This can all be done using the free hamachi version. I have a premium license so I can make the network more secure by having to authorise new members.

This guide covers connecting a windows XP machine to private networks with linux and windows machines acting as the routing nodes.

I have 2 networks in my office, 10.1.0.0 and 10.2.0.0. I use the VPN for connecting my laptop to these networks from home.

Setting up the ‘client’ XP machine (the one which needs to VPN into the networks)
- Download and install hamachi
- Create a new network specifically for the VPN.
- Add ‘RoutedTunneling 1′ to hamachi-override.ini and restart Hamachi. You may need to create this file by clicking Configure, Preferences, System, Open Configuration Folder – then create hamachi-override.ini
- Click Start, Run and type ‘regedit’, then set HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersIPEnableRouter to 1
- Reboot and open hamachi.

First ‘server’ – Windows (10.1.0.53 is the example local IP)
Follow the instructions above, but instead of creating a new network, join the one you previously created. That’s all you need to do to get a windows server set up.

Linux ‘servers’ (10.2.0.201 on my local network)
- cd /opt
- wget http://files.hamachi.cc/linux/hamachi-0.9.9.9-20-lnx.tar.gz
- tar -zxvf hamachi-0.9.9.9-20-lnx.tar.gz
- cd hamachi-0.9.9.9-20-lnx/
- mkdir /dev/net
- make install
- tuncfg/tuncfg
- hamachi-init
- hamachi start
- hamachi set-nick servername
- hamachi login
- hamachi join networkname networkpassword
- hamachi go-online networkname
- echo 1 > /proc/sys/net/ipv4/ip_forward

Note that whenever the linux machines are rebooted, /proc/sys/net/ipv4/ip_forward will reset to 0.

The server nodes are now setup to forward IPv4 packets around the network.

This next step is where most problems will occur. The server nodes will forward packets to the network, but other machines on the local networks don’t know where to send data to 5.x.x.x addresses. I set up rules on our firewall which work something like:
Requests to 5.0.0.0/8 need to be routed to 10.1.0.53 on the 10.1 network
Requests to 5.0.0.0/8 need to be routed to 10.2.0.201 on the 10.2 network
This is one rule for each of the networks I need to access. I’m not sure how to do this in different firewall setups so I’m not much help here.

Everything is now setup, but the ‘client’ node doesnt know where to send packets to any of the 10.1 or 10.2 networks. To fix this, we need to create routes on the machine. I created 2 batch files, one to connect the VPN, and one to disconnect.

Connect batch file

Obviously you’ll need to put the hamachi IP’s of each of the server nodes in this file.

Disconnect batch file

At this point everything is set up and ready to connect. You will need full connectivity to all the server nodes which you are using (green icons in hamachi).

Then you run the batch file to connect the VPN (or just type the route commands into a command prompt manually). Test pinging the local address of the server nodes, then other addresses inside the remote network.

Diagnostics
First, try pinging the local address of one of the server nodes (10.1.0.53 in my example). If this doesnt work, then my guess is that the route command hasn’t been done correctly.
Next, try pinging another machine on the local network (10.1.0.50 for example). If this doesnt work, then it’s likely that the server node isn’t forwarding the packets correctly, or the responses from the machine you’re pinging aren’t being sent back to the server node properly – check the firewall routing and make sure you’ve set /proc/sys/net/ipv4/ip_forward to 1.

Note that this whole setup will only work if the client node is actually off of the local network at the time you try to connect. By this, I mean that when I am at work, my laptop has the IP 10.1.0.56 and it connects out via 10.1.0.1 – obviously the VPN wont work while I’m at work because the route command will override the default gateway route and stop me connecting out at all.

Bookmark It