Configuring a VPN connection

VPN is the abbreviation for "Virtual Private Network". In Windows CE, VPN is part of the RAS Server and enables you to use an existing network connection to dial in to your CE device via a secure channel. The resulting connection is based on IP. By default, the RAS Server integrated in Windows CE uses the PPTP protocol (Point-to-Point Tunneling Protocol) for incoming VPN connections. In order to establish a connection from outside your company network, you therefore also need to open the PPTP-specific ports in your firewall. These are 1723/TCP for the initial connection establishment and GRE for the data flow control. These ports must be forwarded by your firewall to the CE device ("port forwarding"). Please consult the manual for your router/firewall for this.

In order to configure the RAS Server for incoming VPN connections, please perform the following steps:

• Open the "Start menu" and then select "Control Panel"
• Start the "CX Configuration"
• Navigate to the "RAS Control" tab
• Select one of the modem lines listed there, for example "Hayes Compatible", and click "Enable Line"
• Please make sure that you have also made all other necessary settings, for example the setting of a user account or IP setting. These settings are described in detail further above in this document. ("General information…")
• Restart your device

Every Windows version since Windows XP has included a VPN client that also supports the PPTP protocol. Taking Windows 7 as an example, you can establish such a VPN connection to your CE device as follows:

• Open the "Start menu" and then select "Control Panel"
• Open "Network and Internet" and change there to "Network and Sharing Center"
• Click "Create a new connection"
• Select "Connect to a workplace"
• Then select "No, create a new connection". Please note: This screen is only displayed if there is already a configured dial-up connection on your system
• Select "Use my Internet connection (VPN)"
• Enter the Internet address of your CE device. Please note: If you wish to use this VPN connection from outside of your company network, you have to enter the IP address of your router/firewall here that you have configured for the "Port Forwarding"; see above.
• Click "Next"
• Enter a user name and a password. These are the access data that you set in the "CX Configuration" for the RAS Server.
• Finally, click "Connect". This saves the connection profile and starts the connection to your device.