Mutafufuza pa intaneti posaka pulogalamu yopangira VPN yanu, mumakumana ndi maupangiri okhudzana ndi OpenVPN, zomwe zimakhala zovuta kukhazikitsa ndikugwiritsa ntchito, zomwe zimafuna kasitomala wa Wireguard; SoftEther imodzi yokha kuchokera pamasewera onsewa ndi kukhazikitsa kokwanira. Koma tilankhula, titero, za kukhazikitsa kwa Windows VPN - Routing And Remote Access (RRAS).
Pazifukwa zachilendo, palibe amene adalemba mu kalozera aliyense wa momwe angagwiritsire ntchito zonsezi ndi momwe angathandizire NAT pa izo, kotero ife tsopano tikonza chirichonse ndikukuuzani momwe mungapangire VPN yanu pa Windows Server.
Chabwino, mutha kuyitanitsa VPN yopangidwa kale komanso yokonzedweratu kuchokera kwathu , mwa njira, zimagwira ntchito kunja kwa bokosi.
1. Ikani mautumiki
Choyamba, tikufuna Windows Server Desktop Experience. Kuyika kwa Core sikungagwire ntchito kwa ife, chifukwa gawo la NPA likusowa. Ngati kompyuta ndi membala wa domain, mutha kupita ndi Server Core, momwemo zinthu zonse zitha kuyikidwa mu gigabyte ya RAM.
Tiyenera kukhazikitsa RRAS ndi NPA (Network Policy Server). Tidzafunika woyamba kupanga ngalande, ndipo yachiwiri ndiyofunika ngati seva si membala wa domain.
Posankha zigawo za RRAS, sankhani Direct access ndi VPN ndi Routing.
2. Konzani RRAS
Titayika zida zonse ndikuyambiranso makinawo, tiyenera kuyamba kukhazikitsa. Monga pachithunzichi, poyambitsa, timapeza woyang'anira RRAS.
Kupyolera mu snap-in iyi tikhoza kuyang'anira ma seva omwe ali ndi RRAS yoikidwa. Dinani kumanja, sankhani makonda ndikupita.
Titalumpha tsamba loyamba, timapitilira kusankha kasinthidwe ndikusankha yathu.
Patsamba lotsatira tikufunsidwa kuti tisankhe zigawo, sankhani VPN ndi NAT.
Kupitilira apo. Okonzeka.
Tsopano tikufunika kuyatsa ipsec ndikugawa ma adilesi omwe NAT yathu idzagwiritse ntchito. Dinani kumanja pa seva ndikupita ku katundu.
Choyamba, lowetsani mawu anu achinsinsi a l2TP ipsec.
Pa IPv4 tabu, muyenera kukhazikitsa ma adilesi angapo a IP operekedwa kwa makasitomala. Popanda izi, NAT sigwira ntchito.
Tsopano chomwe chatsala ndikuwonjezera mawonekedwe kumbuyo kwa NAT. Pitani ku gawo laling'ono la IPv4, dinani kumanja pamalo opanda kanthu ndikuwonjezera mawonekedwe atsopano.
Pa mawonekedwe (omwe si Amkati) timathandizira NAT.
3. Lolani malamulo muzozimitsa moto
Zonse ndi zophweka apa. Muyenera kupeza gulu la malamulo a Routing ndi Remote Access ndikuwathandiza onse.
4. Kukhazikitsa NPS
Tikuyang'ana Network Policy Server poyambira.
M'ma tabu omwe ndondomeko zonse zalembedwa, muyenera kutsegula zonse ziwiri. Izi zidzalola ogwiritsa ntchito onse am'deralo kulumikizana ndi VPN.
5. Lumikizani kudzera pa VPN
Pazifukwa zowonetsera, tidzasankha Windows 10. Muzoyambira menyu, yang'anani VPN.
Dinani pa kuwonjezera kugwirizana batani ndi kupita zoikamo.
Khazikitsani dzina lolumikizana ndi chilichonse chomwe mukufuna.
IP adilesi ndi adilesi ya seva yanu ya VPN.
Mtundu wa VPN - l2TP yokhala ndi kiyi yogawana.
Chinsinsi chogawana - vpn (chithunzi chathu pamsika.)
Ndipo malowedwe ndi mawu achinsinsi ndi malowedwe ndi mawu achinsinsi kuchokera kwa wogwiritsa ntchito wamba, ndiye kuti, kuchokera kwa woyang'anira.
Dinani kulumikiza ndipo mwamaliza. Tsopano VPN yanu ndiyokonzeka.
Tikukhulupirira kuti wotsogolera wathu apereka njira ina kwa iwo omwe akufuna kupanga VPN yawo popanda kuthana ndi Linux kapena kungofuna kuwonjezera chipata ku AD yawo.
Source: www.habr.com