Presentation is loading. Please wait.

Presentation is loading. Please wait.

Configure and Security Remote Acess. Chapter 8 Advance Computer Network Lecture Sorn Pisey 2012-2013.

Published byMerry Allison Modified over 8 years ago

Similar presentations

Presentation on theme: "Configure and Security Remote Acess. Chapter 8 Advance Computer Network Lecture Sorn Pisey 2012-2013."— Presentation transcript:

1 Configure and Security Remote Acess. Chapter 8 Advance Computer Network Lecture Sorn Pisey Email: srnpisey@gmail.com 2012-2013

2 Introduction Distributed workforce ​​ User Network Virtual Private Network (VPN) DirectAccess ​ Remote Access Client Network Policies

3 Configure a Virtual Private Network Connection VPN data ​ Server ​ Client ​ Untrusted Network(internet) VPN Point-to-Point Connection Private Network Public Network VPN ​ protocol SSTP= Secure Socket Tunneling Protocol PPTP= Point to Point Tunneling Protocol L2TP= Layer Two Tunneling Protocol

4 Virtual Private Networking Point-to-Point Link: Data Header header Routing Information Data public network Endpoint Private Link: Data Link private data (Encrypted) VPN Connection

5

6

7 VPN Connection VPN Connection Remote Access Site-to-Site Remote Access VPN Connection: User Customer Site Wireless access point to access resource Public Network Provider ​ Internet Site-to-Site VPN: router- to-router VPN connection ​ Route Connection ​ office Public Network

8 Type of VPN Authentication Method Type of VPN Authentication Method: PAP=Password Authentication Protocol, CHAP=Challenge Handshake Authentication Protocol, MSCHAPv2=Microsoft Challenge Handshake Authentication Protocol, EAP=Extensible Authentication Protocol

9

10 What is a Network Policy Network Policy, ​, ​​​ ​​​​​ Network ​ Network Policies Rule rule ​​​ ​​​​ rule ​ Connection request Rule ​ applied Connection

11 Configuring Routing and Remote Access as a VPN Remote Access 1. On NYC-EDGE1, click Start, and then click Administrative Tools. 2. From the Administrative Tools menu, click Server Manager. The Server Manager opens. 3. In the Server Manager (NYC-EDGE1) list pane, right-click Roles, and then click Add Roles. The Add Roles Wizard appears. Click Next.

12 On the Select Server Roles page, select Network Policy and Access Services, and then click Next.

13 5. On the Network Policy and Access Services introduction page, click Next. 6. On the Select Role Services page, select the Network Policy Server and Routing and Remote Access Services check boxes, and then click Next.

14

15 7. On the Confirm Installation Selections page, click Install. 8. On the Installation Results page, verify Installation succeeded appears in the details pane, and then click Close. 9. Close the Server Manager. The Network Policy and Routing and Remote Access Services roles are installed on 6419B-NYC- EDGE1.

16 Configure as a VPN server with a static address pool for Remote Access clients 1. On NYC-EDGE1, click Start, and then click Administrative Tools. 2. From the Administrative Tools menu, click Routing and Remote Access. The Routing and Remote Access administrative tool appears. 3. In the list pane, select and right-click NYC-EDGE1 (Local), and then click Configure and Enable Routing and Remote Access. 4. On the wizard Welcome page, click Next.

17

18 5. On the Configuration page, leave the default Remote Access (dial-up or VPN) selected, and click Next. 6. On the Remote Access page, select the VPN check box, and click Next.

19 7. On the VPN Connection page, select the Public, and then click Next.

20 8. On the IP Address Assignment page, select From a specified range of addresses, and then click Next.

21 9. On the Address Range Assignment page, click New, and in the Start IP address box, type the following value 10.10.0.60. In the Number of addresses box, type the value of 75, and click OK Click Next.

22 10. On the Managing Multiple Remote Access Servers page, leave the default selection No, use Routing and Remote Access to authenticate connection requests, and click Next. Click Finish. 11. In the Routing and Remote Access dialog box, click OK. 12. In the Routing and Remote Access dialog box regarding the DHCP Relay agent, click OK. The Routing and Remote Access service starts.

23

24 Configure available VPN ports on the (RRAS) server to allow 25 PPTP and 25 L2TP connections 1. In the Routing and Remote Access management tool interface, expand NYC- EDGE1, right-click Ports, and then click Properties. 2. In the Ports Properties dialog box, double-click WAN Miniport (SSTP). 3. In the Configure Device – WAN Miniport (SSTP) dialog box, assign a value of 25 in the Maximum ports box, and then click OK.

25

26 4. In the Routing and Remote Access dialog box, click Yes to continue. 5. In the Ports Properties dialog box, double-click WAN Miniport (PPTP), and in the Configure Device – WAN Miniport (PPTP) dialog box, assign a value of 25 in the Maximum ports box, and then click OK.

27

28 6. In the Routing and Remote Access dialog box, click Yes to continue. 7. Repeat this procedure, with the same value (25), for WAN Miniport (L2TP).

29 8. In the Ports Properties dialog box, click OK. 9. Close the Routing and Remote Access administrative tool.

30 Configuring a Custom Network Policy 1. On NYC-EDGE1, click Start, and then click Administrative Tools. 2. On the Administrative Tools menu, click Network Policy Server. The Network Policy Server administrative tool appears.

31 Create a new network policy for RRAS clients In the list pane, expand Policies, right-click Network Policies, and then click New. On the New Network Policy – Specify Network Policy Name and Connection Type page, type Secure VPN in the Policy name text box, and in the Type of network access server drop-down list,click Remote Access Server (VPN-Dial up), and then click Next.

32

33

34 3. On the Specify Conditions page, click Add. In the Select Condition dialog box, scroll down and double-click Tunnel Type. In the Tunnel Type dialog box, select L2TP, PPTP, and SSTP, click OK, and then click Next.

35 4. On the Specify Access Permission page, leave the default of Access granted, and click Next. 5. On the Configure Authentication Methods page, deselect the Microsoft Encrypted Authentication (MS-CHAP) check box, and then click Next.

36

37 6. On the Configure Constraints page, under Constraints, select Day and time restrictions, and in the details pane, select Allow access only on these days and at these times, and click Edit. Change the Time of day constraints to Denied access from 11PM to 6AMMonday thru Friday, click OK, and then click Next.

38

39 7. In the Configure Settings dialog box, under Settings, click Encryption, and in the details pane, deselect all settings except Strongest encryption (MPPE 128-bit), click Next, and then click Finish. 8. In the list pane of the Network Policy Server tool, click the Network Policies node. 9. If necessary, right-click the Secure VPN policy, and then click Move Up. Repeat this step to make the policy the first in the list. 10. Close the Network Policy Server tool.

40

41 Create and Test a VPN Connection 1. Switch to the NYC-CL1 computer. 2. Click Start, and then click Control Panel. 3. In the Control Panel window, under Network and Internet, click View network status and tasks. 4. In the Network and Sharing Center window, click Change adapter settings. 5. Right-click Local Area Connection 3, and then click Properties. 6. Select Internet Protocol Version 4 (TCP/IPv4), and then click Properties. 7. Configure the following IP address settings, and then click OK: • IP Address: 131.107.0.20 Subnet mask: 255.255.255.0 Default gateway: 131.107.0.1

42 8. Click Close, and then click the Back button to return to the Network and Sharing Center. 9. In the Network and Sharing Center window, under Change your networking settings, click Set up a new connection or network. In the Choose a connection option dialog box, click Connect to a workplace, and then click Next.

43

44 10. In the Connect to a workplace dialog box, select the Use my Internet connection (VPN) option. When prompted, click I’ll set up an Internet connection later.

45 11. In the Type the Internet address to connect to dialog box, specify an Internet address of131.107.0.2 and a Destination Name of Contoso VPN, and then click Next.

46 12. On the Type your user name and password page, leave the user name and password blank, and then click Create. 13. Click Close in the Connect to a Workplace dialog box. 14. In the Network and Sharing Center window, click Change adapter settings. 15. On the Network Connections page, right-click Contoso VPN, and then click Connect.

47

48 16. Use the following information in the Connect Contoso VPN text boxes, and then click Connect: User name: Administrator Password: Pa$$w0rd Domain: Contoso

49

50 The VPN connects successfully. 17. Right-click Contoso VPN, and click Disconnect. The VPN disconnects. 18. Close all open windows on NYC-CL1.

51

Download ppt "Configure and Security Remote Acess. Chapter 8 Advance Computer Network Lecture Sorn Pisey 2012-2013."

Similar presentations

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
XP Tutorial 9 New Perspectives on Microsoft Windows XP 1 Microsoft Windows XP Exploring Your Network Tutorial 9.

XP Tutorial 9 New Perspectives on Microsoft Windows XP 1 Microsoft Windows XP Exploring Your Network Tutorial 9.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
1 Routing and Remote Access Service (Week 15, Friday 4/21/2006) © Abdou Illia, Spring 2006.

1 Routing and Remote Access Service (Week 15, Friday 4/21/2006) © Abdou Illia, Spring 2006.
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
1 Configuring Virtual Private Networks for Remote Clients and Networks.

1 Configuring Virtual Private Networks for Remote Clients and Networks.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.
Creating a UAA VPN Connection For Your Computer To Facilitate Polycom PVX – For Windows XP Last Modified On 10/25/2010 University of Alaska Anchorage,

Creating a UAA VPN Connection For Your Computer To Facilitate Polycom PVX – For Windows XP Last Modified On 10/25/2010 University of Alaska Anchorage,
Chapter 11 Configuring Dynamic Host Configuration Protocol

Chapter 11 Configuring Dynamic Host Configuration Protocol
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
Chief of Information Processing Office, CSEAS Kimiya Kitani Manual for Wireless Connection in Kyoto University - For Visitors.

Chief of Information Processing Office, CSEAS Kimiya Kitani Manual for Wireless Connection in Kyoto University - For Visitors.
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.
Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.

Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.
MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 10 Configuring Remote Access.

MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 10 Configuring Remote Access.
Network Client Configuration By Nanda Ganesan, Ph.D. © Nanda Ganesan, All Rights Reserved.

Network Client Configuration By Nanda Ganesan, Ph.D. © Nanda Ganesan, All Rights Reserved.
Virtual Private Network (VPN) © N. Ganesan, Ph.D..

Virtual Private Network (VPN) © N. Ganesan, Ph.D..
File sharing. Connect the two win 7 systems with LAN card Open the network.

File sharing. Connect the two win 7 systems with LAN card Open the network.

Similar presentations

Ads by Google