If you’re a frequent traveler who regularly connects to a distant home or office by dialing direct, you must be the toast of your long-distance phone company.
Fortunately, there’s a more economical solution. Virtual private networking (VPN) is a fancy way of saying, “Your remote computer can become part of your host network, using the Internet as a connection instead of a long distance phone connection.” Yes, this does sound exactly like the direct-dialing feature described above—except this time, you don’t pay any long-distance bills, your host PC doesn’t necessarily have to have its own phone line, and (if the computers on both ends have fast connections) you’re not limited to the sluglike speeds of dial-up modems.
With a VPN connection, both the host and the remote computers connect to the Internet by making local calls to your Internet service provider (ISP). If you travel with a laptop, that’s a good argument for signing up with a national or international ISP that has local access numbers wherever you plan to be. On the other hand, if you don’t move your computers around much, you can just use your regular ISP as you always do, whether you connect using a dial-up, a cable modem, DSL, or whatever.
If you’re connecting to your corporate network, no problem: your company probably has its own Internet service. If you are the sole proprietor of both machines, however, all of this may mean that you’ll actually have to have two different ISP accounts, so that both machines can be online at once.
Not only can VPN save the frequent traveler quite a bit of money, but it’s also extremely secure. When you connect using VPN, the information traveling between the two connected computers is encoded (encrypted) using a technology called tunneling. Your connection is like a reinforced steel pipe wending its way through the Internet to connect the two computers.
To create a VPN connection, your host computer must have two important components:
It must be on the Internet at the moment you try to connect. Usually, that means it needs a full-time Internet connection, like cable modem or DSL. But in a pinch—if it has only a dial-up modem, for example—you could phone a family member or co-worker just before you need to connect, with the direction to go online with your home PC.
It needs its own, fixed IP address. (See the box on the previous page for a workaround.)
The remote computer, on the other hand, doesn’t have any such requirements.
To set up the host PC for the VPN connection, do exactly as you would for direct-dial connections (Section 21.2)—but in step 6, choose “Allow virtual private connections.” When the wizard finishes its work, the host machine is ready for action. Instead of setting up the modem to answer incoming calls, Windows XP now listens for incoming VPN connection requests from the Internet.
Now move to the laptop, or whatever machine you’ll be using when you’re away from the main office. These steps, too, should seem familiar—they start out just like those that began in Section 21.2, except that in step 3, you should choose “Virtual Private Network connection.” Then proceed like this:
On the Public Network screen before you, leave “Automatically dial this initial connection” selected. Use the drop-down list to select the connection you use to access the Internet.
Now Windows XP can automatically dial up your ISP when you launch the VPN connection.
Click Next. On the VPN Server Selection screen, type the host name or registered IP address of the VPN host—that is, the computer you’ll be dialing into.
If you’ve signed up for one of the dynamic DNS services described in the box in Section 21.3, you know what the host computer’s name is. Otherwise, specify its registered IP address.
Click Next, turn on “Add a shortcut to this connection to my desktop,” and then click Finish.
The result is a new icon on your desktop (and in the Network Connections window). When you double-click it, you see a dial-up box like the one shown in Figure 21-2. As with direct-dial connections, you can use dialing rules (Section 9.5) to simplify your life as you move from area code to area code in the course of your life.
At this point, you’ve once again joined your home network. Exactly as with the direct-dial connections described earlier, you should feel free to transfer files, make printouts, and so on. Avoid actually running programs on the distant PC, at least if one computer or the other is connected to the Internet using a dial-up modem; the situation improves if both are using high-speed connections.
When you want to hang up, right-click the connection icon in your notification area and choose Disconnect.
Note
All of this sounds simple enough—and it is, if you have only one PC at home, or several that rely on Internet Connection Sharing (Chapter 18).
Unfortunately, setting up virtual private networking (and, for that matter, Remote Desktop, described next) on larger networks, or on networks that don’t use Internet Connection Sharing, can be extremely complex. If you’ve installed a router to share an Internet connection with your network, for example, some hairy technical bushwhacking is involved in setting it up to accommodate remote-access requests from the road. A consultant, or call to the router company, may be in your future.