Using the built-in Routing and Remote Access functions of the Windows server system, setting up a VPN Server is nothing new. However, when setting up a VPN Server in this way, A series of complex and cumbersome settings are required. Obviously, such a "project" will put a lot of cainiao users away! In order to make it easier for cainiao users to build a VPN Server of their own, this article specifically recommends a different setup Method for you, using the built-in VPN Server Function of Kerio Winroute Firewall tool, this method can simplify the setup steps of the VPN Server and use Firewall policies to "guard" the security of the VPN Server!
Prepare for setup
To use the Kerio Winroute Firewall tool to easily set up your own VPN Server, you first need to install and set up the tool software in the server system of the LAN. Before installing the tool, go to the terminal. When the wizard window pops up, "The Kerio VPN Adapter driver has not passed the Windows logo test ......" When prompted, you can click "continue" to ignore this prompt. In the future, follow the default settings to complete other installation operations, after the installation is complete, the wizard will ask you if you want to restart the server system. At this time, you can make a positive response and ask the server to restart, in this way, the installation task of the Kerio Winroute Firewall tool is completed.
Official setup
Because the Kerio Winroute Firewall tool has a built-in VPN Server, the installation task of the Kerio Winroute Firewall tool is completed, which means that the VPN server has been installed. Of course, the setup task of the VPN Server has just begun, because the VPN Server cannot provide the VPN service for external users, so we need to start the VPN service through the following operations, configure the relevant parameters of the VPN Server correctly.
When starting the VPN service, you can click "start", "program", "Kerio", and "Winroute Firewall Control" commands. In the create connection dialog box shown in 2, enter the initial password of the corresponding Administrator Account set during installation, and then click the Connect button, so that you can smoothly enter the console interface of the Kerio Winroute Firewall program; at the same time, a Wizard setting window titled "Network rules Wizard" appears on the console interface. Click "Next" in the window to go To the dialog box shown in 3, here, you can select the network connection method used by your server, which is LAN connection, dial-up connection, or satellite broadcast connection. By default, this tool uses LAN connection, if you use other connection methods, you can select the corresponding connection options and then click "Next;
In the wizard window, you will be asked if you want to restrict users in the LAN to use Internet services. If you select the "Allow access to all services" option, it means that no restrictions are imposed on LAN users to use various Internet services, but considering the server security, we recommend that you select the "Allow access to the following services only" option, then, on the List page shown in figure 5, select the required services, such as the http service, smtp service, and pop3 service;
Click "Next", select the "Yes, I want to use Kerio VPN" project in the Wizard setting box shown in 6, and click "Finish, in this way, the built-in VPN service of Kerio Winroute Firewall can be successfully started.
[First page] 1 2 [Next Page] [Last Page]After starting the VPN Server, You need to customize the parameter configurations of the server to ensure that the VPN Server provides external services correctly. When configuring the VPN Server parameters, you can double-click the Configuration/Interfaces option in the console interface of the Kerio Winroute Firewall program, and in the subsequent VPN Server attribute settings window, click the "VPN Server" tab and click the "General" tab in the attribute Configuration box shown in 7. On the corresponding tab page, you will find that the VPN Server is in the default status, A Class c ip address that is completely different from the local network address is automatically generated for the VPN customer. At this time, you can change the class c ip address to the IP address that meets the networking requirements according to your actual needs.
To avoid security attacks on the information on the VPN Server, you can also click the "SSL Certificate" button in Figure 7. In the figure 8 Setting box that appears, click Generate Certificate ..." Button, enter the SSL Certificate Information in the interface that appears, and then click the "OK" button. In this way, the information transmitted on the VPN Server will be encrypted by the automatically generated SSL certificate, in this way, the VPN Server will not leak data easily.
Considering that the default service port number used by the VPN Server is "4090", to prevent illegal attackers from attacking the server through this service port, you may wish to modify the service port number used by the VPN Server, this prevents unauthorized users from using the VPN service. When modifying the service port, you can click the "Advanced" tab in the VPN Server attribute setting box, and then in the "Listen on port" setting item on the tab in Figure 9, enter a new port number that is not used by the server. After the preceding VPN Server parameter setting task is completed, click "OK" in the setting box to save the set parameters so that the new parameters are valid.
Access the VPN Server
Through the above steps, even if a simple VPN Server is set up, how is it easy and fast !? However, the common VPN Client cannot access the VPN Server. To access the VPN Server successfully, you must assign a valid user account to the VPN Client and perform simple configuration on the client.
When assigning a valid user account to a VPN user, you can double-click the Users and Groups/Users option on the console interface of the Kerio Winroute Firewall program, click the "Add" button on the Users option page to open the account creation Wizard Page shown in 10. In the "Name" text box on this page, you can enter the Name of the VPN account, for example, "0001VPN", select the "Internal user database" option from "Authentication", and enter the access password of the corresponding VPN account correctly.
After setting the logon username and password, click the "Next" button. In the wizard window, if you want to set the user permission, you can assign different permissions to different accounts as needed, but you must select "User can connect using VPN, only in this way can each VPN user establish a correct connection with the VPN Server. After you click "Next", you can limit the access traffic of each user and set the content policy of the VPN user, click "Finish" to end the creation task of the VPN account.
With the Logon account of the VPN Server, you cannot access the content of the VPN Server from a remote client. You also need to download and install the client program of the Kerio Winroute Firewall tool from the Internet. Then, on the VPN Client interface that is opened, click the "Add" button. In the dialog box that appears, fill in the IP address of the created VPN Server, at the same time, enter the access account name and logon Password at "Username" and "Password", and then click "OK, in this way, you have completed a network connection project that communicates with the VPN Server. Then you can select the network connection project on the VPN Client Program Interface and click the Connect button. It will take a long time for the remote client to successfully access the VPN Server.
[First page] [Previous Page] 1 2 [Last Page]Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
