How to Use the VPN route table to establish China Netcom

VPN routing technology mainly uses tunneling technology and encryption methods. Here we mainly analyze how to use the VPN route table to use both the optical fiber access network and the telecom network. If you use IP address verification, and it is not suitable for normal ADSL and other dynamic IP address users, it is not convenient to use MAC address verification, because many ADSL uses a router to access the Internet, the MAC address should be the MAC address of the route, the attempt is inconvenient, so we want to use the VPN route table.

What is VPN

VPN (Virtual Private Network) routing technology refers to the technology that uses tunneling technology, encryption, identity authentication, and other methods to build a Private Network on the public Network, data is transmitted in the public network through a secure "encryption Pipeline. Currently, VPN route tables are more and more used in some large enterprises, especially some enterprises with branches. The reason for this is that the connection between any two nodes in the VPN network does not have the end-to-end physical link required by the traditional private network, but is structured on public network service providers such as China Netcom or China Telecom) the Logical Network on the network platform provided.

Set VPN Service

VPN can be implemented in many ways, either using a router with the VPN function or using Linux, windows, and other operating systems, in windows, it is easier to create a VPN Server with a single or dual Nic. I will not go into details about this. This article describes how to implement NAT with dual NICs in windows 2003. The dual NICs access the network and the telecom network respectively, so that all VPN users connected to the server can use the server's routing policy to achieve automatic switch of China Netcom Telecom, to quickly log on to the China Netcom or China Telecom website.

The following describes the actual implementation process. In this article, a server with a public IP address is connected to China Netcom and China Telecom. First, enable the Service to disable the Windows Firewall/Internet Connection SharingICS service, you must set this before proceeding to the next step. Configure an account with the dial-in permission below: create an account in the user and group to add the account to the Guests group for security) and select allow access on the dial-in tab. You can also select and assign a static IP address below, specify a static IP address for this user. Right-click Routing and Remote Access> IP routing rules> General, right-click to add a routing protocol, select NAT/basic firewall, and then right-click NAT/basic firewall to add an interface, select a connection such as China Netcom, select a public interface to connect to the Internet, and enable NAT on this interface. The address pool and other options can also be configured together ).

Now the VPN Server with the NAT Function has been basically set up, but now the server does not automatically determine the lines between China Netcom and China Telecom. You also need to configure the server's VPN route table. The VPN route table settings are also relatively simple. The latest VPN route table of China Netcom Telecom is included in it. If there is any new route table, you can continue to add it. Here, it is handled by non-China Netcom or China Telecom, I have prepared a batch processing file. When using this file, you only need to replace the Netcom gateway and the telecom gateway with the gateway of your server. If you clear all VPN route tables, you can use the route-f command. Note: Use this command with caution on a remote server.

Connect to the VPN Server from the client

Now, if all the configurations are correct, you can connect to the VPN. To improve the DNS resolution speed, we also set the DNS for this VPN connection. Here we are working on the China Netcom dual-line, you can set a China Netcom DNS server and a China Telecom DNS server address. Here we set up two commonly used DNS in Shandong, China Netcom: 202.102.128.68, China Telecom: 219.146.0.130. If everything is normal, visit China Netcom and China Telecom's websites respectively. The following is a speed download test after I connect to the VPN route table using common ADSL. The download speed is directly related to the following items: the speed from the VPN Client to the VPN Server, and the speed from the VPN Server to the accessed site. In this article, the server uses dual-fiber access, and the latter impact can be ignored. In addition, the methods mentioned in this article are also suitable for other network environments, such as campus networks (CERNET) and public networks. You can also develop more and better applications.