VPN – familiar solutions and modern alternatives. Shrew free alternative to Cisco VPN Client Pptp alternative windows client

It has been used for a long time, the thing is very stable - it’s installed and works, but there are a lot of shortcomings that negate its advantages and application, especially in new projects.

Advantages

The main advantage is that there are native clients, probably for all operating systems as standard. There is no need to install anything additional. However, this is where the advantages end.

Flaws

1. The most important thing is weak cryptography - none by modern standards. A computer with multiple graphics cards (GPU) will be able to crack the encryption key in a reasonable amount of time.
2. You cannot make flexible configurations, for example, if you need some traffic to go through the VPN, and some directly, then this must be configured manually using the route command with all that it implies.
3. Using a specific GRE protocol, which is not always open and is very sensitive to NAT and other things.

OpenVPN

There are two varieties under the same name: commercial OpenVPN Access Server (AS) - not to be confused with OpenVPN! The second product is GPL i.e. freely distributed.

If the qualifications of a system administrator are not very high, but you need something nice and out of the box, then OpenVPN AS is quite applicable. Everything there is configured semi-automatically. You can configure flexible configurations for the client, strong encryption. There are some other advantages compared to the free version, but, in my opinion, they are not significant.

Use requires payment, but 2 accounts are provided for free :) I used it at home - I got 2 connections for my eyes and it’s easy to set up. For a non-poor organization it can and does make sense (increasing the cost of ownership, entering an IPO, low requirements for administrators, etc., etc.).

In my organization, I use OpenVPN and PPTP, which is reserved for older users, especially since 2 VPN services coexist perfectly on the same server and do not interfere with each other. Setting up is of course more complicated than its commercial counterpart, but once set up, you can only generate certificates using a script and enjoy life.

Clients need to be downloaded - they are not included in the OS. Well, probably, it can only be accessed in Linux using APT :) For other OSes, you need to download additionally. There are native and alternative clients (the source code is open).

Under Windows, I tried both native and third-party commercial software (the client itself was free, by the way). It all depends on the task. The native client requires administrator rights to establish a connection or install it as a service, which, by the way, is convenient for an untrained user - that’s what we use. Third-party software made it possible to raise the connection from under a simple user.

For MacOS there is a great tunnelblick client - everything is very convenient and simple. Does not require administrator rights to establish a connection. For iOS you need to install the client from the AppStore (free). It integrates very organically - just a tab appears in the VPN system settings. The program itself is used once to install the certificate. It's probably also available for Android, but God has mercy, I didn't set it up.

SoftEther

And finally, the most promising and seemingly cool VPN server. Free at the same time. Project website - www.softether.org

What's good about it?

Support for an incredible number of protocols in one server, including OpenVPN and others. Those. no need to keep a zoo of servers for different systems. And, as they say, the speed of tunnels on SoftEther is significantly higher than that of other servers.

Why don't we use it?

When OpenVPN was introduced, they didn’t know about it. And when they found out, they decided that there was no need to break what was working. For future projects we will most likely use SoftEther.

Alexander Zlobin

I encountered a problem installing Cisco VPN Client on Windows 7 and also x64,
if on Windows 7 x86 you can run it with a shamanic tambourine, then on x64 all attempts will be in vain (Cisco almost fundamentally does not want to make x64 Vpn Client).

I go to the search engines... and see the following solutions to the situation:

1. Installing AnyConnect VPN Client, which runs on x64 but does not have IPSec (not suitable).
2. Create a Windows x86 virtual machine and install Cisco VPN Client.
3. Install one of a bunch of alternative paid clients (by the way, not one of them worked)
4. Installing Windows x86 (and the ability to get a BSOD on Win7 after installing Cisco Client) :)

All of the above methods are, to put it mildly, impractical :)

5. Installation of the free OpenSource client Shrew (by the way, it is not only for Windows, but also for nix systems)

Let's go along path 5 :)

Here's an example of how to set up tunneling with group authorization (“Group Authentication”):

1) Let's create a new connection profile (Add button)
and in the General tab in the “Host Name or IP address” field we indicate the IPSec gateway address and port

2) Let's go to the "Client" tab
select force-rfc in the NAT traversal item (leave everything else as default)

3) Let’s move on to the “Name Resolution” tab (here everything can be left by default; in most cases, with proper configuration, the Cisco VPN Server itself will return the necessary addresses)

4) Let's go to the "Authentication" tab
Set the “Authentication method” to Mutual PSK+Xauth (used if the authentication method is by IPSec Group ID or by shared key)

4.1) Let’s go to the “Local Identity” sub-item, set “Identification Type” = “Key Identifier”
and enter the IPSec group ID in the “Key ID String” field

4.2) Let’s go to the “Remote Identity” sub-item and set “Identification Type” = “Any”

4.3) Let’s go to the “Credentials” sub-item and enter our group password (IPSec Group Password) in the field
"Pre Shared Key"

5) Tabs: Phase 1, Phase 2 and Policy do not need any settings, leave everything by default

6) Save the connection settings.

7) Click the Connect button
enter your credentials

If everything is fine in the log we will see the treasured phrase “tunnel enabled”

I hope my description will be useful in facilitating the creation of tunnels on Windows x64.

How many VPN tunneling protocols are there now: OpenVPN, L2TP, SSTP, PPTP, IPSec. All are interesting in their own way. The most commonly used are PPtP and L2TP+IPSec due to the fact that they are built into the Windows operating system. The article is being written in continuation of setting up an L2TP+IPSec and PPtP server on MikroTik. Let us remind you that this is setting up a combination of PPtP and L2TP+IPSec server. Unlike Apple, Microsoft did not remove PPtP from Windows 10 and other systems, and both protocols can be used with our server.

Go to the Network and Sharing Center:

This can be done either by left/right clicking on the network icon in the tray or through the control panel.

Click on setting up a new connection or network:

Select a connection to your workplace:

Select: Use my Internet connection (VPN)

Let's enter the username and password in the fields. You can also check two boxes.

After clicking the connect button, the selection of protocols for connecting to our server begins:

The default connection will be configured using PPtP:

Return to the Network and Sharing Center and click on VPN connection:

Click properties:

Go to the security tab and change the protocol to L2TP IPsec VPN:

Click the additional parameters button and enter the pre-shared key (IPsec secret).

Welcome to our website! In this manual, you will learn how to set up a VPN connection using the PPTP protocol for the Windows 7 operating system.

As a reminder, VPN (Virtual Private Network) is a technology that is used to access a secure network(s) over the public Internet. Using a VPN channel, you can protect your information by encrypting it and transmitting it within the VPN session. In addition, VPN is a cheap alternative to an expensive dedicated communication channel.

To set up a VPN using the PPTP protocol for Windows 7, you will need:

• OS Windows 7;
• address of the VPN server to which the connection will be made via the PPTP protocol;
• login and password.

This concludes the theoretical part, let's move on to practice.

1. Open the "Start" menu and go to the "Control Panel" of your computer

2. Then select the “Network and Internet” section

3. In the window that opens, select “Network and Sharing Center”

4. At the next stage, select “Set up a new connection or network”

5. In the newly opened window, select “Connect to a workstation”

6. In the new window, select "Use my Internet connection (VPN)"

8. In the window that opens, in the “Internet address” field, enter the address of your VPN server, in the “Destination name” field, enter the name of the connection, which you can choose arbitrarily

9. In the next window, enter the username and password that are registered on the VPN server. In the “Remember this password” field, put a “tick” so that you do not have to enter it every time you connect

10. After the above steps, the connection is ready for use, click the “close” button

11. After this, go back to the Start menu, then to Control Panel, Network and Internet, Network and Sharing Management, where we select “Change adapter settings”

12. Find our VPN connection in this window, right-click on it and go to its properties

14. In the same window, only on the “Network” tab, uncheck the boxes next to the items: “Client for Microsoft networks” and “File and printer access service for Microsoft networks”

This completes the VPN setup using the PPTP protocol for the Windows 7 operating system and the VPN connection is ready for use.