1 Introduction
Virtual Private Network (VPN) technology is used on the Internet to establish its own Private Network by means of encryption and authentication, to meet the security and confidentiality needs of enterprises to transmit data over the Internet. VPN, as a mature security technology application on the Internet, has been rapidly popularized in enterprises, scientific research, education, and other fields because it can reduce information management costs and have good scalability. Therefore, understanding and applying VPN technology will become an important knowledge point in computer network courses. This paper discusses how to use the original equipment of the network lab of colleges and universities to build a VPN experiment environment, which has practical guiding significance for improving students' practical computer network operation ability. Because VPN construction experiments require a variety of devices to build the network, it is difficult to achieve the desired teaching experiment results because they are used in teaching experiments. In view of the fact that a virtual machine can Virtualize multiple operating systems and hardware devices on one host, combined with the existing equipment conditions, a virtual machine-based VPN experiment environment is designed and implemented, in this case, virtual technologies can be used to quickly set up a network experiment environment, greatly saving time and making full use of various experiment resources, saving resources and facilitating construction.
2 main technologies
2.1 VPN Technology
VPN refers to the technology that relies on ISP (Internet Service Provider) and other NSP (Network Service Provider) to establish a dedicated data communication network in a public network. In a VPN, the connection between any two nodes does not have the end-to-end physical link required by the traditional private network, but is dynamically composed of resources of a public network. VPN can connect components and resources of different networks, and create tunnels for users using the Internet or other public network infrastructure, it also provides the same security and function assurance as the dedicated network. VPN can be used in colleges and universities to connect different branch campuses, legal users outside the school, and teachers on business trips, correspondence and adult students can access restricted network resources and library resources that must be on-campus IP addresses.
2.2 Virtual Machine Technology
A virtual machine is an independent logical Computer Virtualized on a physical computer. A virtual machine can be created through virtual machine software. The emergence of virtual machine technology and powerful virtual functions of Virtual Machine Software make it possible to use limited experimental devices to carry out previously impossible experiments. Virtual Technology allows you to easily create multiple homogeneous or Heterogeneous Virtual Computer Systems on one master system, and these systems can run simultaneously and switch back and forth without restarting the system. These computers can also be connected to each other to form a network. Therefore, a virtual experiment environment can be built using computer virtual technology. Most computer practical activities can be completed in such a virtual environment.
3 network lab teaching status
(1) Conflicts between lab equipment requirements.Generally, a complete set of network test equipment includes various types of switches, routers, and related equipment. The price is very expensive. At present, many colleges and universities have serious shortage of computer network lab equipment, so many computer network experiments are difficult to open. Even if it is opened, it cannot guarantee that each student has a computer network lab device.
(2) experiment management is cumbersome.Because different network experiment platforms need to be set up for various network experiments, a large number of devices are required. To enable students of each shift to experience the experiment process, after completing the experiment, lab teachers need to restore various experimental environments so that the next batch of students can perform experiments from the beginning. Therefore, the workload is large and management is inconvenient.
(3) lab time constraints.The comprehensive and design experiments of online courses are complex. Not all students can complete the courses in the specified class hours. If the courses are completed strictly according to the commuting time, the students' experiments cannot be completed, the results of this experiment cannot be saved. The next experiment needs to start from scratch again.
Virtual machines can Virtualize various network environments, facilitate restoration management, and provide the suspension function, so that unfinished experiments can be completed next time, which can effectively solve some problems existing in network experiment teaching. In view of the needs of Computer Lab teaching and the special functions and advantages of Virtual Machine Software, it is of great significance to use virtual machine technology to build an experimental environment for practical lab teaching.
4. experiment content design
4.1 tutorial Purpose
Simulate two users in different CIDR blocks on and off campus, and connect two CIDR blocks using VPN technology, so that computers in two different CIDR blocks can access each other.
4.2 Network Topology Design
Assume that the on-campus virtual subnet A: 202.192.128.X and the off-campus virtual subnet B: 202.192.196.X are two different network segments. Considering the use of virtual machines for experiments, we should try to simplify the experiment environment as long as we can achieve the purpose of the experiment, let the students understand the experiment process, and this does not impose too high requirements on the experiment conditions. Therefore, we have only one virtual machine for each network segment. In this tutorial, One Windows Server 2003 virtual machine is used as the VPN Server and two virtual machines are used as the machines for Network A and Network B. Because VMware virtual software can provide the function of copying virtual machines, the two virtual machines also use Windows Server2003, And the VMnet 1 and VMnet 2 virtual networks are also required. Network Topology 1.
650) this. width = 650; "style =" width: pixel PX; height: 164px "alt =" VPN experiment network topology "src =" 51cto.com/uploads/allianz 110829/1531315319-0.jpg "height =" 164 "width =" 378 "/>
Figure 1 VPN experiment network topology
The implementation scheme is as follows:
(1) Use the RRAS service of the Windows Server 2003 Server to configure the VPN Server;
(2) configure the VPN Client on the Windows 2000 professional Virtual Machine to create a VPN dial-up connection.
(3) simulate the Internet-based Virtual Machine B to access the Internet-based Virtual Machine A through the VPN Server.