Ngemva kokuzulazula ku-inthanethi ufuna isofthiwe yokwakha eyakho i-VPN, uhlale uhlangabezana nenqwaba yeziqondiso ezihlobene nokungalungi ukusetha nokusebenzisa i-OpenVPN, edinga iklayenti le-Wireguard eliphathelene, i-SoftEther kuphela evela kulo lonke isekisi enekwanele. ukuqaliswa. Kodwa sizokutshela, ngomqondo ongokomfanekiso, mayelana nokuqaliswa kwe-Windows yendabuko ye-VPN - Umzila Nokufinyelela Okukude (RRAS).
Ngesizathu esingavamile, akekho kunoma yimuphi umhlahlandlela obhale ukuthi ungayisebenzisa kanjani yonke nokuthi ungayinika kanjani amandla i-NAT kuyo, ngakho-ke sizolungisa konke manje futhi sikutshele ukuthi ungayenza kanjani i-VPN yakho ku-Windows Server.
Hhayi-ke, i-VPN eyenziwe ngomumo futhi elungiselelwe ngaphambilini inga-odwa kweyethu
1. Faka amasevisi
Okokuqala, sidinga i-Windows Server Desktop Experience. Ukufakwa kwe-Core ngeke kusisebenzele, ngoba ingxenye ye-NPA ayikho. Uma ikhompuyutha iyilungu lesizinda, ungamisa ku-Server Core, lapho yonke into ingafakwa ku-gigabyte ye-RAM.
Sidinga ukufaka i-RRAS ne-NPA (Iseva Yenqubomgomo Yenethiwekhi). Sidinga eyokuqala ukuze sakhe umhubhe, kanti eyesibili iyadingeka uma iseva ingelona ilungu lesizinda.
Ekukhetheni izingxenye ze-RRAS, khetha Ukufinyelela Okuqondile kanye ne-VPN kanye Nomzila.
2. Setha i-RRAS
Ngemuva kokuthi sifake zonke izingxenye futhi siqalise kabusha umshini, sidinga ukuqala ukusetha. Njengasesithombeni, ekuqaleni, sithola umphathi we-RRAS.
Ngalokhu kungena ngokushesha, singaphatha amaseva nge-RRAS efakiwe. Chofoza inkinobho yegundane engakwesokudla, khetha isilungiselelo bese uya.
Ngemva kweqe ikhasi lokuqala, siqhubekela ekukhetheni ukucushwa, sikhethe okwethu.
Ekhasini elilandelayo, siyacelwa ukuthi sikhethe izingxenye, khetha i-VPN ne-NAT.
Okulandelayo, okulandelayo. Ilungile.
Manje sidinga ukunika amandla i-ipsec futhi sabelane ngechibi lekheli elizosetshenziswa i-NAT yethu. Chofoza kwesokudla kuseva bese uya kuzakhiwo.
Okokuqala, faka iphasiwedi yakho ye-l2TP ipsec.
Kuthebhu ye-IPv4, qiniseka ukuthi usetha ububanzi bamakheli e-ip akhishelwe amaklayenti. Ngaphandle kwalokhu, i-NAT ngeke isebenze.
Manje kusasele ukwengeza isixhumi esibonakalayo ngemuva kwe-NAT. Iya entweni encane ye-IPv4, chofoza kwesokudla esikhaleni esingenalutho bese wengeza isixhumi esibonakalayo esisha.
Kusixhumi esibonakalayo (lesi esingeyona eyangaphakathi), sinika amandla i-NAT.
3. Vumela imithetho ku-firewall
Konke kulula lapha. Udinga ukuthola iqembu lemithetho Yokuhamba Nokungena Kude futhi uzinike amandla zonke.
4. Setha i-NPS
Sibheka Iseva Yenqubomgomo Yenethiwekhi ekuqaleni.
Kumathebhu lapho zonke izinqubomgomo zifakwe kuhlu, udinga ukunika amandla zombili ezijwayelekile. Lokhu kuzovumela bonke abasebenzisi bendawo ukuthi baxhume ku-VPN.
5. Xhuma nge-VPN
Ngezinjongo zokubonisa, sizokhetha i-Windows 10. Kumenyu yokuqala, sifuna i-VPN.
Chofoza inkinobho engeza ukuxhumana bese uya kuzilungiselelo.
Setha igama lokuxhuma kunoma yini oyifunayo.
Ikheli le-IP yikheli leseva yakho ye-VPN.
Uhlobo lwe-VPN yi-l2TP enokhiye owabiwe ngaphambilini.
Ukhiye owabiwe - i-vpn (yesithombe sethu esimakethe.)
Futhi ukungena ngemvume nephasiwedi kungukungena ngemvume nephasiwedi evela kumsebenzisi wendawo, okungukuthi, evela kumlawuli.
Chofoza okuthi xhuma futhi usuqedile. Manje i-VPN yakho isilungile.
Sithemba ukuthi umhlahlandlela wethu unikeza enye inketho kulabo abafuna ukuzenzela i-VPN yabo ngaphandle kokungcolisa i-Linux noma abafuna nje ukwengeza isango ku-AD yabo.
Source: www.habr.com