Embed Size (px)
DESCRIPTION
this document decribe about how to configure both remote access vpn and site to site vpn on windows 2003
Citation preview
By THEAM DARA, [email protected]
HOW TO CREATE SITE TO SITE VPN (L2TP)
ENABLE VPN AND REMOTE ACCESS SERVICE1- we do on “Routing and Remote Access console”
2- choose service you want to enable
By THEAM DARA, [email protected]
3- choose what you need
4- select the interface connect to internet and disable stateful firewall
By THEAM DARA, [email protected]
5- select the source ip that server will provide to client
6- create ip range for client – if we use automatic we don’t need to create it will choose from dhcp server
By THEAM DARA, [email protected]
7- we choose to get the authenticate source from the vpn server, or we can choose from RADIUS server
8- finish enable vpn remote access server
=== NOTE === Completing this step, you can use Remote Access client (PPTP) to connect to server
EXAMPLE TO MAKE A CONNECTION TO SERVER ON WINDOWS XP
By THEAM DARA, [email protected]
7- enter your server ip
8- then follow the screen until finish
=== YOU GET A INTERFACE TO YOUR VPN SERVER BUT YOU HAVE TO HAVE A USER NAME AND PASSWORD TO CONNECT TO IT ===
THE USER ACCOUNT MUST ENABLE ON SERVER IN ORDER TO DAIL IN. DO SHOW1- we use computer management console
By THEAM DARA, [email protected]
2- double click on user that you allow to dail in
3- in dail-in tab select “allow access “
=== NOW YOU ARE READY TO DAIL-IN USING USER DARA ===
By THEAM DARA, [email protected]
1- double click on your new interface you just created in “Network Connections” named “my workplace at Phnom Penh”
2- when you finish you will see the result
=== FINISH REMOTE ACCESS CONNECTION (PPTP) ===
By THEAM DARA, [email protected]
NOW I PROCEED TO SITE TO SITE CONNECTION (L2TP)
- I will edit the above server to make it became site-to-site vpn server- You need to have 2 server to make it work
MAKE IT TO BECAME SITE-TO-SITE SERVER
1- we still use “routing are remote access” console
By THEAM DARA, [email protected]
2- select security tap to add PRE-SHARED KEY phrase
3- do like this on both servers
=== WE HAVE TO ADD STATIC ROUTE TO MAKE CLIENT ON BOTH CAN COMMUNICATE WITH EACHE OTHER ===
ADD STATIC ROUTE IN ORDER TO MAKE BOTH LOCAL NETWORK CONNECT EACH OTHER
Vpn1 internet
Vpn2192.168.4.2inside
172.16.138outside
172.16.1.153outside
192.168.5.1inside
By THEAM DARA, [email protected]
1- we still use “routing and remote access” console
2- add the route on vpn2 from lan on vpn2 to lan on vpn1
3- do this also on vpn1
=== FINISH CONFIGURE ON BOTH SERVER SO IT CAN USE SITE-TO-SITE VPN ====== NOTE WE HAVE TO DIAL ON BOTH SERVER TO EACH OTHER, BUT LOCAL NETWORK ON BOTH SITES CAN COMMUNICATE WITH EACH OTHER ===
By THEAM DARA, [email protected]
MAKE L2TP INTERFACE
1- it is the same as the one we created above, but only a little configure to make it become L2TP interface
2- on security tab type the PRE-SHARED KEY phrase
By THEAM DARA, [email protected]
3- do this on other vpn too, then dial-in on both servers
=== AFTER DAIL-IN ON BOTH SERVER YOU WILL HAVE THIS RESULT ===
================FINISH BOTH PPTP AND L2TP VPN===================
ANY CONSULTANT CONTACT [email protected]
===========================================
![Untitled-1 [ ] · PDF file192.168.1.1 TCP, UDP L2TP, PPTP ASCII, EBCDIC, ICA CERTIFIED VPNC Interop Basic AES Interop VPNC SSL Portal CERTIFIED SSLAdvanced Network Extension SSL Basic](https://img.dokumen.tips/doc/110x75/5aa33c477f8b9a46238e1c3c/untitled-1-19216811-tcp-udp-l2tp-pptp-ascii-ebcdic-ica-certified-vpnc.jpg)
