X4B Does not provide IPSec+L2TP VPN services any more. GRE/IP-in-IP tunnels are far superior and recommended instead. This tutorial is maintained for general information only.

This tutorial contains the steps required to an IPSec + L2TP VPN for use with your X4B service. This tutorial assumes you have already added a VPN to your service and you have the details (secret, username and password) on hand. Only tested on Windows Server 2008, Windows 7 and Windows 8. You should ensure you have KVM / VNC access to your server in-case you loose networking.

Step 1

Goto the Network and Sharing Center and click Setup a new connection or network

Step 2

We need to Connect to a workplace and click Next

Step 3

Select VPN

Step 4

Enter your Proxy IP in the Internet Address field. The Destination name is a description field.

Step 5

Once the VPN is created go to your adapter settings and goto its properties.

Step 6

In the security tab and set the options as described below.

Step 7

Click advanced settings and enter yout IPSec secret (Pre-Shared Key).

Step 8

In the networking tab click on "Internet Protocol Version 4" opening its properties dialog

Step 9

Click "Advanced Settings" and disable the default gateway. Set a high metric such as "9999".

Step 10

Now connect to your IP. You will be prompted for a username and password. Once connected you should be able to ping the VPN Gateway at 10.240.9.1

Step 11

In an administrator command prompt execute: route -p add 0.0.0.0 mask 0.0.0.0 {INTERNAL_IP} metric 9000

If you are adding multiple VPN connections you will need to lookup the interface ID in the interface table (at the top) and execute the following command: route -p add 0.0.0.0 mask 0.0.0.0 {INTERNAL_IP} metric 9000 if {INTERFACE}

Restarting your server

After a restart you will need to re-connect to the VPN.

Troubleshooting

Ensure you have at-least one port utilizing the VPN at all times, the VPN will not be configured on the filtering server unless there is a port referencing it. Ports that reference VPN's are "(Tunnel)" suffixed and refer to a backend starting with "VPN".