Share Private Internet Access VPN With All Your Wireless Devices

edited October 2014 in General VPN Support Posts: 261

If you have got Windows 7/8 you can easily share your Private Internet Access VPN connection with all your wireless devices (iPhones, iPads, Androids, other PCs etc…) using virtual WiFi hotspot support in Windows. You don’t need to run Private Internet Access on your router. In fact you don’t need a router at all for VPN. 

First, install PIA's client on your Windows PC. Then go to Start Menu and type cmd. Windows will find cmd.exe console program. Right click on it and choose “Run as administrator“:

image

Type the following commands into Windows console:

netsh wlan set hostednetwork mode=allow ssid=Test key=password
netsh wlan start hostednetwork

I have used “Test” as new hotspot SSID, and password “password”. You should change these.

image

If everything went OK, the last line will show “The hosted network started”. In case you receive this:

The hosted network couldn't be started.
The group or resource is not in the correct state to perform the requested operation.

this means that your WiFi driver is outdated. Make sure your wifi adapter is not disabled in the device manager, because if it is then you will need to enable it before you can carry on. The best is to use automatic update for the driver so Windows will try to find it on Windows Update. If Windows is not able to find newer driver, try to find a newer driver on manufacturer’s web site (Atheros, Intel, Realtek, etc…).

You can easily test if your WiFi card is supported using command

netsh wlan show drivers

If you see line:

Hosted network supported  : Yes

it means your WiFi card will work.

When Hosted Networking is started successfully, we need to tell Windows to share PIA's VPN connection. To do that, click on WiFi signal bars icon in your system tray (near the clock). It will show something similar to:

image

Click on “Open Network and Sharing Center” and then click on Change adapter settings:

image

If you see just a list view, the best is to switch your view to Tiles or Details. This way you will be able to identify network adapters easier:

image

We are looking for 'Local Area Connection 2' adapter. It will probably not have that name on your computer, but you will recognize it by “TAP-Win32 Adapter V9″. Right click on 'Local Area Connection 2' adapter and select Properties:

image

Click on Sharing tab, check box “Allow other network users to connect through this computer’s Internet connection”, from the drop down box select virtual WiFi adapter – I have renamed it to Virtual AP, thus name on your computer will be different. However  – you can easily find it on the previous screenshot – it has description “Microsoft Virtual WiFi Miniport Adapter”. Once finished, click on OK button.

image

The last step is to connect to Private Internet Access's VPN. Once you are connected, 'Local Area Connection 2' adapter will change its state as well.

image

Now connect to network “Test” using password “password” from your wireless phones. All your devices connected to network “Test” will use PIA's VPN.

Unfortunately, if you restart your computer or put it into sleep, Windows will disable virtual Access Point. You will need to run just this command again:

netsh wlan start hostednetwork

There are a few programs which can automate all this and help you manage virtual hosted network much easier.  Two such free program can be found here:

Free: http://virtualrouter.codeplex.com/

Paid: http://www.connectify.me/

The list of supported WiFi cards: http://virtualrouter.codeplex.com/wikipage?title=Supported Devices

Finally, If you do want to stop the Virtual Wifi miniport adapter its so easy all you do is go to the command prompt as a admin and type this "netsh wlan stop hostednetwork" with no quotes. than type this "netsh wlan set hostednetwork mode=disallow".


Enjoy.

Post edited by Support on
«13

Comments

  • edited October 2012 Posts: 261
    Screenshots taken from the phone.
    image
    image
    image
    image
    Post edited by thisisme786 on
  • edited November 2012 Posts: 261

    Update:

    1:To see the Wireless Hosted Network details, including the MAC addresses of connected users:

    netsh wlan show hostednetwork

    2: Make sure your wireless adapter isn't disabled!

    3: Make sure your password has 8+ characters.


    Remember to be secure


    When you create a Wireless Hosted Network in Windows 7, either with Netsh commands or Connectify, the use of WPA2 encryption is required. People can only connect to your virtual wireless network if they know the encryption key/password. However, people that connect may be able to view and/or edit your files if you have file sharing enabled. If you don't trust the other people, ensure you disable file sharing using the Network and Sharing Center.

    If you create an ad-hoc wireless network, remember to use encryption if you want to control who connects. You'll probably be limited to using WEP, which requires a 5 or 13 characters. Keep in mind, this encryption is hackable so use carefully. Once people connect, the same thing applies as discussed above; disable file sharing if you don't want them to access your shares.


    If you don't have any wireless connection available and are connected via ethernet connection then this a great method which will allow you to create a virtual wifi-hotspot (note: whatever device you are using to create this hotspot must have a wifi card). 

    If your device keeps losing wifi connection then use the above method to create a hotspot: e.g. In my bedroom I hardly get a good connection and often find my device having to reconnect several times to the router. So, I have setup another router as a repeater, however, I have also got another solution which is to use my laptop and connect it to the ethernet cable via powerline adapters. Using the above method on my laptop allows me to create a very strong virtual wif-hotspot. 

    Post edited by thisisme786 on
  • Posts: 15
    Any instructions for setting this up on OSX?  Then the reasons for flashing my router would diminish even more.

    Thank you very much
  • Any instructions for setting this up on OSX?  Then the reasons for flashing my router would diminish even more.

    Thank you very much
    Apps like connectify usually do the magic automatically, but that's for windows.
    I looked up this for you, so, take a look here: gdgt.com/question/can-the-macbook-air-running-os-x-lion-create-a-virtual-wifi-hotspot-g19/
    I haven't fully read the thread as I am on my phone. It should be possible for you to create a virtual hotspot but the key is to be able to share your pia adapted with the virtual adapted as explained above.
  • edited November 2012 Posts: 261
    Took a look at this (scroll halfway down):apple.stackexchange.com/questions/38507/is-there-an-application-like-connectify-for-mac-os-x-lion
    First try this without connected to the vpn.
    Please let me know wether if this worked for you or not.


    If the above didn't work then follow these simple instructions:
    Use Internet Sharing. It's in System Preferences -> Sharing pane -> Internet Sharing option. Before enabling it, just select the Internet Sharing section, select which interface you're connected to the internet via from the "Share your connection from:" pop-up menu, then enable the Airport interface under "To computers using:". Then click Airport Options, and choose a wireless network name (SSID), channel, and optional WEP password (no WPA support, sorry). Once you've configured all the options you want, start the service by enabling the "on" box next to the service name in the left column.

    Note that you can also share over other interfaces at the same time. For example, if you have an internet connection via a WWAN card, you could share that over wireless and wired ethernet simultaneously.
    Post edited by thisisme786 on
  • Posts: 15
    Thank you always for the superb support thisisme786!

    I will give this a try over the weekend with my iphone...by doing this it could theoretically be possible to connect to this network via any wireless device including my tv?  Hence I could try to access hulu like so....hmmm this is getting more interesting by the minute.
  • edited November 2012 Posts: 261
    Thank you always for the superb support thisisme786!

    I will give this a try over the weekend with my iphone...by doing this it could theoretically be possible to connect to this network via any wireless device including my tv?  Hence I could try to access hulu like so....hmmm this is getting more interesting by the minute.
    Thanks.
    Indeed, you can do pretty much anything you like because afterall be it virtual or not you are creating a very strong hotspot :)
    Hopefully you won't run into issues.

    Post edited by thisisme786 on
  • Posts: 15
    Hey thisisme786.

    Well Some good news some meh.

    1 I followed your workflow as setting it up the other way didn't yields any results.



    If the above didn't work then follow these simple instructions:
    Use
    Internet Sharing. It's in System Preferences -> Sharing pane ->
    Internet Sharing option. Before enabling it, just select the Internet
    Sharing section, select which interface you're connected to the internet
    via from the "Share your connection from:" pop-up menu, then enable the
    Airport interface under "To computers using:". Then click Airport
    Options, and choose a wireless network name (SSID), channel, and
    optional WEP password (no WPA support, sorry). Once you've configured
    all the options you want, start the service by enabling the "on" box
    next to the service name in the left column.


    This was very easy to setup and easy to connect to with my iphone.  I could browse the web no problems.

    2. Now I turned on PIA and that is when the meh happened.  The iphone was still connected however wasn't able to go through the VPN I guess as I just get the "Cannot Open Page" error after about 1 minute of spinning.

    Any ideas as to why this might be happening?  Just to be on the safe side, I checked and I had no issues on my MAC.

    OSX 10.6.8
    iphone OSi 5.xlatestx

    Thanks in advance!
  • Hey thisisme786.

    Well Some good news some meh.

    1 I followed your workflow as setting it up the other way didn't yields any results.



    If the above didn't work then follow these simple instructions:
    Use
    Internet Sharing. It's in System Preferences -> Sharing pane ->
    Internet Sharing option. Before enabling it, just select the Internet
    Sharing section, select which interface you're connected to the internet
    via from the "Share your connection from:" pop-up menu, then enable the
    Airport interface under "To computers using:". Then click Airport
    Options, and choose a wireless network name (SSID), channel, and
    optional WEP password (no WPA support, sorry). Once you've configured
    all the options you want, start the service by enabling the "on" box
    next to the service name in the left column.


    This was very easy to setup and easy to connect to with my iphone.  I could browse the web no problems.

    2. Now I turned on PIA and that is when the meh happened.  The iphone was still connected however wasn't able to go through the VPN I guess as I just get the "Cannot Open Page" error after about 1 minute of spinning.

    Any ideas as to why this might be happening?  Just to be on the safe side, I checked and I had no issues on my MAC.

    OSX 10.6.8
    iphone OSi 5.xlatestx

    Thanks in advance!
    Yep that was always going to happen, tap adapter needs to be shared with the virtual wifi adapter. I will do more reading onto how to do this in osx, but to get an idea do take a look at the very first post where this is done in windows.
  • edited December 2012 Posts: 15

    I will re-read above for windows again see if any eureka moments happen.

    Thanks for the help!!
    Post edited by fokusz on

  • I will re-read above for windows again see if any eureka moments happen.

    Thanks for the help!!
    I can't seem to find anything related to it in osx, try following the whole procedure like I did for windows when I shared the tap adapter with the virtual ap, because thats the last thing you need to do ;)
  • Posts: 15
    Had a re-read of the windows.  No eureka...but just to confirm what is the "tap" stand for?  I will have a look through the settings later tonight and share my findings...
    I can't seem to find anything related to it in osx, try following the whole procedure like I did for windows when I shared the tap adapter with the virtual ap, because thats the last thing you need to do ;)

  • Posts: 15
    Hi there...I found some info on line and thought is you woudln't mind looking at the info below. Again will have to wait until tonight to check, but does it make sense? Probably will try the simpler one first and then check your feedback on the whole tunnelblick approach.

    Thanks again! :)

    From about halfway down there were 2 topics of interest
    1. The Client (talks about installing Tunnelblick - but I am happy with the PIA app as is, would I require to do this?)
    2. Sharing Your VPN Connection:

    And I found this on a competitors site so I removed the link but kept the text:

    Open System Preferences and look under Sharing. You need to enable Internet Sharing and where it says: “share your connection from” you need to select VPN connection that we just configured.
    Where it says “to computers using” you need to select the appropriate interface (please read text above, about the fact that you can’t share VPN to the connection that is being used to connect to the Internet).
    :) :)
  • edited December 2012 Posts: 261
    Hi there...I found some info on line and thought is you woudln't mind looking at the info below. Again will have to wait until tonight to check, but does it make sense? Probably will try the simpler one first and then check your feedback on the whole tunnelblick approach.
    Thanks again! :)

    url: http://rodrigo.sharpcube.com/2010/06/20/using-and-sharing-a-vpn-connection-on-your-mac/From about halfway down there were 2 topics of interest1. The Client (talks about installing Tunnelblick - but I am happy with the PIA app as is, would I require to do this?)2. Sharing Your VPN Connection:
    And I found this on a competitors site so I removed the link but kept the text:
    Open System Preferences and look under Sharing. You need to enable Internet Sharing and where it says: “share your connection from” you need to select VPN connection that we just configured.Where it says “to computers using” you need to select the appropriate interface (please read text above, about the fact that you can’t share VPN to the connection that is being used to connect to the Internet). :) :)
    You are definitely on the right path, I have read the whole tutorial and it all made sense. There is one issue, the tutorial mentions that you would need to be connected via PPTP, whereas PIA client uses OpenVPN which installs the TAP adapter. image
    Lets follow this thread as its not a competitor: http://osxdaily.com/2012/01/05/enable-internet-sharing-mac-os-x/
    Post edited by thisisme786 on
  • Posts: 15
    Hi !  I couldn't access the website all morning, thank god its back up.

    Thank you for taking a look, this is great.  I will have a read through the above link and get back.  Cheers for this.
    :)
  • Posts: 15
    I could follow the above and it worked the same as the other day. Unfortunately it doesn't explain how to share the TAP.

    Therefore would you recommend using the method I found above.
    http://rodrigo.sharpcube.com/2010/06/20/using-and-sharing-a-vpn-connection-on-your-mac/

    And setting up a network for VPN in OSX network preferences?

    What do you think?
    Thanks again
  • Posts: 15
    After digging further found this article, seems like don't need the Tunnleblick setup.  What do you think?

    I pasted the contents as it also was from a competitor's site.


    Sharing Your Mac OSX OpenVPN Connection

    So now you are connected to your server
    and your connection is securely being routed thought the VPNSecure
    Network, But what if you want to use the same VPN in other devices in
    your network? Sure you can configure Tunnelblick in more than one Mac,
    but some devices like an iPhone or a XBOX 360 don't have OpenVPN
    clients. What can you do about that?

    You can share the VPN connection in your
    Mac and then use your Mac as a gateway for your other devices. The
    problem is that the OSX's native Internet Sharing doesn't seem to play
    nice with OpenVPN. 

    Open your favorite text editor and create a new file. Paste the following lines on it:

    #!/bin/sh
    natd -interface tun0
    ipfw -f flush
    ipfw add divert natd ip from any to any via tun0
    ipfw add pass all from any to any
    sysctl -w net.inet.ip.forwarding=1

    Save it with a name like vpnon.sh. Right click the file in Finder, select Get Info and under Permissions mark Execute. Close the Get Info window.

    Now what the hell was that all about? Let
    me break it down to you. We're using some native commands to allow your
    Mac to act like a gateway and forward all the packets to the VPN
    connection. This is very similar to what OSX's Internet Sharing does for
    you. The name tun0 is the default interface name Tunnelblick will use
    for your VPN connection, and you can confirm that by opening Terminal
    and typing ifconfig while connected to your VPN.

    Open Terminal. If you're not connected to the VPNSecure network, connect now. Go to the directory you saved your file (if you saved it in your home folder, you're already there) and type:

    sudo ./vpnon.sh

    Press enter It'll ask for your password, type it and you'll see something similar to this:

    Flushed all rules.
    00100 divert 8668 ip from any to any via tun0
    00200 allow ip from any to any
    net.inet.ip.forwarding: 0 -> 1

    Your Mac is now ready to be a gateway!

    Now all you have to do is go to the
    device you want to use with the VPN connection and under its network
    settings, change the default gateway to your Mac's IP address.

    In most devices, to change the default
    gateway you'll also need to configure it to use Static IP (my iPhone
    needed, for example).

    Just copy the same IP address, subnet
    mask and DNS server it's currently using and change only the gateway to
    your Mac's IP address. Oh, and if you don't know your Mac's IP address
    go to Preferences, open Network and select your network connection. In the right panel it'll show your IP address under Status.

    Troubleshooting

    • The method described above doesn’t work together with OSX Internet Sharing. So check if you have it enabled (under Preferences, go to Sharing) and disable it.
    • If you can’t find the option in Finder to make the script executable, you can also do it in Terminal. Just type
    chmod +x vpnon.sh
    • Be sure to save the script in
      TextEdit (or your preferred editor) as a plain text file, not as rich
      text. You can check this by typing:
    cat vpnon.sh

    in Terminal. If you see garbage instead of the script, the file was saved as rich text.

    • If you get the error “Address
      already in use” from natd when running the script, it’s because you
      already have natd running, and only one instance can be active.

    Check if you didn’t leave OSX
    Internet Sharing enabled (you have to disable it) or try to run the
    following code in the Terminal to see what app is running it:

    ps aux |grep natd 
    • When configuring your client
      device (the one which will be using your Mac’s connection) set the DNS
      servers to external addresses. You can use, for example, Google DNS (IPs
      8.8.8.8 and 8.8.4.4).

    If you want to turn VPN sharing off, create another script vpnoff.sh and put the following lines inside it : 

    #!/bin/sh
    killall natd
    ipfw -f flush
    sysctl -w net.inet.ip.forwarding=0

    After saving, run the script
    with sudo vpnoff.sh. You could also reboot your machine to disable
    VPN sharing, since none of the changes in the script is permanent.


    Thanks in advance on this one...if you think this would work, then I wouldn't have to go about flashing my japanese router (disaster from what I have read on ddwrt)...or maybe I am just nervous :-/
  • After digging further found this article, seems like don't need the Tunnleblick setup.  What do you think?

    I pasted the contents as it also was from a competitor's site.


    Sharing Your Mac OSX OpenVPN Connection

    So now you are connected to your server
    and your connection is securely being routed thought the VPNSecure
    Network, But what if you want to use the same VPN in other devices in
    your network? Sure you can configure Tunnelblick in more than one Mac,
    but some devices like an iPhone or a XBOX 360 don't have OpenVPN
    clients. What can you do about that?
    You can share the VPN connection in your
    Mac and then use your Mac as a gateway for your other devices. The
    problem is that the OSX's native Internet Sharing doesn't seem to play
    nice with OpenVPN. 
    Open your favorite text editor and create a new file. Paste the following lines on it:
    #!/bin/sh
    natd -interface tun0
    ipfw -f flush
    ipfw add divert natd ip from any to any via tun0
    ipfw add pass all from any to any
    sysctl -w net.inet.ip.forwarding=1
    Save it with a name like vpnon.sh. Right click the file in Finder, select Get Info and under Permissions mark Execute. Close the Get Info window.
    Now what the hell was that all about? Let
    me break it down to you. We're using some native commands to allow your
    Mac to act like a gateway and forward all the packets to the VPN
    connection. This is very similar to what OSX's Internet Sharing does for
    you. The name tun0 is the default interface name Tunnelblick will use
    for your VPN connection, and you can confirm that by opening Terminal
    and typing ifconfig while connected to your VPN.
    Open Terminal. If you're not connected to the VPNSecure network, connect now. Go to the directory you saved your file (if you saved it in your home folder, you're already there) and type:
    sudo ./vpnon.sh
    Press enter It'll ask for your password, type it and you'll see something similar to this:

    Flushed all rules.
    00100 divert 8668 ip from any to any via tun0
    00200 allow ip from any to any
    net.inet.ip.forwarding: 0 -> 1

    Your Mac is now ready to be a gateway!

    Now all you have to do is go to the
    device you want to use with the VPN connection and under its network
    settings, change the default gateway to your Mac's IP address.

    In most devices, to change the default
    gateway you'll also need to configure it to use Static IP (my iPhone
    needed, for example).

    Just copy the same IP address, subnet
    mask and DNS server it's currently using and change only the gateway to
    your Mac's IP address. Oh, and if you don't know your Mac's IP address
    go to Preferences, open Network and select your network connection. In the right panel it'll show your IP address under Status.

    Troubleshooting

    • The method described above doesn’t work together with OSX Internet Sharing. So check if you have it enabled (under Preferences, go to Sharing) and disable it.
    • If you can’t find the option in Finder to make the script executable, you can also do it in Terminal. Just type
    chmod +x vpnon.sh
    • Be sure to save the script in
      TextEdit (or your preferred editor) as a plain text file, not as rich
      text. You can check this by typing:
    cat vpnon.sh

    in Terminal. If you see garbage instead of the script, the file was saved as rich text.

    • If you get the error “Address
      already in use” from natd when running the script, it’s because you
      already have natd running, and only one instance can be active.

    Check if you didn’t leave OSX
    Internet Sharing enabled (you have to disable it) or try to run the
    following code in the Terminal to see what app is running it:

    ps aux |grep natd 
    • When configuring your client
      device (the one which will be using your Mac’s connection) set the DNS
      servers to external addresses. You can use, for example, Google DNS (IPs
      8.8.8.8 and 8.8.4.4).

    If you want to turn VPN sharing off, create another script vpnoff.sh and put the following lines inside it : 

    #!/bin/sh
    killall natd
    ipfw -f flush
    sysctl -w net.inet.ip.forwarding=0

    After saving, run the script
    with sudo vpnoff.sh. You could also reboot your machine to disable
    VPN sharing, since none of the changes in the script is permanent.


    Thanks in advance on this one...if you think this would work, then I wouldn't have to go about flashing my japanese router (disaster from what I have read on ddwrt)...or maybe I am just nervous :-/

    I tried replying earlier but by the time I had finished typing the reply, the site went down and lost everything. You should definitely give it a go, flashing your router might not be disastrous, however, it does require a lot of reading tough. 
  • Posts: 15
    well I managed to set this up on the the MAC, the script worked. Didn't have any problems, other then I couldn't connect my iphone.  As the script doesn't work with internet sharing on, I am not sure how to create the wifi spot to connect the phone.  Also, it mentioned to change the iphone gateway...couldn't find anywhere on the iphone to do that.

    Well getting late so will look again tomorrow. If you do have any ideas would be great to hear.

    Thanks again!
  • I've followed your instructions for the win7 setup to the letter but I can't seem to get it working. I lose internet on my laptop and cant connect other devices. would I need to have my laptop connected to the router via ethernet or can I share a wireless connection?
  • edited December 2012 Posts: 3
    NVM, figured it out.
    Post edited by ancaster on
  • If possible, when someone solve's a problem.  Could you please post the solution?
  • Posts: 1
    Really great guide tyvm for all the hard work!

    Tomtum
  • Posts: 4
    Amazing tut, using my sky hd box with the above method allows me to connect to vpn without having to setup openvpn on my router.
    Thanks
  • ThisIsMe... would this wifi connection work for ps3/xbox? 
  • Posts: 261
    ThisIsMe... would this wifi connection work for ps3/xbox? 
    Yes, it should, I have successfully tested Onlive console with it.
  • Posts: 1
    How do you set this up the other way around i.e use laptop to connect to the internet via vpn with wireless and connect to device such as xbox 360 via LAN.
  • This method will work with Windows 8 and windows 8.1.
  • Hello, thank you very much for the tutorial. I got it working but I'm having some issues with dns leaks when connected to the Windows 7 VPN share. Here is what I'm getting:

    - Windows 7 box (running the VPN share): no dns leaks, dns leak protection enabled in PIA software
    - iTouch 3: dns leaks when connected to VPN share, no dns leaks when directly connected with PPTP
    - Debian Wheezy laptop: dns leaks when connected to VPN share, no dns leaks when connected directly with OpenVPN

    When connected to the VPN share on my Debian laptop, I can connect to a PIA gateway a second time on the laptop and the leak issue is fixed but have not found a workaround for the iTouch. It would be nice to not need a second connect anyway for either device.

    Any idea what might be causing this?
  • Hi,,,pls need ur help asap...m using vaio's VGN-CR23G/P....HOSTED NETWORK   SUPPORTED IS -No....pl help..no  drivers availble ny where....dont want to replace my laptop jst coz of wifi..pls help

    vikas20011@rediff.com
    vikasbisoi23@gmail.com
Sign In or Register to comment.