VPN to Raius1

7/31/2019 VPN to Raius1

1/18

thc hin cu hnh VPN thng qua Radius chng ta lm nh sau1. Ti my Server Domain Controller- To Group

+ VPN Site- To User :

+ User1: vpn1+ Pass : 123+ User2: vpn2

+ Pass : 123

Chng ta Add hai User ny vo Group VPN

Vo Start > Program > Administrative Tools > Active Directory Users andComputers > Kch chut phi vo Domain quanghitech.com > chn Raise DomainFunctinal Level.. >


2/18

Ca s Raise Domain Functinal Level hin ra ta chn Windows Server 2003 v OKChn chc nng Raise ln Windows Server 2003 cho php User c th quay sthng qua chc nng Control access though Remote Access PolicyTi mc Active Directory Users and Computers ta chn hai User va to xong lVPN1 v VPN2 > chn Properties > chn Tab Dail-in > chn Control access thoughRemote Access Policy > OK


3/18

2. Ti my Server RadiusVo Start > Settings > Control Panel > chn Add or Remove Programs > chnAdd/Remove Windows Components


4/18

Ca s Windows Components Winzard hin ra > ta chn mc Networking Services> chn Internet Authentication Service > kch OK tin hnh ci t dch v ny

Sau khi ci t xong ca s Internet Authentication Service c giao din nh sau

Ti giao din Internet Authentication ServiceTa tin hnh to Radius Client > kch chut phi vo Radius Client > chn NewRadius Client


5/18

Ca s New Radius Client xut hin ta in thng tinTai mc :Friendly Name : VPNClient address ( IP or DNS ) : 192.168.10.20 ( nhp IP ca Server VPN ng mngtrong ) chn Next


6/18

Ca s Additional Information xut hin

Ti mc Client Vendor chn Radius StandardTi mc Shared secret v Confim shared secret : ta nhp key vo : 123 > chn Next> v chn Finish kt thc


7/18

Remote Access Policies cho php chng ta to ra mt Policy cho php Group hayUser c php truy cp vo thng qua PolicyTi giao din Internet Authentication ServiceTa tin hnh to Remote Access Policies > chut phi chn New Remote AccessPolicy > chn Next

Ca s Policy Configuration Method xut hin ta nhp tn vo mc Policy Name >kch Next tip tc


8/18

Ti mc Access Method ta chn kiu VPN > kch Next tip tc

Ti mc User or Group Access ta chn Group v chn Add > Add Group VPNm chng ta to ti Server Domain Controller


9/18

Ti mc Authentication Methods chng ta chn chng thc : Microsoft EncyptedAuthentication version 2 ( MS-CHAPv2 ) kch Next tip tc

Ti mc Policy Encryption Level ta chn Strongest Encryption ( IPSec Triple DESor MPME 128bit ) kch Next tip tc v hon tt qu trnh


10/18

kch Next tip tc v hon tt qu trnh to Remote Access Policies

Chng ta ty chnh thm VPN Site va to ti Remote Access Policies bng cchkch chut phi chn Properties


11/18

Ta chn Grant remote access pemission s dng Remote Access Policies ny >Apply v OK

3. Ti my Server VPN ta tin hnh Routing and Remote Access

Vo Start > Program > Administrative Tools > Routing and Remote AccessCa s Routing and Remote Access xut hin


12/18

Kch chut vo DC3 > chn Configure and Enable Routing and Remote Access

Kch Next > chn Remote access ( dial-up or VPN )


13/18

Kch Next chn VPN

Ti muc VPN Connection > chn Card Lan ngoi mng


14/18

Ti mc IP Address Assignment > chn From a speccified range of addresses

Ti mc Address Range Assignment > kch chn Add


15/18


16/18

Ti mc Managing Multiple Remote Access Servers > chn Yes, set up this serverto work with a RADIUS server > chng thc qua my RADIUS server

Ti muc RADIUS Server Selection ta nhp IP caRADIUS Server : 192.168.10.30Shared Secret : 123


17/18

Kch Next hon tt qu trnh ci t Routing and Remote Access


18/18

Documents

VPN to Raius1