Upload
nguyen-quoc-toan
View
220
Download
0
Embed Size (px)
Citation preview
7/31/2019 VPN to Raius1
1/18
thc hin cu hnh VPN thng qua Radius chng ta lm nh sau1. Ti my Server Domain Controller- To Group
+ VPN Site- To User :
+ User1: vpn1+ Pass : 123+ User2: vpn2
+ Pass : 123
Chng ta Add hai User ny vo Group VPN
Vo Start > Program > Administrative Tools > Active Directory Users andComputers > Kch chut phi vo Domain quanghitech.com > chn Raise DomainFunctinal Level.. >
7/31/2019 VPN to Raius1
2/18
Ca s Raise Domain Functinal Level hin ra ta chn Windows Server 2003 v OKChn chc nng Raise ln Windows Server 2003 cho php User c th quay sthng qua chc nng Control access though Remote Access PolicyTi mc Active Directory Users and Computers ta chn hai User va to xong lVPN1 v VPN2 > chn Properties > chn Tab Dail-in > chn Control access thoughRemote Access Policy > OK
7/31/2019 VPN to Raius1
3/18
2. Ti my Server RadiusVo Start > Settings > Control Panel > chn Add or Remove Programs > chnAdd/Remove Windows Components
7/31/2019 VPN to Raius1
4/18
Ca s Windows Components Winzard hin ra > ta chn mc Networking Services> chn Internet Authentication Service > kch OK tin hnh ci t dch v ny
Sau khi ci t xong ca s Internet Authentication Service c giao din nh sau
Ti giao din Internet Authentication ServiceTa tin hnh to Radius Client > kch chut phi vo Radius Client > chn NewRadius Client
7/31/2019 VPN to Raius1
5/18
Ca s New Radius Client xut hin ta in thng tinTai mc :Friendly Name : VPNClient address ( IP or DNS ) : 192.168.10.20 ( nhp IP ca Server VPN ng mngtrong ) chn Next
7/31/2019 VPN to Raius1
6/18
Ca s Additional Information xut hin
Ti mc Client Vendor chn Radius StandardTi mc Shared secret v Confim shared secret : ta nhp key vo : 123 > chn Next> v chn Finish kt thc
7/31/2019 VPN to Raius1
7/18
Remote Access Policies cho php chng ta to ra mt Policy cho php Group hayUser c php truy cp vo thng qua PolicyTi giao din Internet Authentication ServiceTa tin hnh to Remote Access Policies > chut phi chn New Remote AccessPolicy > chn Next
Ca s Policy Configuration Method xut hin ta nhp tn vo mc Policy Name >kch Next tip tc
7/31/2019 VPN to Raius1
8/18
Ti mc Access Method ta chn kiu VPN > kch Next tip tc
Ti mc User or Group Access ta chn Group v chn Add > Add Group VPNm chng ta to ti Server Domain Controller
7/31/2019 VPN to Raius1
9/18
Ti mc Authentication Methods chng ta chn chng thc : Microsoft EncyptedAuthentication version 2 ( MS-CHAPv2 ) kch Next tip tc
Ti mc Policy Encryption Level ta chn Strongest Encryption ( IPSec Triple DESor MPME 128bit ) kch Next tip tc v hon tt qu trnh
7/31/2019 VPN to Raius1
10/18
kch Next tip tc v hon tt qu trnh to Remote Access Policies
Chng ta ty chnh thm VPN Site va to ti Remote Access Policies bng cchkch chut phi chn Properties
7/31/2019 VPN to Raius1
11/18
Ta chn Grant remote access pemission s dng Remote Access Policies ny >Apply v OK
3. Ti my Server VPN ta tin hnh Routing and Remote Access
Vo Start > Program > Administrative Tools > Routing and Remote AccessCa s Routing and Remote Access xut hin
7/31/2019 VPN to Raius1
12/18
Kch chut vo DC3 > chn Configure and Enable Routing and Remote Access
Kch Next > chn Remote access ( dial-up or VPN )
7/31/2019 VPN to Raius1
13/18
Kch Next chn VPN
Ti muc VPN Connection > chn Card Lan ngoi mng
7/31/2019 VPN to Raius1
14/18
Ti mc IP Address Assignment > chn From a speccified range of addresses
Ti mc Address Range Assignment > kch chn Add
7/31/2019 VPN to Raius1
15/18
7/31/2019 VPN to Raius1
16/18
Ti mc Managing Multiple Remote Access Servers > chn Yes, set up this serverto work with a RADIUS server > chng thc qua my RADIUS server
Ti muc RADIUS Server Selection ta nhp IP caRADIUS Server : 192.168.10.30Shared Secret : 123
7/31/2019 VPN to Raius1
17/18
Kch Next hon tt qu trnh ci t Routing and Remote Access
7/31/2019 VPN to Raius1
18/18