Presentation is loading. Please wait.

Presentation is loading. Please wait.

Scenario & Hands-on 7-1 VPN Configuration-PPTP

Published byJuliana May Modified over 9 years ago

Similar presentations

Presentation on theme: "Scenario & Hands-on 7-1 VPN Configuration-PPTP"— Presentation transcript:

1 Scenario & Hands-on 7-1 VPN Configuration-PPTP
2 3 4 5 6 Create object for PPTP server IP address and IP address range Click “Address” in Objects Key in the correspond IP address

2 Scenario & Hands-on 7-1 VPN Configuration-PPTP
2 3 4 5 6 Create Local Database for PPTP authentication Click “Local User Databases ” in User Authentication Key in the correct Username and Password

3 Scenario & Hands-on 7-1 VPN Configuration-PPTP Create PPTP tunnel
2 3 4 5 6 Create PPTP tunnel Click “PPTP/L2TP Servers ” in Interface Choose the correspond configuration

4 Scenario & Hands-on 7-1 VPN Configuration-PPTP
2 3 4 5 6 Create User Authentication Rules for PPTP tunnel Click “User Authentication Rules ” in User Authentication Choose the correspond configuration Enable Log setting and choose local user database

5 Scenario & Hands-on 7-1 VPN Configuration-PPTP
2 3 4 5 6 Create IP Rules for PPTP tunnel Click “IP Rules ” in Rules Choose the correspond configuration Enable Log setting

6 Scenario & Hands-on 7-1 VPN Configuration-PPTP
2 3 4 5 6 After all configuration, Click “configuration” on main menu bar Click “Save and Activate”

7 Scenario & Hands-on 7-1 VPN Configuration-PPTP Testing Result

8 Scenario & Hands-on 7-1 Exercise 7-1- VPN Configuration-PPTP
PPTP Client VPN Tunnel WAN1 DHCP IP Objectives: Use Windows client to Dial-up PPTP Ping the IP address of LAN in firewall DFL-1600 M: explain how to set pptp client on windows Internal LAN3 IP: /24 Internal LAN1 IP: /24 Internal LAN2 IP: /24

9 Scenario & Hands-on 7-2 VPN Configuration-L2TP/IPsec Network topology
L2TP/IPsec Client VPN Tunnel WAN1 DHCP Note: L2TP/IPsec must use transport mode Choose correct local net and remote net for IPsec tunnel Choose correct inner IP address and Outer Interface filter for L2TP tunnel DFL-1600 Internal LAN3 IP: /24 Internal LAN1 IP: /24 Internal LAN2 IP: /24

10 The logic of configuration
Scenario & Hands-on 7-2 VPN Configuration-IPsec Objectives The user dial-up to firewall by Windows L2TP/IPsec client software Dial-up user communicate with LAN1 of firewall The logic of configuration Create objects for L2TP server IP address and IP address range Create Authenticating database Configure IPsec tunnel Configure L2TP server Create the IP rule for L2TP tunnel

11 Scenario & Hands-on 7-2 VPN Configuration-L2TP/IPsec
1 2 3 4 5 6 7 8 9 10 11 Create objects for L2TP server IP address and IP address range Click “Address” in Objects Key in the correspond IP address

12 Scenario & Hands-on 7-2 VPN Configuration-L2TP/IPsec
1 2 3 4 5 6 7 8 9 10 11 Create Local Database for L2TP authentication Click “Local User Databases ” in User Authentication Key in correct Username and Password

13 Scenario & Hands-on 7-2 VPN Configuration-L2TP/IPsec
1 2 3 4 5 6 7 8 9 10 11 Create the pre-shared key for L2TP Click “Pre-Share Keys ” in VPN Objects Key in the correspond value

14 Scenario & Hands-on 7-2 VPN Configuration-L2TP/IPsec
1 2 3 4 5 6 7 8 9 10 11 Create the IPsec tunnel Click “IPsec Tunnels” in Interface Choose correspond configuration

15 Scenario & Hands-on 7-2 VPN Configuration-L2TP/IPsec
1 2 3 4 5 6 7 8 9 10 11 Verify the IPsec tunnel Click “Authentication” in this IPsec tunnel Apply pre-shared key to this IPsec tunnel

16 Scenario & Hands-on 7-2 VPN Configuration-L2TP/IPsec
1 2 3 4 5 6 7 8 9 10 11 Verify the IPsec tunnel Click “Routing” in this IPsec tunnel Enable “Dynamically add routes to remote network when a tunnel is established “in this IPsec tunnel

17 Scenario & Hands-on 7-2 VPN Configuration-L2TP/IPsec
1 2 3 4 5 6 7 8 9 10 11 Verify the IPsec tunnel Click “Advanced” in this IPsec tunnel Disable “Add route for remote network “in this IPsec tunnel

18 Scenario & Hands-on 7-2 VPN Configuration-L2TP/IPsec
1 2 3 4 5 6 7 8 9 10 11 Create the L2TP tunnel Click “PPTP/L2TP Servers ” in Interface Choose correspond configuration

19 Scenario & Hands-on 7-2 VPN Configuration-L2TP/IPsec
1 2 3 4 5 6 7 8 9 10 11 Create User Authentication Rules for L2TP tunnel Click “User Authentication Rules ” in User Authentication Choose correspond configuration Enable Log setting and choose local user database

20 Scenario & Hands-on 7-2 VPN Configuration-L2TP/IPsec
1 2 3 4 5 6 7 8 9 10 11 Create IP Rules for L2TP tunnel Click “IP Rules” in Rules Choose correspond configuration Enable Log setting

21 Scenario & Hands-on 7-2 VPN Configuration-L2TP/IPsec
1 2 3 4 5 6 7 8 9 10 11 After all configuration , Click “configuration” on main menu bar Click “Save and Activate”

22 Scenario & Hands-on 7-2 VPN Configuration-L2TP/IPsec Testing Result

23 Scenario & Hands-on 7-2 Exercise 7-2- VPN Configuration-L2TP/IPsec
L2TP/IPsec Client VPN Tunnel WAN1 DHCP IP Objectives: The user dial-up to firewall by Windows L2TP/IPsec client software Ping the IP address of LAN in firewall DFL-1600 Internal LAN3 IP: /24 Internal LAN1 IP: /24 Internal LAN2 IP: /24

24 VPN Objects – Pre Shared Keys
Scenario & Hands-on 7-3 VPN Configuration- IPsec VPN Objects – Pre Shared Keys For users to authenticate VPN tunnels 2 types of method to enter PSK – ASCII and HEX ASCII – type in passphrase HEX – type in passphrase and use “generate” to cipher passphrase

25 Scenario & Hands-on 7-3 VPN Configuration- IPsec VPN Objects – LDAP
For secured authentication to established over VPN, CA need to be downloaded to LDAP Server

26 Scenario & Hands-on 7-3 VPN Configuration- IPsec ID Lists
The Concept of ID Lists is to manage and control accessibility of the VPN clients and gateways Mobile clients can be restricted from accessing Internal networks by ID Lists

27 Scenario & Hands-on 7-3 VPN Configuration- IPsec IKE/IPsec Algorithms
Predefined IKE & IPSec Algorithms by default High – Very Secured Medium – Secured You can defined your own algorithms

28 Scenario & Hands-on 7-3 VPN Configuration- IPsec Network topology
DFL-1600 WAN1 IP: /24 Remote LAN Internal LAN IP: /24 VPN Tunnel WAN1 Static IP: /24 Note: Use same pre-share key and algorithm between two IPsec settings Choose correct local net and remote net for IPsec tunnel DFL-1600 Internal LAN3 IP: /24 Internal LAN1 IP: /24 Internal LAN2 IP: /24

29 The logic of configuration
Scenario & Hands-on 7-3 VPN Configuration-IPsec Objectives Two firewalls communicate to each other by IPsec tunnel . The client of local-net ping to the client of remote-net The logic of configuration Create VPN Object( pre-shared key) Configure IPsec tunnel Create the IP rule for IPsec tunnel

30 Scenario & Hands-on 7-3 VPN Configuration- IPsec
1 2 3 4 5 6 Create objects for IP address of remote IP address and network Click “Address” in Objects Key in the correspond IP address

31 Scenario & Hands-on 7-3 VPN Configuration- IPsec
1 2 3 4 5 6 Create the pre-shared key for IPsec tunnel Click “Pre-Share Keys ” in VPN Objects Key in the correct value

32 Scenario & Hands-on 7-3 VPN Configuration- IPsec
1 2 3 4 5 6 Create the IPsec tunnel Click “IPsec Tunnels” in Interface Choose the correspond configuration

33 Scenario & Hands-on 7-3 VPN Configuration- IPsec
1 2 3 4 5 6 Combine two interfaces to one interface group Click “Interface Groups” in this Interface Choose the correspond interfaces

34 Scenario & Hands-on 7-3 VPN Configuration- IPsec
1 2 3 4 5 6 Create IP Rules for L2TP tunnel Click “IP Rules” in Rules Choose correspond configuration Enable Log setting

35 Scenario & Hands-on 7-3 VPN Configuration- IPsec
1 2 3 4 5 6 After all configuration , Click “configuration” on main menu bar Click “Save and Activate”

36 Scenario & Hands-on 7-3 Exercise 7-3- VPN Configuration-IPsec
Odd group DFL-1600 Remote LAN Internal LAN VPN Tunnel Even group DFL-1600 Objectives: Two firewalls communicate to each other by IPsec tunnel The client of local-net ping to the client of remote-net Internal LAN1

37 Scenario & Hands-on 7-4 VPN Configuration- IPsec with NetScreen 204
Network topology NetScreen 204 WAN1 IP: /24 Remote LAN Internal LAN IP: /24 VPN Tunnel WAN1 Static IP: /24 Note: Use same pre-share key and algorithm between two DFL-1600 and NS-204 Choose correct local net and remote net for IPsec tunnel DFL-1600 Internal LAN3 IP: /24 Internal LAN1 IP: /24 Internal LAN2 IP: /24

38 The logic of configuration
Scenario & Hands-on 7-4 VPN Configuration- NetScreen 204 Objectives Two firewalls communicate to each other by IPsec tunnel . The client of local-net ping to the client of remote-net The logic of configuration Create VPN Object( pre-shared key, remote net/gateway and algorithm ) Configure IPsec tunnel Create the IP rule for IPsec tunnel

Download ppt "Scenario & Hands-on 7-1 VPN Configuration-PPTP"

Similar presentations

Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
DSL-2730B, DSL-2740B, DSL-2750B.

DSL-2730B, DSL-2740B, DSL-2750B.
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
XP Road Warrior Connection By: Darren Critchley. What is Road Warrior? Remote client such as a salesperson who needs to connect to the main office LAN.

XP Road Warrior Connection By: Darren Critchley. What is Road Warrior? Remote client such as a salesperson who needs to connect to the main office LAN.
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
2008 NetDefend Firewall Series Technical Training Firewall Fundamental - Part 2 ©Copyright 2008. All rights reserved.

2008 NetDefend Firewall Series Technical Training Firewall Fundamental - Part 2 ©Copyright All rights reserved.
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Allied Telesyn Wireless LAN Solutions AT-WL2411 Access Point AT-WR2411 Wireless LAN PCMCIA Card.

Allied Telesyn Wireless LAN Solutions AT-WL2411 Access Point AT-WR2411 Wireless LAN PCMCIA Card.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
1 Configuring Virtual Private Networks for Remote Clients and Networks.

1 Configuring Virtual Private Networks for Remote Clients and Networks.
Module 10: Configuring Virtual Private Network Access for Remote Clients and Networks.

Module 10: Configuring Virtual Private Network Access for Remote Clients and Networks.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod9_L8 1 Implementing Secure Converged Wide Area Networks (ISCW)

© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod9_L8 1 Implementing Secure Converged Wide Area Networks (ISCW)
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.
DVG-N5402SP.

DVG-N5402SP.
DHP-306AV & DHP-W306AV. Agenda: How to change Encryption on a DHP-306AV How to change the Device Password on a DHP-306AV What will happen if the Device.

DHP-306AV & DHP-W306AV. Agenda: How to change Encryption on a DHP-306AV How to change the Device Password on a DHP-306AV What will happen if the Device.
1. A router is a device in computer networking that forwards data packets to their destinations, based on their addresses. The work a router does it called.

1. A router is a device in computer networking that forwards data packets to their destinations, based on their addresses. The work a router does it called.

Similar presentations

Ads by Google