Since MSP360 Backup supports file system repositories - apart from a wide range of cloud storage services - you may want to use it for a peer-to-peer backup (P2P backup). In this article, we are going to show how to create a backup using a VPN-connected storage repository.
Table of Contents
This guide can be suitable in case you want to implement a low-cost off-site backup scenario using only the resources you have: two computers connected via the Internet. This scenario is a good option for home users or a small office environment, but it is also helpful in case you need to move the system to another location by using system image and new hardware.
We can also mention a less common scenario - disaster recovery. You may want to protect from a disaster in a few crucial servers or workstations by maintaining their offline copies in a remote location.
Regardless of the particular scenario, for the P2P backup, we suggest using a VPN connection since it is the simplest way of connecting two PCs over the Internet.
P2P Backup Scenario Overview
To show how the P2P backup works, we will create a remote repository based on the remote network shared folder. Then we will use this share as a MSP360 Backup repository. The backup data will go from the local PC to a remote one by using a VPN network.
Windows has a built-in VPN server called Routing and Remote Access Service, but in this guide, we will use the third-party tool SoftEther VPN - it's easier and generally more stable than using an embedded Windows service. The software is free of charge and has a graphical interface, unlike most of the other open-source VPN tools.
Unlike Windows PPTP or any legacy VPN protocols, SoftEther VPN also has optimized MTU (minimum transmission size) handing to send large data frames over the VPN connection, thus improving overall backup performance.
Checklist for Creating VPN Backup Repository
- Two Windows systems in separate locations - either virtual or physical. We will use Windows 10 clients as an example.
- External static IP for the remote “repository” system, which will act as a VPN server. You should be able to connect to this system over the Internet directly.
- Administrator rights on both systems, since VPN configuration, involves network adapters settings change and running of background system services.
- SoftEther VPN server & client distributions.
- MSP360 Backup Desktop Free or higher edition.
Note that the free edition is limited to 200 GB of user data and doesn’t support image backups. For using advanced features, choose MSP360 Backup Desktop PRO Edition. (To check all the main features available in this edition, please visit the product page of MSP360 software for Windows cloud backup.)
For a VPN backup scenario, we need at least one network share support, which is present in all MSP360 Backup editions.
How to Create a VPN Connection to the Remote PC
First of all, you need to install SoftEther VPN server on the remote system, which will act as a remote connections server. Then install SoftEther VPN client to the local machine, which will initiate the remote connection to the VPN server. SoftEther installation is a wizard-driven process, but if you face any difficulties - please check the vendor’s manual.
When the software is up and running, let’s create a VPN connection profile on the remote system:
Connect to the remote machine (here and after - remote PC) by using your favorite remote management tool - for example, Microsoft Remote Desktop.
Note: please ensure that your remote PC has an external IP. If it is not connected to the Internet directly, you may need to set up port-forwarding on the remote network router - please refer to the device manufacturer documentation.
First, you need to create a local Windows user on the remote PC - we will use it to authenticate the VPN connection. Despite allowing you to create an internal user account in SoftEther VPN, it is better to use a Windows-based account since you will also need it to set up network sharing:
Right-click Start button and choose Computer Management:
Navigate to Local Users and Groups and choose New User in the context menu of Users folder.
Set User name and Password, uncheck option User must change password at next login and click Create.
Now create a VPN server configuration - launch SoftEther VPN Server Manager on the remote PC and click Connect in the window that appeared:
In the Manage VPN Server… window click Create a Virtual Hub:
Enter the hub name in the New Virtual Hub window, leave other settings at their defaults, and click OK.
At this moment you should verify that the remote PC is available from the Internet. Here is one of the possible ways of checking it:
- Find out the external IP address assigned to the remote PC. For example, you can visit My External IP website from the remote PC - your IP will be shown at the top.
- On the local computer for which you will create a backup (here and after - local PC) open Windows Terminal by pressing WIN+R and then typing CMD.
- In the terminal window type the following command and press Enter:
If the remote PC is accessible from the outside, you will get a similar output:
If you get the “Request timed out” message instead, then you need to check network connectivity between local and remote PCs.
Let’s specify which users can connect to the VPN server. Click Manage Virtual Hub button:
In the Management of Virtual Hub window press Manage Users:
Click New to change settings. Since we are going to use Windows internal accounts - enter ‘*’ as new User Name and select NT Domain Authentication in the list below:
Click OK and then close all opened windows.
Now you need to obtain the local IP which we will use as our backup repository address. You can use one of the remote PC network adapters and its network address and mask. Check the settings using this command:
Note the network adapter desired and its IP/mask. Here is the example output:
In our case, the remote PC internal IP is 192.168.40.1 with network mask 255.255.255.0. Remote PC is now configured as a VPN server.
To configure the client profile, you need to open the local PC console and do the following:
Start SoftEther VPN Client and click Add VPN connection in the main window (please agree with creating a new virtual adapter):
In the New VPN Connection Settings Properties window you should set the following:
Setting Name - specify VPN connection name.
Host Name - specify remote PC external IP.
Port Number - use the drop-down menu and choose TCP:5555.
Virtual Hub Name - select hub created in the previous steps.
Ensure you have selected available Virtual Network Adapter.
Auth Type - select RADIUS or NT Domain Authentication and provide user credentials that we created during VPN server configuration.
Now we need to specify the IP address and mask for our VPN adapter. Right-click the Windows Start button and choose Network Connections:
In the Network Connections window select virtual VPN adapter and click Properties in its context menu. Then click Internet Protocol Version 4 and specify IP address from the same network as you find at the last step of VPN server configuration.
Now we can establish a VPN connection by double-clicking it in SoftEther VPN Client Manager. If the connection state is changed to “Connected”, then your configuration was successful.
Now we have a VPN tunnel established and are now able to map the remote shared folder.
How to Back Up to Remote Shared Folder
Windows Network Sharing is a complex set of services that allows you to access computers over the local network. Since we have a limited VPN network, it is better to use Ip addresses instead of DNS or NetBIOS names. Such an approach helps maintain sharing performance and connection stability.
We can map the shared folder directly in MSP360 Backup, but first of all, you need to share the specific folder:
Connect to the remote PC and open Windows Explorer. Create the folder which will contain MSP360 backups and choose Properties in its context menu.
Select the Sharing tab and click the Share button - you will need to type a username (VpnUser in our example) and click Add. Then you can change user permissions so our backup account can read and write the data.
After confirming your actions with the Share button, this folder will become accessible via the VPN network.
Start the backup plan wizard by clicking either Files or the Image Based button. Files allow you to back up data on the file level; Image-Based allows you to capture an entire volume on the lower level. So, the second option is better for a whole system backup or as a part of the disaster recovery strategy.
Next, you need to choose a backup strategy: Local or Cloud backup, or Hybrid Backup. The first option allows you to have a separate data copy either on local storage or in a cloud service, but Hybrid backup allows you to combine both methods, thus achieving a more resilient data protection solution.
We will use the Local or Cloud strategy as an example.
Select the Backup Storage step allows you to add a storage account. Choose File System to connect the remote shared folder.
On the next step you need to provide the shared folder path and user credentials:
After providing credentials, you can test the connection and verify that the shared folder is accessible.
Configure the rest of the backup plan options as you do for any other backup plan.
Please note that your remote repository will only be available when the VPN network is connected.
Now you know how to create a VPN connection and backup to another computer over the internet. You can use such P2P backups when implementing additional off-site repositories in your backup strategy, but we would also suggest implementing cloud repositories.
If you don’t have a cloud backup solution yet - try MSP360 Backup for FREE and check whether it meets your needs: