Post on 18-Nov-2014
description
transcript
By THEAM DARA, dara.theam@gmail.com
HOW TO CREATE SITE TO SITE VPN (L2TP)
ENABLE VPN AND REMOTE ACCESS SERVICE1- we do on “Routing and Remote Access console”
2- choose service you want to enable
By THEAM DARA, dara.theam@gmail.com
3- choose what you need
4- select the interface connect to internet and disable stateful firewall
By THEAM DARA, dara.theam@gmail.com
5- select the source ip that server will provide to client
6- create ip range for client – if we use automatic we don’t need to create it will choose from dhcp server
By THEAM DARA, dara.theam@gmail.com
7- we choose to get the authenticate source from the vpn server, or we can choose from RADIUS server
8- finish enable vpn remote access server
=== NOTE === Completing this step, you can use Remote Access client (PPTP) to connect to server
EXAMPLE TO MAKE A CONNECTION TO SERVER ON WINDOWS XP
By THEAM DARA, dara.theam@gmail.com
1- select to “network connection”
2- create new vpn connection
By THEAM DARA, dara.theam@gmail.com
3- follow through
4- follow trough
By THEAM DARA, dara.theam@gmail.com
5- name your connection
6- follow through
By THEAM DARA, dara.theam@gmail.com
7- enter your server ip
8- then follow the screen until finish
=== YOU GET A INTERFACE TO YOUR VPN SERVER BUT YOU HAVE TO HAVE A USER NAME AND PASSWORD TO CONNECT TO IT ===
THE USER ACCOUNT MUST ENABLE ON SERVER IN ORDER TO DAIL IN. DO SHOW1- we use computer management console
By THEAM DARA, dara.theam@gmail.com
2- double click on user that you allow to dail in
3- in dail-in tab select “allow access “
=== NOW YOU ARE READY TO DAIL-IN USING USER DARA ===
By THEAM DARA, dara.theam@gmail.com
1- double click on your new interface you just created in “Network Connections” named “my workplace at Phnom Penh”
2- when you finish you will see the result
=== FINISH REMOTE ACCESS CONNECTION (PPTP) ===
By THEAM DARA, dara.theam@gmail.com
NOW I PROCEED TO SITE TO SITE CONNECTION (L2TP)
- I will edit the above server to make it became site-to-site vpn server- You need to have 2 server to make it work
MAKE IT TO BECAME SITE-TO-SITE SERVER
1- we still use “routing are remote access” console
By THEAM DARA, dara.theam@gmail.com
2- select security tap to add PRE-SHARED KEY phrase
3- do like this on both servers
=== WE HAVE TO ADD STATIC ROUTE TO MAKE CLIENT ON BOTH CAN COMMUNICATE WITH EACHE OTHER ===
ADD STATIC ROUTE IN ORDER TO MAKE BOTH LOCAL NETWORK CONNECT EACH OTHER
Vpn1 internet
Vpn2192.168.4.2inside
172.16.138outside
172.16.1.153outside
192.168.5.1inside
By THEAM DARA, dara.theam@gmail.com
1- we still use “routing and remote access” console
2- add the route on vpn2 from lan on vpn2 to lan on vpn1
3- do this also on vpn1
=== FINISH CONFIGURE ON BOTH SERVER SO IT CAN USE SITE-TO-SITE VPN ====== NOTE WE HAVE TO DIAL ON BOTH SERVER TO EACH OTHER, BUT LOCAL NETWORK ON BOTH SITES CAN COMMUNICATE WITH EACH OTHER ===
By THEAM DARA, dara.theam@gmail.com
MAKE L2TP INTERFACE
1- it is the same as the one we created above, but only a little configure to make it become L2TP interface
2- on security tab type the PRE-SHARED KEY phrase
By THEAM DARA, dara.theam@gmail.com
3- do this on other vpn too, then dial-in on both servers
=== AFTER DAIL-IN ON BOTH SERVER YOU WILL HAVE THIS RESULT ===
================FINISH BOTH PPTP AND L2TP VPN===================
ANY CONSULTANT CONTACT dara.theam@gamil.com
===========================================