About Me

Mansoura, Egypt
Ambitious person has the ability to confront and solve difficult problems and study hard to reach the highest levels

الأحد، 30 أكتوبر 2011

VPN Remote Access By Using Routing And Remote Access

·       VPN remote access used to enable us to access internal network from anywhere
·       Notes to configure your server for VPN R.A :-
1-    User authentication :-
** VPN server can be workgroup or member of domain .
** For domain environment ensure that your VPN server or ISA server computer 
      account is a member of " RAS and IAS servers " Group .
** Ensure that the user (local / domain) have allow access Dial-in permission .
2-    IP address assignment :-
** VPN clients can get IP addresses from STATIC range Or DHCP SERVER .  
** In case of DHCP , take these considerations :-
A-   Configure DHCP relay agent (listen from EXT interface + specify DHCP IP) .
B-    We can control how VPN server will reserve IP leases from DHCP scope by modifying registry :-
Value Name: InitialAddressPoolSize
Data Type: REG_DWORD
Default: 10 " you can change this value as you wish "
3-    We can control VPN clients by using remote access policies , if so take these notes :-
A-   Domain function level must be native or higher .
B-    We can control remote access policies from RRAS console .
C-    Or we can use IAS server (RADIUS server) to centralize authentication and accounting for VPN servers (RADIUS clients) .
D-   RADIUS server will become a member of  " RAS and IAS servers " group .
4-    Authentication :- we use MS-CHAP V2 .
5-    Tunneling protocol :- PPTP or [ L2TP ---- require computer Certificates ] .
6-    Encryption level :- used in remote access policies (128bit) .

ليست هناك تعليقات:

إرسال تعليق