Tim hieu mang rieng ao VPN (Phan 7).

PhanVien.Com . Bai Viet . Cong Nghe Thong Tin . Quan Tri Mang May Tinh . Tim hieu mang rieng ao VPN (Phan 7).

Tim hieu mang rieng ao VPN (Phan 7)

Neu muon cho may tinh o mot mang LAN truy cap vao may o mang LAN khac, nguoi su dung co the dung loai VPN diem-noi-diem. Phan nay se gioi thieu cach cai dat theo giao thuc PPTP. Mo hinh thich hop voi cac to chuc, cong ty co nhieu van phong o cach xa nhau..

Tim hieu mang rieng ao VPN (Phan 7) - Ban co dau.
Tim hieu mang rieng ao VPN (Phan 7) - Ban khong dau.
Sponsored links:

Tim hieu mang rieng ao VPN (Phan 7).

Tim hieu mang rieng ao VPN (Phan 7).

Nhung thiet bi can dung

Chung ta se dung mo hinh thuc nghiem voi 5 may tinh  dong cac vai tro khac nhau. Day la con so toi thieu de chay duoc VPN diem-noi-diem. Tren thuc te, quy mo cua tung mang LAN  va may chu cua VPN se lon hon nhieu, nhu tham dinh quyen truy cap, kiem soat domain, IAS... Gia su mang nay la cua cong ty  XYZ voi hai LAN  o Ha Noi va TP HCM. May khach o dau TP HCM  dang can goi toi van phong  Ha Noi.

Ten may tinh Vai tro CLIENT1 chay Windows XP  Professional,
ban SP2 May khach ROUTER1 chay Windows  Server  2003,
ban SP1, Standard  Edition - May chu  VPN
- Router tra loi INTERNET chay Windows  Server  2003,
ban SP1, Standard  Edition Router Internet ROUTER2 chay Windows  Server  2003,
ban SP1, Standard  Edition - May chu  VPN
- Router goi CLIENT2 chay Windows XP  Professional,
ban SP2 May khach

Ngoai ra, mang can den 4 hub (hoac switch Layer  2)

- Mot hub noi van phong  Ha Noi (may CLIENT1) voi router tra loi (ROUTER1).
- Mot hub noi van phong  o TP HCM  (CLIENT2) voi router goi di (ROUTER2).
- Mot hub noi router goi (ROUTER1) voi router Internet  (INTERNET).
- Mot hub noi router goi (ROUTER2) voi router Internet  (INTERNET).

Chu y:

- Do o mo hinh thuc nghiem chi co 2 may o moi mang nho nen cac hub co the duoc thay the bang cap cheo Ethernet.

- Trong mo hinh thuc nghiem, Windows Firewall da duoc cai dat va bat tu dong tren cac may khach. Ban se dinh cau hinh mot Windows  Firewall  ngoai le tren CLIENT1, cho phep hai may khach lien he duoc voi nhau. Tren 3 may con lai, Windows  Firewall  da duoc cai dat nhung khong mac dinh bat tu dong. Ngoai ra, dich vu Windows Firewall/Internet Connection  Sharing (ICS) can duoc tat di trong cac may.

Mo hinh thuc nghiem. Anh: Microsoft


- Thiet lap dia chi IP  cho cac may, gia dinh nhu sau:

Dia chi IP cho mang con o van phong  Ha Noi

May tinh/Giao dien Dia chi IP CLIENT1 172.16.4.3 ROUTER1 (toi Intranet cua Ha Noi) 172.16.4.1

Dia chi IP cho cac mang con Internet

May tinh/Giao dien Dia chi IP ROUTER1 (toi Internet) 10.1.0.2 INTERNET (toi ROUTER1) 10.1.0.1 ROUTER2 (toi Internet) 10.2.0.2 INTERNET (toi ROUTER2) 10.2.0.1

Dia chi IP cho mang con o van phong  TP HCM

May tinh/Giao dien Dia chi IP ROUTER2 (toi mang Intranet cua TP HCM) 172.16.56.1 CLIENT2 172.16.56.3

Dinh cau hinh cho cac may khach

CLIENT1

- Cac thuoc tinh TCP/IP

1. Mo Network Connections trong Control  Pannel, nhan chuot phai vao do roi chon Properties.

2. Tren the General, chon Internet  Protocol  (TCP/IP), nhan vao Properties.

3. Nhan vao Use the following IP address, go 172.16.4.3 cho muc IP address, go 255.255.255.0 cho muc Subnet mask va 172.16.4.1 cho Default gateway.

- Thiet lap cong rieng tren Windows  Firewall  de cac may khach nhan nhau.

1. Mo Control  Pannel, nhan vao muc Security Center.

2. Nhan vao Windows  Firewall, trong hop thoai cua chuong trinh, nhan vao the Advanced.

3. Nhan vao Settings, chon tiep ICMP, nhan vao Allow incoming echo request.

4. Nhan OK hai lan de dong Windows  Firewall.

CLIENT2

- Cac thuoc tinh TCP/IP

1. Mo Network Connections trong Control  Pannel, nhan chuot phai vao do roi chon Properties.

2. Tren the General, chon Internet  Protocol  (TCP/IP), nhan vao Properties.

3. Nhan vao Use the following IP address, go 172.16.56.3 cho muc IP address, go 255.255.255.0 cho muc Subnet mask va 172.16.56.1 cho Default gateway.

- Do CLIENT2 o van phong  TP HCM  dang dong vai tro la may goi den nen khong can dinh cong dac biet cho Windows Firewall. Nguoi dung  cu de mac dinh san nhu phan chu y tren. Chi khi nao CLIENT2 tro thanh may tra loi thi moi can cai dat nhu voi CLIENT1.

Dinh cau hinh cho cac router goi va tra loi.

ROUTER1

- Cac thuoc tinh TCP/IP

1. Mo Network Connections trong Control  Pannel, nhan chuot phai vao do roi chon Properties.

2. Tren the General, chon Internet  Protocol  (TCP/IP), nhan vao Properties.

3. a. Tren giao dien  To the Internet, go 10.1.0.2 o muc IP address, 255.255.0.0 o Subnet mask va 10.1.0.1 o muc Default gateway.

3. b. Tren giao dien  To Hanoi intranet, go 172.16.4.1 o o IP address, 255.255.255.0 o Subnet mask va o Default gateway bo trong.

- Windows  Firewall  va Routing and Remote Access  khong the chay dong thoi tren mot may chu  VPN nen neu Windows Firewall  duoc bat len, ban phai tat di. Neu dich vu  Windows Firewall/Internet Connection  Sharing (ICS) da thiet lap tu dong truoc khi dinh cau hinh Routing and Remote Access, ban cung phai tat di.

1. Nhan vao Administrative Tools > Services.

2. Trong bang hien thi chi tiet cua Services, nhan chuot phai vao Windows Firewall/Internet Connection  Sharing (ICS), chon Properties.

3. Neu Startup Type la Automatic  hay Manual, chon lai la Disabled.

4. Nhan OK hai lan de luu thay doi.

ROUTER2

- Cac thuoc tinh TCP/IP

1. Mo Network Connections trong Control  Pannel, nhan chuot phai vao do roi chon Properties.

2. Tren the General, chon Internet  Protocol  (TCP/IP), nhan vao Properties.

3. a. Tren giao dien  To the Internet, go 10.2.0.2 o muc IP address, 255.255.0.0 o Subnet mask va 10.2.0.1 o muc Default gateway.

3. b. Tren giao dien  To Hanoi intranet, go 172.16.56.1 o o IP address, 255.255.255.0 o Subnet mask va o Default gateway bo trong.

- Tat Windows  Firewall  nhu voi ROUTER1.

Dinh cau hinh cho router Internet

1. Mo Network Connections trong Control  Pannel, nhan chuot phai vao do roi chon Properties.

2. Tren the General, chon Internet  Protocol  (TCP/IP), nhan vao Properties.

3.a. Tren giao dien  To Router1, go 10.1.0.1 o muc IP address, 255.255.0.0 o muc Subnet mask.

3.b. Tren giao dien  To Router2, go 10.2.0.1 o muc IP address, 255.255.0.0 o muc Subnet mask.

4. Vao Administrative Tools, chon Routing and Remote Access  va mo trinh Routing and Remote Access  Microsoft  Management  Console (MMC).

5. Nhan chuot phai vao INTERNET  (local) trong cay chuong trinh  roi nhan vao Configure and Enable Routing and Remote Access.

6. Nhan Next tren trang Routing and Remote Access  Server  Setup Wizard.

7. Tren trang Configuration, chon Custom configuration.

8. Nhan Next. Tren trang Custom Configuration, chon LAN  routing.

9. Nhan Next. Tren trang Completing the Routing and Remote Access  Server  Setup, nhan Finish > Yes de khoi dong dich vu.

Tat Windows  Firewall  nhu voi ROUTER1.

Kiem tra

- Tren ROUTER1, ping dia chi IP  10.2.0.2. Viec nay thanh cong.

- Tren CLIENT2, ping dia chi IP 172.16.4.3. Viec nay khong thanh cong  vi CLIENT1 khong lien lac duoc voi CLIENT2 bang phan doan mang Internet  mo phong, cho toi khi ket noi VPN diem-noi-diem hoan thanh.

Thiet lap VPN diem-noi-diem theo giao thuc PPTP

- Dinh cau hinh VPN cho router tra loi

1. Tren ROUTER1, nhan vao Administrative Tools, chon Routing and Remote Access.

2. Nhan chuot phai vao ROUTER1 (local) trong cay chuong trinh, chon Configure and Enable Routing and Remote Access.

3. Nhan Next tren trang Routing and Remote Access  Server  Setup Wizard.

4. Tren trang Configuration, chon Remote access  (dial-up or VPN).

5. Nhan Next. Tren trang Remote Access, chon VPN.

6. Nhan Next. Tren trang VPN Connection, chon To the Internet, danh dau vao o Enable security on the selected interface by setting up static packet filters.

7. Nhan Next. Tren trang IP Address Assignment, chon From a specified range of addresses.

8. Nhan Next. Tren trang Address Range Assignment, nhan New.

9. Trong hop thoai New Address Range, lam cac viec sau:

a. Go 172.16.100.1 o o Start IP address
b. Go 172.16.100.2 o o End IP address
c. Chap nhan gia tri  2 o hop Number of Addresses

10. Nhan OK. Tren trang Address Range Assignment, nhan Next.

11. Tren trang Managing Multiple Remote Access  Servers, chon No, use Routing and Remote Access  to authenticate connection  requests.

12. Nhan Next. Tren trang Completing the Routing and Remote Access  Server  Setup, nhan Finish.

13. Nhan OK de dong hop thoai yeu cau dinh cau hinh DHCP Relay Agent. Truong hop nay DHCP Relay Agent se khong duoc dinh cau hinh.

- Dinh cau hinh giao dien  quay so yeu cau tren router tra loi

1. Tren trinh Routing and Remote Access, chon ROUTER1, nhan chuot phai vao Network Interfaces.

2. Chon New Demand-dial Interface de mo Demand-Dial Interface Wizard, nhan Next.

3. Tren trang Interface Name, go VPN_TPHCM. Chu y: ten tren giao dien  phai dung nhu ten tai khoan  nguoi su dung  tren router goi.

4. Nhan Next. Tren trang Connection  Type, chon Connect using virtual private networking (VPN).

5. Nhan Next. Tren trang VPN Type, chon Point-to-Point Tunneling Protocol  (PPTP).

6. Nhan Next. Tren trang Destination Address, go 10.2.0.2 o o Host name or IP address.

7. Nhan Next. Tren trang Protocols and Security, lam nhung viec sau:
a. Chon Route IP packets on this interface.
b. Chon Add a user account so a remote router can dial in.

8. Nhan Next. Tren trang Static Routes for Remote Networks, nhan Add.

9. Trong hop thoai Static Route, lam nhung cong viec  sau:
a. Go 172.16.56.0 o o Destination.
b. Go 255.255.255.0 o o Network Mask.
c. Chap nhan gia tri  1 trong o Metric.

10. Nhan OK. Tren trang Address Range Assignment , nhan Next.

11. Tren trang Dial In Credentials, go mat khau  cho tai khoan  VPN_TPHCM.

12. Nhan Next. Tren trang Dial Out Credentials, lam nhung viec sau:
a. Go VPN_Hanoi trong o User name.
b. Go ROUTER2 trong o Domain.
c. Go mat khau  VPN_Hanoi trong o Password.
d. Go lai mat khau  nay trong o Confirm password.

13. Nhan Next. Tren trang Demand-Dial Interface Wizard, nhan Finish.

14. Nhan OK de dong hop thoai yeu cau dinh cau hinh DHCP Relay Agent. Truong hop nay DHCP Relay Agent se khong duoc dinh cau hinh.

- Dinh cau hinh VPN tren router goi

1. Tren ROUTER2, chon Administrative Tools, nhan vao Routing and Remote Access.

2. Nhan chuot phai vao ROUTER2 (local) trong cay chuong trinh  roi nhan vao Configure and Enable Routing and Remote Access.

3. Nhan Next tren trang Remote Access  Server  Setup Wizard.

4. Tren trang Configuration, chon Remote access  (dial-up or VPN), nhan Next.

5. Tren trang Remote Access, chon VPN > Next.

6. Tren trang VPN Connection, chon To the Internet, danh dau vao o Enable security on the selected interface by setting up static packet filters > nhan Next.

7. Tren trang IP Address Assignment, chon From a specified range of addresses, nhan Next, tren trang Address Range Assignment, chon New.

8. Trong hop thoai New Address Range, lam nhung viec sau:
a. Go 172.56.200.1 trong o Start IP address.
b. Go 172.56.200.2 trong o End IP address.
c. Chap nhan gia tri  2 o hop Number of Addresses > nhan OK.

9. Tren trang Address Range Assignment, nhan Next.

10. Tren trang Managing Multiple Remote Access  Servers, chon No, use Routing and Remote Access  to authenticate connection  requests > Next.

11. Tren trang Completing the Routing and Remote Access  Server  Setup, nhan Finish.

12. Nhan OK de dong hop thoai yeu cau dinh cau hinh DHCP Relay Agent. Truong hop nay DHCP Relay Agent se khong duoc dinh cau hinh.

- Dinh cau hinh tren giao dien  quay so yeu cau tren router goi

1. Tren trinh Routing and Remote Access, chon ROUTER2, nhan chuot phai vao Network Interfaces.

2. Chon New Demand-dial Interface de mo Demand-Dial Interface Wizard, nhan Next.

3. Tren trang Interface Name, go VPN_TPHCM. Chu y: ten tren giao dien  phai dung nhu ten tai khoan  nguoi su dung  tren router goi.

4. Nhan Next. Tren trang Connection  Type, chon Connect using virtual private networking (VPN).

5. Nhan Next. Tren trang VPN Type, chon Point-to-Point Tunneling Protocol  (PPTP).

6. Nhan Next. Tren trang Destination Address, go 10.1.0.2 o o Host name or IP address.

7. Nhan Next. Tren trang Protocols and Security, lam nhung viec sau:
a. Chon Route IP packets on this interface.
b. Chon Add a user account so a remote router can dial in.

8. Nhan Next. Tren trang Static Routes for Remote Networks, nhan Add.

9. Trong hop thoai Static Route, lam nhung cong viec  sau:
a. Go 172.16.4.0 o o Destination.
b. Go 255.255.255.0 o o Network Mask.
c. Chap nhan gia tri  1 trong o Metric.

10. Tren trang Static Routes for Remote Networks, nhan Next.

11. Tren trang Dial In Credentials, go mat khau  cho tai khoan  VPN_Hanoi va go mat khau  VPN_Hanoi trong o Password.

12. Tren trang Dial Out Credentials, lam nhung viec sau:
a. Go VPN_TPHCM trong User name
b. Go ROUTER1 trong o Domain.
c. Go mat khau  tai khoan  nguoi dung  VPN_TPHCM da tao ra tren ROUTER1.
d. Xac nhan lai mat khau  trong Confirm password.

13. Tren trang cuoi cung cua Demand-Dial Interface Wizard, nhan Finish.

- Xac nhan chinh sach truy cap  tu xa tren cac router goi va tra loi

1. Tren ROUTER2, trong muc Routing and Remote Access, nhan vao Remote Access  Policies.

2. Trong bang hien thi chi tiet, nhan chuot phai vao Connections to Microsoft  Routing and Remote Access  server, chon Properties.

3. Tren the Settings, chon Grant remote access  permission roi nhan OK de luu cac thay doi.

4. Lap lai 3 buoc tren voi ROUTER1.

- Tao ket noi VPN

1. Tren ROUTER2, trong cay chuong trinh  cua Routing and Remote Access, chon Network Interfaces.

2. Trong o hien thi chi tiet, nhan chuot phai vao VPN_Hanoi > Connect.

3. Kiem tra tinh trang ket noi cua VPN_Hanoi.

- Kiem tra ket noi

1. Tren CLIENT2, tai dau nhac lenh, go ping 172.16.4.3. Day la dia chi IP  cua CLIENT1. Viec "ping" dia chi IP nay se kiem tra duoc may co truy cap  duoc vao mang con o Ha Noi  hay khong.

2. De kiem tra cac goi tin duoc truyen qua ket noi VPN, tai dau nhac lenh, go tracert 172.16.4.3. Chu y rang can phai dung dia chi IP cua CLIENT1 chu khong phai ten may tinh  vi may chu  DNS  khong duoc dinh cau hinh trong mo hinh thuc nghiem nay. Con tren thuc te, khi co mot may chu  quan ly ten mien, nguoi dung  co the nhap ten cua may tinh, vi du nhu xyzhanoi_quangminh, de truy cap.

Ket qua tuong tu nhu sau day se cho biet ket noi thanh cong:

Tracing route to 172.16.4.3 over a maximum of 30 hops:

  1 <1 ms <1 ms <1 ms [172.16.56.1]

  2 1 ms <1 ms <1 ms [172.56.200.2]

  3 1 ms 1 ms 1 ms [172.16.4.3]

Trace complete.

Y nghia cua thong bao  tren:

172.16.56.1 la dia chi IP  cua ROUTER2 ket noi toi Intranet cua TP HCM. 172.56.200.2 la dia chi IP  ma ROUTER2 gan cho ROUTER1; dia chi IP  nay xuat hien nghia la cac goi tin dang duoc truyen qua ket noi VPN diem-noi-diem. 172.16.4.3 la dia chi IP  cua CLIENT1.

Sponsored links:

Theo VnExpress

Updated: 04/03/2008 | Views: 265 | Comments: 0

Read full: Tim hieu mang rieng ao VPN (Phan 7)

Post your comment about Tim hieu mang rieng ao VPN (Phan 7) go to this page.

Read more about Tim hieu mang rieng ao VPN (Phan 7)

Your comment will be displayed here Tim hieu mang rieng ao VPN (Phan 7). Comment title Tim hieu mang rieng ao VPN (Phan 7) . Tim hieu mang rieng ao VPN (Phan 7) Cong Nghe Thong Tin in category Quan Tri Mang May Tinh.

Comments on Tim hieu mang rieng ao VPN (Phan 7)

Hien tai chua co binh luan nao ve bai viet Tim hieu mang rieng ao VPN (Phan 7)!

Ban co y kien gi ve bai viet Tim hieu mang rieng ao VPN (Phan 7) nay? Hay goi suy nghi, binh luan, danh gia, loi khuyen ... cua ban ve bai viet Tim hieu mang rieng ao VPN (Phan 7) ban tai day.

Tin Tuc Online - Bai Moi

Phan Vien
Ket noi voi nha phat trien ung dung phan mem Phan Vien tren Facebook!
Phanvien | Mobile Version | Contact Us | Terms of Use | Privacy Policy | Refresh
Copyright © 2006 - 2013 PhanVien.Com . All rights reserved.
Cached: IP: 157.55.33.44, 04 February, 2013 19:54:17 (GMT +7 HANOI - VIETNAM).