A virtual private network (VPN) is a network that uses a public telecommunication
infrastructure, such as the Internet, to provide remote offices or individual users with secure
access to their organization's network. A virtual private network can be contrasted with an
expensive system of owned or leased lines that can only be used by one organization. The goal of a
VPN is to provide the organization with the same capabilities, but at a much lower cost.
A VPN works by using the shared public infrastructure while maintaining privacy through security procedures and tunneling protocols such as the Layer Two Tunneling Protocol (L2TP). In effect, the protocols, by encrypting data at the sending end and decrypting it at the receiving end, send the data through a "tunnel" that cannot be "entered" by data that is not properly encrypted. An additional level of security involves encrypting not only the data, but also the originating and receiving network addresses.
Just follow next two pictures what to choose
Wait for wizard to finish, and then you will get this picture
Now you have role installed. You must configure and enable RRAS
When you click on option Configure and Enable RRAS new wizard will start. Just follow the wizard in next 5 pictures.
NOTE: You MUST have two NIC configured, one for internal use (LAN) and one for external use (WWW)
I prefer to choose IP address range and number of possible connecting clients son next picture will shown how to do that
If you have AD infrastructure configure your RRAS like this
After this you will get this picture and click Finish
Now your Server have successfully configured RRAS.
Choose option Connect to a workplace
For previously described configuration of RRAS option Use my Internet connection (VPN) will be right choice.
Type your DNS name of RRAS server or public IP address, and follow steps in next three pictures.
Additional option as authentication protocols can be founded in properties of your VPN connection. Most commonly used is already checked.
A wizard will start. Follow next three pictures.
Choose name for your VPN connection
Type DNS name or public IP address of your previously configured RRAS (VPN) server
Well done you are configure client for VPN access. Now you need to type your username and password before connect.
Steps for configuring additional authentication protocols (if needed) is described in next two pictures. At first you must click Properties.
A VPN works by using the shared public infrastructure while maintaining privacy through security procedures and tunneling protocols such as the Layer Two Tunneling Protocol (L2TP). In effect, the protocols, by encrypting data at the sending end and decrypting it at the receiving end, send the data through a "tunnel" that cannot be "entered" by data that is not properly encrypted. An additional level of security involves encrypting not only the data, but also the originating and receiving network addresses.
Configuring VPN on server 2008 R2
Configuring VPN start with adding server role for RRAS.
Just follow next two pictures what to choose
Wait for wizard to finish, and then you will get this picture
Now you have role installed. You must configure and enable RRAS
When you click on option Configure and Enable RRAS new wizard will start. Just follow the wizard in next 5 pictures.
NOTE: You MUST have two NIC configured, one for internal use (LAN) and one for external use (WWW)
I prefer to choose IP address range and number of possible connecting clients son next picture will shown how to do that
If you have AD infrastructure configure your RRAS like this
After this you will get this picture and click Finish
Now your Server have successfully configured RRAS.
To create an Active Directory user account for a router
-
Open the Active Directory Users and Computers snap-in, and create a user
account for the calling router (for a two-way connection, create a user
account for the calling router in both sites). The name of the account
must match the name of a corresponding demand-dial interface on the
remote router.
-
To ensure that connectivity occurs, clear the User must change password at next logon check box and select the Password never expires check box on the Account tab on the property sheet for the user account object.
-
On the user account Dial-in tab, select one of the following options:
- Allow access.
This option overrides the grant or deny remote access permission
setting specified on the Properties page of any associated remote access
policy.
- Control access through Remote Access Policy. This option ensures that the grant or deny remote access permission setting specified on the Properties page of any associated remote access policy is used.
- Allow access.
This option overrides the grant or deny remote access permission
setting specified on the Properties page of any associated remote access
policy.
Configuring client on Windows 7 for VPN access
Go to network and sharing center and choose option set up a new connection or network
Choose option Connect to a workplace
For previously described configuration of RRAS option Use my Internet connection (VPN) will be right choice.
Type your DNS name of RRAS server or public IP address, and follow steps in next three pictures.
Additional option as authentication protocols can be founded in properties of your VPN connection. Most commonly used is already checked.
Configuring client on Windows XP for VPN access
On Windows XP go to Network Connections and click Create a new connection
A wizard will start. Follow next three pictures.
Choose name for your VPN connection
Type DNS name or public IP address of your previously configured RRAS (VPN) server
Well done you are configure client for VPN access. Now you need to type your username and password before connect.
Steps for configuring additional authentication protocols (if needed) is described in next two pictures. At first you must click Properties.
0 comments:
Post a Comment