. But I still won’t be able to access my files because my computer is off!!!!” DD-WRT has “Wake-on-LAN”. With Wake-on-LAN you can wake up any computer that is directly connected to the router (no wireless).
Step 1: Open a Free Account with DynDNS
Go to the DynDNS website and click on:
1) Dns and domains -> 2) Dynamic DNS free (or “learn more” button underneath) -> 3) Create hostname
On the next page enter a subdomain name of your preference, click on the domain button to pick from a wide variety of domains, do not change any other settings. On the next section, click on “your current location’s IP address is…” so that your external IP address can be automatically populated in the field above.
Step 2: Load your Router with DD-WRT Firmware
Set up the Linksys WRT54GL and load it with the DD-WRT firmware. There are two firmwares that you are going to have to load. The reason for this is that the original firmware in router does not allow enough space to perform the loading process of the full DD-WRT firmware. Therefore, a mini DD-WRT firmware has to be loaded first. This firmware will replace the original and it is small enough for its own installation to be completed. In addition, once installed, it is also small enough for the full firmware version of DD-WRT to be loaded.
Setup and Prepare for DD-WRT Firmware Installation
Connect your router to your DSL or Cable modem via the WAN interface and to the computer via one of its 4 existing LAN ports.
Set your computer’s ip configuration from DHCP to the following:
IP address: 192.168.1.100 Mask: 255.255.255.0 Gateway: 192.168.1.1 DNS: 192.168.1.1
Make sure you can get out to the web.
Load the Router with the DD-WRT Firmware
*** WARNING: It is very important you do not interrupt the loading process once it starts or your router might be permanently damaged. The process might last several minutes, do not power-cycle your router until you see a message on the screen advising your the process has been completed. Please read this whole section before proceeding***
To load DD-WRT you have to load two firmwares. and an initial “mini” firmware that will erase the router’s current contents and will allow you to load the second and final one; the VPN firmware. Do not try to load the final VPN firmware directly to the router, it won’t fit and the installation will get stuck half way.
1) Load the “Mini” version of DD-WRT:
To load the “mini” version of DD-WRT, access the routers configuration page by opening your Internet browser and going to http://192.168.1.1 (this address might be different if you have a different brand of router). The default credentials for the wrt54gl router are: Login: Password: admin. Once there, click on the administration tab -> “fimware upgrade” -> “browse” and pick the mini version -> “click on the upgrade button”. Once again do not interrupt this process until you get a confirmation on the screen that the process has been completed successfully or else you will turn your router into a brick! Restart the router and make sure it works; if not, reset it.
2) Load the VPN Version of DD-WRT
The process for loading the final VPN version of DD-WRT is basically the same as for the mini. Access the router’s configuration page by opening your Internet browser and going to http://192.168.1.1. The default credentials for a router loaded with DD-WRT are: Login: root Password: admin. Once there, click on the administration tab then on “fimware upgrade” -> “browse” and pick the VPN version -> “click on the upgrade button”. Once again do not interrupt this process or else you will turn your router into a brick! Restart the router and make sure it works; if not, reset it.
Step 4: Configure Router’s Connection to DynDNS
Go into the router’s configuration and under the “General” click on the “DDNS” tab
- DDNS service: Select DynDNS.org
- Do not use external IP Check: Leave it as “no”
- Enter the username and password you chose when you signed up to DynDNS
- Host Name: enter the domain name you chose. Example: house.dyndns.org
- Type: leave it as “Dynamic”
- Wildcard: Leave unchecked
- Force update interval: leave the default, “10” days
Step 5: Configure VPN Setup at the Router
Go to the router’s configuration and under the “Services” tab click on the “VPN” tab
- Set “PPTP Server“, “Broadcast Support“, “Force MPPE Encription” to “enable”
- “Server IP” will be your router’s IP, in this case 192.168.1.1
- “Client IP(s)” is the IP range dedicated to all computers that will connect through the VPN, in this example we are alocating 5 IPs in the 200′s range, so we will set it to 192.168.1.200-205
- “Chap Secrets” is basically your username and password, enter it exactly as you see in the picture (click to enlarge) including spaces and asterisks. Example: If your username is “administrator” and password “abcdefg” then enter:
administrator * abcdefg *
- Set “Radius“, “PPTP Client Options“, “Start OpenVPN” (under Daemon) and “Start OpenVPN” (under Client) to “disable”
Step 6: Configure VPN Client at Incoming Computer
The following is the VPN client setup you will implement at the computer you are using to connect to your remote computer. The tutorial on this section is for Windows XP. I won’t cover Windows Vista or 7 since I do not want to make this article bigger than what it already is:
- Click Start -> Settings -> Control Panel -> Network -> New Connection
- Select “Connect to the network at my workplace” and click “Next“.
- Select “Virtual Private Network connection” and click “Next“.
- Enter the name you would like to give to this VPN connection. Any name will be OK, this is just for your reference.
- Select “Do not dial my initial connection” and click “Next” and “Finish”.
- Enter your the domain name you selected with DynDNS. Example “house.dyndns.com” and click “Next“.
- Select “Do not use my smart card” and click “Next” and “Finish“.
This will create a new icon under:
Start -> Settings -> Control Panel -> Network.
You can drag this icon to your desktop if you prefer.
Step 8: Turn your Computer on Remotely with Wake-on-LAN
Before this can be accomplished, you must enable Wake-on-LAN on your computer’s BIOS. Every computer is different, but usually to get into the BIOS you have to turn the computer on and immediately start pressing either the “DEL”, “F1″ or “F2″ buttons. Once there, look for the “Wake-on-LAN” option and enable it. All computers will have it unless the network card is not integrated into the motherboard.
Now, If you forgot to turn your computer on before you left, no problem. Just connect to your VPN, open your Internet browser and log into the router’s configuration page and perform the following these steps:
- Click on “Administration Tab” and “WOL” tab
- Select the computer you wish to wake up from the list of computers available in the router. To select the computer check the box to the right hand side; this will place the selected computer at the bottom on the “WOL addresses list”
- Press “Wake UP” button
Step 9: Connecting to the Remote Computer
Now that you are connected to the VPN and your remote computer is up and running, you can connect to it using a variety of methods, like “Shared Folders”, FTP, Telnet, etc. The most common and useful method, however, would be to connect via “Remote Desktop“.
Remote Desktop in Windows
To connect via Remote Desktop, you have to make sure that the remote desktop connection is enabled on the computer you are trying to connect to. The “Administrator” account will have access automatically once you enable Remote Desktop on the destination computer, however, other account will have to be added to the list of allowed users.
Remote Desktop in Linux
To connect from a Windows PC to a remote Ubuntu Linux PC using Windows Remote Desktop, please read this article.
To connect from a Ubuntu Linux PC to a remote Windows PC using Windows Remote Desktop, please read this article.
If you want a reliable, painless, always on, worry free connection to your home computer, there is no better solution out there. You will find hundreds of articles on the web on how to connect to your computer remotely, some even selling you one remote connection service or another. Most of then will talk about WebEx, VNC, LogMeIn, even other VPN client/server setups. None will give you a complete solution; you will either need a second person on the other side to connect you or you will need to have your remote computer on all the time. This is a complete solution, and as long as you have the router, it is free forever.