Emva kokugqogqa kwi-Intanethi ukukhangela isoftware yokwakha eyakho iVPN, uhlala udibana neqela lezikhokelo ezinxulumene ne-OpenVPN, engathandekiyo ukuseta kunye nokusetyenziswa, efuna umxhasi we-Wireguard; iSoftEther enye kuphela kule sekisi iphelele. ukuphunyezwa okwaneleyo. Kodwa siza kuthetha, ukuze sithethe, malunga nokuphunyezwa kweWindows VPN yendabuko-Umzila kunye noFikelelo olukude (RRAS).
Ngesizathu esingaqhelekanga, akukho mntu ubhale kuyo nayiphi na isikhokelo malunga nendlela yokuhambisa konke oku kunye nendlela yokwenza i-NAT kuyo, ngoko siya kulungisa yonke into kwaye sikuxelele indlela yokwenza i-VPN yakho kwi-Windows Server.
Ewe, unoku-odola i-VPN esele yenziwe kwaye iqwalaselwe kwangaphambili kweyethu , ngendlela, isebenza ngaphandle kwebhokisi.
1. Faka iinkonzo
Okokuqala, sifuna amava eDesktop yeWindows Server. Ufakelo lwe-Core aluyi kusebenza kuthi, kuba icandelo le-NPA lilahlekile. Ukuba ikhomputha lilungu lesizinda, unokuhamba kunye ne-Server Core, apho yonke into inokupakishwa kwi-gigabyte ye-RAM.
Kufuneka sifake i-RRAS kunye ne-NPA (i-Network Policy Server). Siza kufuna eyokuqala ukwenza itonela, kwaye eyesibini iyadingeka ukuba umncedisi akalolungu lesizinda.
Ekukhetheni amacandelo e-RRAS, khetha ukufikelela ngokuthe ngqo kunye ne-VPN kunye ne-Routing.
2. Misela i-RRAS
Emva kokuba sifake onke amacandelo kwaye siqalise ngokutsha umatshini, kufuneka siqale ukuseta. Njengoko kumfanekiso, ekuqaliseni, sifumana umphathi we-RRAS.
Ngale snap-in singakwazi ukulawula iiseva ngeRRAS efakiweyo. Cofa ekunene, khetha useto kwaye uhambe.
Emva kokuba sitsibe iphepha lokuqala, siqhubela phambili ekukhetheni uqwalaselo kwaye sikhethe eyethu.
Kwiphepha elilandelayo siyacelwa ukuba sikhethe amacandelo, khetha i-VPN kunye ne-NAT.
Ngaphezu koko, ngakumbi. Ulungile.
Ngoku kufuneka sivule i-ipsec kwaye sabelane ngeqela leedilesi eza kusetyenziswa yi-NAT yethu. Cofa ekunene kumncedisi kwaye uye kwiipropati.
Okokuqala, ngenisa igama lokugqitha lakho le-l2TP ipsec.
Kwi IPv4 thebhu, kufuneka usete uluhlu lweedilesi ze IP ezikhutshelwe abathengi. Ngaphandle koku, i-NAT ayizukusebenza.
Ngoku konke okuseleyo kukongeza ujongano ngasemva kweNAT. Yiya kwi-IPv4 sub-item, cofa ekunene kwindawo engenanto kwaye wongeze ujongano olutsha.
Kujongano (olungekho Ngaphakathi) senza i-NAT.
3. Vumela imigaqo kwifirewall
Yonke into ilula apha. Kufuneka ufumane i-Routing kunye neRemote Access yolawulo iqela kwaye ubenze bonke.
4. Ukumisela i-NPS
Sijonge i-Network Policy Server ekuqaleni.
Kwiithebhu apho zonke iinkqubo zidweliswe, kufuneka uvule zombini ezisezantsi. Oku kuya kuvumela bonke abasebenzisi basekhaya ukuba baqhagamshelane neVPN.
5. Qhagamshela ngeVPN
Ngeenjongo zokubonisa, siya kukhetha Windows 10. Kwimenyu yokuqalisa, khangela i-VPN.
Cofa kwiqhosha lokudibanisa kwaye uye kwiisetingi.
Cwangcisa igama loqhagamshelo kuyo nantoni na oyifunayo.
Idilesi ye-IP yidilesi yeseva yakho yeVPN.
Uhlobo lwe-VPN - i-l2TP eneqhosha ekwabelwana ngalo kwangaphambili.
Isitshixo ekwabelwana ngaso-vpn (kumfanekiso wethu kwindawo yentengiso.)
Kwaye igama lokungena kunye negama lokugqitha kukungena kunye negama lokugqitha elisuka kumsebenzisi wendawo, oko kukuthi, kumlawuli.
Cofa ukudibanisa kwaye ugqibile. Ngoku eyakho iVPN ilungile.
Siyathemba ukuba isikhokelo sethu siya kunika enye inketho kwabo bafuna ukwenza eyabo iVPN ngaphandle kokujongana neLinux okanye bafuna nje ukongeza isango kwi-AD yabo.
umthombo: www.habr.com