Zvinyorwa zvechokwadi zvinozvarwa kubva kune tsamba kuenda kuTucha technical support. Semuenzaniso, mutengi nguva pfupi yadarika akauya kwatiri nechikumbiro chekujekesa zvinoitika panguva yekubatanidza mukati meiyo VPN mugero pakati pehofisi yemushandisi nenzvimbo yegore, uye panguva yekubatanidza kunze kweVPN tunnel. Naizvozvo, zvinyorwa zvese zviri pazasi itsamba chaiyo yatakatumira kune mumwe wevatengi vedu mukupindura kumubvunzo wake. Ehe, iyo IP kero yakashandurwa kuitira kuti usade-anonymize mutengi. Asi, hongu, Tucha tekinoroji rutsigiro inonyanyozivikanwa nemhinduro dzayo dzakadzama uye maemail anodzidzisa. π
Ehe, isu tinonzwisisa kuti kune vakawanda chinyorwa ichi hachizove chizaruro. Asi, sezvo zvinyorwa zvevatariri vekutanga zvichionekwa paHabr nguva nenguva, uye zvakare sezvo chinyorwa ichi chakabuda kubva patsamba chaiyo kuenda kumutengi chaiye, isu tichiri kugovera ruzivo urwu pano. Pane mukana mukuru wekuti ichave yakakosha kune mumwe munhu.
Naizvozvo, isu tinotsanangura zvakadzama zvinoitika pakati pesevha mugore nehofisi kana zvakabatana nesaiti-kune-saiti network. Ziva kuti mamwe masevhisi anowanikwa chete kubva kuhofisi, uye mamwe anowanikwa chero kupi zvako paInternet.
Ngatitsanangure nekukurumidza izvo mutengi wedu aida paserver 192.168.A.1 unogona kubva chero kupi neRDP, uchibatanidza kune AAA2:13389, uye kuwana mamwe masevhisi kubva kuhofisi chete (192.168.B.0/24)yakabatana neVPN. Zvakare, mutengi pakutanga aive akagadzira kuti mota 192.168.B.2 muhofisi zvaigonekawo kushandisa RDP kubva chero kupi, kubatanidza kune BBB1:11111. Isu takabatsira kuronga IPSec kubatana pakati pegore nehofisi, uye nyanzvi yeIT yemutengi yakatanga kubvunza mibvunzo nezve zvingazoitika mune izvi kana izvo. Kuti tipindure mibvunzo iyi yese, isu takanyora kwaari zvese zvaunogona kuverenga pazasi.
Zvino ngatitarisei maitiro aya mune zvakadzama.
Position one
Kana chinhu chatumirwa kubva 192.168.B.0/24 Π² 192.168.A.0/24 kana kubva 192.168.A.0/24 Π² 192.168.B.0/24, inopinda muVPN. Ndiko kuti, iyi packet inowedzerwa encrypted uye inofambiswa pakati BBB1 ΠΈ AAA1asi 192.168.A.1 anoona package yacho chaizvo kubva 192.168.B.1. Vanogona kutaurirana vachishandisa chero protocol. Mhinduro dzekudzorera dzinofambiswa nenzira imwechete kuburikidza neVPN, zvinoreva kuti packet kubva 192.168.A.1 nokuti 192.168.B.1 ichatumirwa seESP datagram kubva AAA1 pamusoro BBB1, iyo router ichazarura kune rumwe rutivi, bvisa iyo pakiti kubva mairi uye utumire kune 192.168.B.1 sepasuru kubva 192.168.A.1.
Muenzaniso chaiwo:
1) 192.168.B.1 zvikumbiro ku 192.168.A.1, inoda kumisikidza kubatana kweTCP ne 192.168.A.1:3389;
2) 192.168.B.1 inotumira chikumbiro chekubatanidza kubva 192.168.B.1:55555 (anosarudza nhamba yechiteshi chemhinduro pachake; pano tichashandisa nhamba 55555 semuenzaniso wenhamba yechiteshi inosarudzwa nehurongwa pakugadzira TCP connection) 192.168.A.1:3389;
3) inoshanda sisitimu inomhanya pakombuta ine kero 192.168.B.1, inosarudza kutumira pakiti iyi kune kero yegedhi re router (192.168.B.254 mune yedu), nekuti zvimwe, nzira dzakananga dze 192.168.A.1, iyo haina, saka, inotumira pakiti kuburikidza neiyo default nzira (0.0.0.0/0);
4) yeizvi inoedza kutsvaga iyo MAC kero yeIP kero 192.168.B.254 mune iyo ARP protocol cache tafura. Kana ikasaonekwa, inotumira kubva kukero 192.168.B.1 kutepfenyura ndiani-ane chikumbiro kunetiweki 192.168.B.0/24. Rini 192.168.B.254 mukupindura, inotumira iyo kero yayo yeMAC, iyo system inotumira Ethernet packet yayo uye inopinda ruzivo urwu mu cache tafura yayo;
5) router inogamuchira pakiti iyi uye inosarudza kwainoitumira: ine mutemo wakanyorwa maererano neanofanira kutumira mapepa ose pakati. 192.168.B.0/24 ΠΈ 192.168.A.0/24 kutamisa pamusoro pekubatana kweVPN pakati BBB1 ΠΈ AAA1;
6) router inogadzira ESP datagram kubva BBB1 pamusoro AAA1;
7) router inosarudza kuti ndiani wekutumira pakiti iyi, inotumira kwaari, taura, BBB254 (ISP gedhi) nekuti kune dzimwe nzira dzakanangana dzekuenda AAA1, pane 0.0.0.0/0, haina;
8) zvakangofanana nezvakambotaurwa, inowana kero yeMAC ye BBB254 uye inotumira pakiti kune ISP gedhi;
9) Vanopa Internet vanotumira ESP datagram kubva BBB1 pamusoro AAA1;
10) virtual router on AAA1 inogamuchira iyi datagram, inoibvisa uye inogamuchira pakiti kubva 192.168.B.1:55555 nokuti 192.168.A.1:3389;
11) iyo chaiyo router inotarisa kuti ndiani wekuipfuudza, inowana network mutafura yekufambisa 192.168.A.0/24 uye inotumira zvakananga ku 192.168.A.1, nekuti ine interface 192.168.A.254/24;
12) yeizvi, iyo chaiyo router inowana iyo MAC kero ye 192.168.A.1 uye inotumira pakiti iyi kwaari kuburikidza neinetiweki yeEthernet network;
13) 192.168.A.1 inogamuchira iyi pakiti pachiteshi 3389, inobvuma kumisikidza chinongedzo uye inogadzira pakiti mukupindura kubva 192.168.A.1:3389 pamusoro 192.168.B.1:55555;
14) system yake inotumira iyi pakiti kune kero yegedhi reiyo chaiyo router (192.168.A.254 mune yedu), nekuti zvimwe, nzira dzakananga dze 192.168.B.1, haina, saka, inofanirwa kutumira pakiti kuburikidza neiyo default nzira (0.0.0.0/0);
15) zvakafanana nezvakaitika kare, sisitimu inomhanya pane sevha ine kero 192.168.A.1, inowana kero yeMAC 192.168.A.254, sezvo iri panetiweki imwe chete ine interface yayo 192.168.A.1/24;
16) iyo chaiyo router inogamuchira pakiti iyi uye inosarudza kwainoitumira: ine mutemo wakanyorwa maererano nezvaanofanira kutumira mapaketi ese pakati. 192.168.A.0/24 ΠΈ 192.168.B.0/24 kutamisa pamusoro pekubatana kweVPN pakati AAA1 ΠΈ BBB1;
17) iyo chaiyo router inogadzira ESP datagram kubva AAA1 nokuti BBB1;
18) iyo chaiyo router inosarudza kuti ndiani wekutumira pakiti iyi, inotumira kuna AAA254 (ISP gedhi, mune iyi kesi, isu tisuwo), nekuti kune dzimwe nzira dzekuenda BBB1, pane 0.0.0.0/0, haina;
19) Vapeji vepaInternet vanofambisa ESP datagraph pamusoro pemanetiweki avo ne AAA1 pamusoro BBB1;
20) router pa BBB1 inogamuchira iyi datagram, inoibvisa uye inogamuchira pakiti kubva 192.168.A.1:3389 nokuti 192.168.B.1:55555;
21) anonzwisisa kuti inofanira kuendeswa kune 192.168.B.1, sezvo ari kunetiweki imwe chete naye, saka, ane inopindirana yekupinda mutafura yekufambisa, izvo zvinomumanikidza kutumira mapaketi kune ese. 192.168.B.0/24 zvakananga;
22) router inowana kero yeMAC ye 192.168.B.1 ndokumutambidza pasuru iyi;
23) sisitimu yekushandisa pakombuta ine kero 192.168.B.1 inogamuchira pasuru kubva 192.168.A.1:3389 nokuti 192.168.B.1:55555 uye inotanga matanho anotevera ekugadzirisa TCP connection.
Uyu muenzaniso muchidimbu uye zviri nyore (uye pano unogona kurangarira boka rezvimwe zvinhu) rinotsanangura zvinoitika pamazinga 2-4. Nhamba 1, 5-7 haina kutariswa.
Nzvimbo yechipiri
Kana na 192.168.B.0/24 chinhu chinotumirwa zvakananga AAA2, haiendi kuVPN, asi zvakananga. Ndiko, kana mushandisi kubva kukero 192.168.B.1 zvikumbiro ku AAA2:13389, packet iyi inobva kukero BBB1, inopfuura AAA2, uye ipapo router inoigamuchira uye yotumira kune 192.168.A.1. 192.168.A.1 hapana chaanoziva nezvazvo 192.168.B.1, anoona pasuru kubva BBB1, nokuti akamuwana. Nokudaro, mhinduro yechikumbiro ichi inotevera nzira yakawanda, inobva kukero nenzira imwecheteyo AAA2 uye anoenda BBB1, uye kuti router inotumira mhinduro iyi kune 192.168.B.1,anoona mhinduro kubva AAA2, kwaakataura.
Muenzaniso chaiwo:
1) 192.168.B.1 zvikumbiro ku AAA2, inoda kumisikidza kubatana kweTCP ne AAA2:13389;
2) 192.168.B.1 inotumira chikumbiro chekubatanidza kubva 192.168.B.1:55555 (nhamba iyi, semumuenzaniso wapfuura, inogona kunge yakasiyana) pa AAA2:13389;
3) inoshanda sisitimu inomhanya pakombuta ine kero 192.168.B.1, inosarudza kutumira pakiti iyi kune kero yegedhi re router (192.168.B.254 mune yedu), nekuti zvimwe, nzira dzakananga dze AAA2, haina imwe, zvinoreva kuti inotumira pakiti kuburikidza neyo nzira yekusagadzikana (0.0.0.0/0);
4) yeizvi, sezvatakataura mumuenzaniso wapfuura, inoedza kutsvaga kero yeMAC yekero yeIP 192.168.B.254 mune iyo ARP protocol cache tafura. Kana ikasaonekwa, inotumira kubva kukero 192.168.B.1 kutepfenyura ndiani-ane chikumbiro kunetiweki 192.168.B.0/24. Rini 192.168.B.254 mukupindura, inotumira iyo kero yayo yeMAC, iyo system inotumira Ethernet packet yayo uye inopinda ruzivo urwu mu cache tafura yayo;
5) router inogamuchira pakiti iyi uye inosarudza kwainoitumira: ine mutemo wakanyorwa maererano neanofanira kutumira (kutsiva kero yekudzoka) mapepa ose kubva. 192.168.B.0/24 kune dzimwe nzvimbo dzeInternet;
6) sezvo mutemo uyu unoreva kuti kero yekudzoka inofanira kufanana nekero yakaderera pane iyo interface iyo pakiti iyi ichafambiswa, router inotanga kusarudza kuti ndiani chaizvo wekutumira pakiti iyi, uye iye, semumuenzaniso wapfuura, anofanira kuitumira. ku BBB254 (ISP gedhi) nekuti kune dzimwe nzira dzakanangana dzekuenda AAA2, pane 0.0.0.0/0, haina;
7) saka, router inotsiva kero yekudzoka yepakiti, kubva zvino iyo packet inobva BBB1:44444 (nhamba yechiteshi, hongu, inogona kunge yakasiyana) ku AAA2:13389;
8) router inoyeuka zvayakaita, zvinoreva rini AAA2:13389 ΠΊ BBB1:44444 mhinduro inosvika, achaziva kuti anofanira kuchinja kero yekuenda uye port kuti 192.168.B.1:55555.
9) ikozvino router inofanira kuipfuudza kune ISP network kuburikidza BBB254saka, sezvatakambotaura, inowana iyo MAC kero ye BBB254 uye inotumira pakiti kune ISP gedhi;
10) Vapeji veInternet vanotumira mapaketi kubva BBB1 pamusoro AAA2;
11) virtual router on AAA2 inogamuchira iyi pakiti pachiteshi 13389;
12) pane mutemo pane iyo chaiyo router inotaura kuti mapaketi anogamuchirwa kubva kune chero anotumira pachiteshi ichi anofanira kuendeswa kune. 192.168.A.1:3389;
13) iyo chaiyo router inowana network mutafura yekufambisa 192.168.A.0/24 uye anoitumira zvakananga 192.168.A.1 nekuti ine interface 192.168.A.254/24;
14) yeizvi, iyo chaiyo router inowana iyo MAC kero ye 192.168.A.1 uye inotumira pakiti iyi kwaari kuburikidza neinetiweki yeEthernet network;
15) 192.168.A.1 inogamuchira iyi pakiti pachiteshi 3389, inobvuma kumisikidza chinongedzo uye inogadzira pakiti mukupindura kubva 192.168.A.1:3389 pamusoro BBB1:44444;
16) system yake inotumira iyi pakiti kune kero yegedhi reiyo chaiyo router (192.168.A.254 mune yedu), nekuti zvimwe, nzira dzakananga dze BBB1, haina, saka, inofanirwa kutumira pakiti kuburikidza neiyo default nzira (0.0.0.0/0);
17) zvakangofanana nezvakaitika kare, sisitimu inomhanya pane sevha ine kero 192.168.A.1, inowana kero yeMAC 192.168.A.254, sezvo iri panetiweki imwe chete ine interface yayo 192.168.A.1/24;
18) iyo chaiyo router inogamuchira iyi pakiti. Zvinofanira kucherechedzwa kuti anorangarira zvaakagamuchira AAA2:13389 package kubva BBB1:44444 uye akachinja kero nechiteshi chemugamuchiri wake kuti 192.168.A.1:3389, saka, iyo package kubva 192.168.A.1:3389 nokuti BBB1:44444 inoshandura kero yekutumira kuti AAA2:13389;
19) iyo chaiyo router inosarudza kuti ndiani wekutumira pakiti iyi, inotumira kuna AAA254 (ISP gedhi, mune iyi kesi, isu tisuwo), nekuti kune dzimwe nzira dzekuenda BBB1, pane 0.0.0.0/0, haina;
20) Vanopa Internet vanotumira pakiti ne AAA2 pamusoro BBB1;
21) router pa BBB1 anogamuchira packet iyi uye anoyeuka kuti paakatumira packet kubva 192.168.B.1:55555 nokuti AAA2:13389, akachinja kero yake uye sender port kuti BBB1:44444, zvino iyi ndiyo mhinduro inoda kutumirwa 192.168.B.1:55555 (chaizvoizvo, kune mamwe macheki akati wandei ipapo, asi isu hatipinde mukati mazvo);
22) anonzwisisa kuti inofanira kutumirwa zvakananga kune 192.168.B.1, sezvo ari kunetiweki imwe chete naye, saka, ane inopindirana yekupinda mutafura yekufambisa, izvo zvinomumanikidza kutumira mapaketi kune ese. 192.168.B.0/24 zvakananga;
23) router inowana kero yeMAC ye 192.168.B.1 ndokumutambidza pasuru iyi;
24) sisitimu yekushandisa pakombuta ine kero 192.168.B.1 inogamuchira pasuru kubva AAA2:13389 nokuti 192.168.B.1:55555 uye inotanga matanho anotevera ekugadzirisa TCP connection.
Zvinofanira kuonekwa kuti munyaya iyi kombiyuta ine kero 192.168.B.1 hapana chaanoziva nezve server ine kero 192.168.A.1, anongotaura naye chete AAA2. Saizvozvowo, sevha ine kero 192.168.A.1 hapana chaanoziva nezve komputa ine kero 192.168.B.1. Anotenda kuti akabatanidzwa kubva kukero BBB1, uye hapana chimwe chaanoziva, sokunge zvakadaro.
Zvinofanira kucherechedzwa kuti kana komputa iyi ichipinda AAA2:1540, iyo yekubatanidza haizogadzirwe nekuti yekubatanidza kutumira kune port 1540 haina kugadzirwa pane chaiyo router, kunyangwe kana pane chero maseva mune chaiyo network. 192.168.A.0/24 (semuenzaniso, pane server ine kero 192.168.A.1) uye kune mamwe masevhisi akamirira kubatana pachiteshi ichi. Kana mushandisi wekombuta ane kero 192.168.B.1 Izvo zvakakosha kumisikidza chinongedzo kune iyi sevhisi, inofanirwa kushandisa VPN, i.e. kuonana zvakananga 192.168.A.1:1540.
Inofanira kusimbiswa kuti chero kuedza kwekutanga hukama ne AAA1 (kunze kweiyo IPSec yekubatanidza kubva ku BBB1 hazvizobudiriri. Chero kuedza kwekutanga hukama ne AAA2, kunze kwekubatanidza kuchiteshi 13389, hazvizobudiririwo.
Tinocherechedzawo kuti kana AAA2 Kana mumwe munhu akanyorera (somuenzaniso, CCCC), chinhu chiri chose chinoratidzirwa mundima 10-20 chichashanda kwaariwo. Chii chinoitika zvisati zvaitika uye mushure meizvi zvinoenderana nekuti chii chaizvo chiri kuseri kweCCCC Isu hatina ruzivo rwakadaro, saka tinokupa zano kuti ubvunze vatariri veiyo node nekero yeCCCC.
Nzvimbo yechitatu
Uye, zvakasiyana, kana ne 192.168.A.1 chimwe chinhu chinotumirwa kune chimwe chiteshi chakarongedzerwa kuendesa mukati kuBBB1 (semuenzaniso, 11111), zvakare haigumire muVPN, asi inongoyerera kubva. AAA1 uye anopinda BBB1, uye anotozvitumira kune imwe nzvimbo mukati, oti, 192.168.B.2:3389. Anoona pasuru iyi kwete kubva 192.168.A.1,uye kubva AAA1. Uye rinhi 192.168.B.2 anopindura, package iri kubva BBB1 pamusoro AAA1, uye gare gare anosvika kune yekutanga yekubatanidza - 192.168.A.1.
Muenzaniso chaiwo:
1) 192.168.A.1 zvikumbiro ku BBB1, inoda kumisikidza kubatana kweTCP ne BBB1:11111;
2) 192.168.A.1 inotumira chikumbiro chekubatanidza kubva 192.168.A.1:55555 (nhamba iyi, semumuenzaniso wapfuura, inogona kunge yakasiyana) pa BBB1:11111;
3) sisitimu yekushandisa inomhanya pane sevha ine kero 192.168.A.1, inosarudza kutumira pakiti iyi kune kero yegedhi re router (192.168.A.254 mune yedu), nekuti zvimwe, nzira dzakananga dze BBB1, iyo haina, saka, inotumira pakiti kuburikidza neiyo default nzira (0.0.0.0/0);
4) yeizvi, sezvatakataura mumienzaniso yapfuura, inoedza kutsvaga kero yeMAC yekero yeIP 192.168.A.254 mune iyo ARP protocol cache tafura. Kana ikasaonekwa, inotumira kubva kukero 192.168.A.1 kutepfenyura ndiani-ane chikumbiro kunetiweki 192.168.A.0/24. Rini 192.168.A.254 mukupindura, anomutumira kero yake yeMAC, iyo system inotumira Ethernet packet yayo uye inopinda ruzivo urwu mu cache tafura;
5) iyo chaiyo router inogamuchira pakiti iyi uye inosarudza kwainoitumira: ine mutemo wakanyorwa maererano nezvainofanira kutumirwa (kutsiva kero yekudzoka) mapaketi ese kubva. 192.168.A.0/24 kune dzimwe nzvimbo dzeInternet;
6) sezvo mutemo uyu uchifungidzira kuti kero yekudzoka inofanira kuenderana nekero yakaderera pane iyo interface iyo iyo pakiti ichafambiswa, iyo chaiyo router inotanga kusarudza kuti ndiani chaizvo wekutumira paki iyi, uye iye, semumuenzaniso wapfuura, anofanira kutumira. pairi AAA254 (ISP gedhi, mune iyi kesi, isu tisuwo), nekuti kune dzimwe nzira dzekuenda BBB1, pane 0.0.0.0/0, haina;
7) izvi zvinoreva kuti iyo chaiyo router inotsiva kero yekudzoka yepakiti, kubva zvino zvichienda mberi iri pakiti kubva. AAA1:44444 (nhamba yechiteshi, hongu, inogona kunge yakasiyana) ku BBB1:11111;
8) iyo chaiyo router inoyeuka zvayakaita, saka, kubva BBB1:11111 nokuti AAA1:44444 mhinduro inosvika, achaziva kuti anofanira kuchinja kero yekuenda uye port kuti 192.168.A.1:55555.
9) ikozvino iyo chaiyo router inofanira kuipfuudza kune ISP network kuburikidza AAA254, saka sezvatakambotaura, inowana iyo MAC kero ye AAA254 uye inotumira pakiti kune ISP gedhi;
10) Vapeji veInternet vanotumira mapaketi kubva AAA1 kusvika BBB1;
11) router pa BBB1 inogamuchira iyi pakiti pachiteshi 11111;
12) pane mutemo paiyo chaiyo router inotaura kuti mapaketi akasvika kubva kune chero anotumira pachiteshi ichi anofanira kuendeswa kune. 192.168.B.2:3389;
13) router inowana network mutafura yekufambisa 192.168.B.0/24 uye inotumira zvakananga ku 192.168.B.2, nekuti ine interface 192.168.B.254/24;
14) yeizvi, iyo chaiyo router inowana iyo MAC kero ye 192.168.B.2 uye inotumira pakiti iyi kwaari kuburikidza neinetiweki yeEthernet network;
15) 192.168.B.2 inogamuchira iyi pakiti pachiteshi 3389, inobvuma kumisikidza chinongedzo uye inogadzira pakiti mukupindura kubva 192.168.B.2:3389 pamusoro AAA1:44444;
16) system yake inotumira iyi pakiti kune kero yegedhi re router (192.168.B.254 mune yedu), nekuti zvimwe, nzira dzakananga dze AAA1, haina, saka, inofanirwa kutumira pakiti kuburikidza neiyo default nzira (0.0.0.0/0);
17) nenzira imwecheteyo semuzviitiko zvakapfuura, sisitimu inomhanya pakombuta ine kero 192.168.B.2, inowana kero yeMAC 192.168.B.254, sezvo iri panetiweki imwe chete ine interface yayo 192.168.B.2/24;
18) router inogamuchira iyi pakiti. Zvinofanira kucherechedzwa kuti anorangarira zvaakagamuchira BBB1:11111 package kubva AAA1 uye akachinja kero nechiteshi chemugamuchiri wake kuti 192.168.B.2:3389, saka, iyo package kubva 192.168.B.2:3389 nokuti AAA1:44444 inoshandura kero yekutumira kuti BBB1:11111;
19) router inosarudza kuti ndiani wekutumira pakiti iyi. Anotumira kwaari, oti, BBB254 (ISP gedhi, iyo kero chaiyo yatisingazive), nekuti hapasisina chaiyo nzira dzekuenda AAA1, pane 0.0.0.0/0, haina;
20) Vanopa Internet vanotumira pakiti ne BBB1 pamusoro AAA1;
21) virtual router on AAA1 anogamuchira packet iyi uye anoyeuka kuti paakatumira packet kubva 192.168.A.1:55555 nokuti BBB1:11111, akachinja kero yake uye sender port kuti AAA1:44444. Izvi zvinoreva kuti iyi ndiyo mhinduro inoda kutumirwa 192.168.A.1:55555 (chaizvoizvo, sezvatakataura mumuenzaniso wapfuura, kunewo mamwe macheki akati wandei, asi panguva ino isu hatipindi mukudzika nawo);
22) anonzwisisa kuti inofanira kutumirwa zvakananga kune 192.168.A.1, sezvo ari pamumbure mumwechete naye, zvinoreva kuti ane yekupinda inoenderana mutafura yekufambisa inomumanikidza kutumira mapaketi kune yese. 192.168.A.0/24 zvakananga;
23) router inowana kero yeMAC ye 192.168.A.1 ndokumutambidza pasuru iyi;
24) inoshanda sisitimu pane server ine kero 192.168.A.1 inogamuchira pasuru kubva BBB1:11111 ye 192.168.A.1:55555 uye inotanga matanho anotevera ekugadzirisa TCP connection.
Zvakanyatsofanana nezvakaitika kare, munyaya iyi sevha ine kero 192.168.A.1 hapana chaanoziva nezve komputa ine kero 192.168.B.1, anongotaura naye chete BBB1. Komputa ine kero 192.168.B.1 uyewo hapana chaanoziva nezve server nekero 192.168.A.1. Anotenda kuti akabatanidzwa kubva kukero AAA1, uye zvimwe zvose zvakavanzwa kwaari.
mhedziso
Aya ndiwo maitiro anoitika zvese zvekubatanidza mukati meiyo VPN mugero pakati pehofisi yemutengi uye gore nharaunda, pamwe nekubatanidza kunze kweVPN tunnel. Uye kana uine chero mibvunzo kana uchida rubatsiro rwedu mukugadzirisa matambudziko emakore,
Source: www.habr.com