With the built-in routing and Remote Access capabilities of Windows Server systems, it's no novelty to set up a VPN server, but by this method, a series of complex and cumbersome settings are required, and it is clear that the erection of "engineering" will make many novice users discouraged! In order to be able to chat between, can let you rookie friends easily set up a VPN server, this article deliberately recommended a different way to set up, the method through the Kerio Winroute Firewall tools built in the VPN server function, can simplify the installation of VPN server steps , but also the use of firewall policies to "escort" the security of the VPN server, really kill both birds!
do the erection and preparation work
To easily set up your VPN server through the Kerio Winroute Firewall tool, you first need to install the tool software in the LAN server system, and before you install the program, you may want to go to http://download.pchome.net/ internet/server/router/10722.html Download the latest version of the tool software installer, and then directly double-click the download of the installer, you can start the installation of the tool software; During the installation process, the Installation wizard window pops up the interface shown in Figure 1, You are required to enter the initial password for the administrator account, after the password has been entered and confirmed, and then click the "Next" button to continue the following installation operation. When the wizard window pops up the "Kerio VPN adapter driver does not pass the Windows logo test ..." Prompt, you can click the "still Continue" button to ignore such prompts; After the installation, the wizard window asks you if you want to reboot the server system, so you can answer for sure and let the server reboot so that the Kerio Winroute Firewall Tool installation task is over.
The official erection work
Because the Kerio Winroute Firewall tool has a VPN server built into it, it completes the installation task of the Kerio Winroute Firewall tool, which in fact is equivalent to installing the VPN server. Of course, the task of setting up the VPN server is just beginning, because at this time the VPN server can not provide VPN service, which requires us to start the VPN service through the following operations, and correctly configure the VPN server related parameters.
When you start the VPN service, you can click the Start/program/Kerio/Winroute Firewall Control command, and in the New Connection dialog box that appears in Figure 2, enter the initial password for the corresponding administrator account that you set up at setup, and then click Connect button so that you can successfully enter the console interface of the Kerio Winroute firewall program, and in the console interface, a wizard settings window titled "Network Rules Wizard" is also available, click Next button, and go to the dialog shown in Figure 3, here you can select the way your server uses the network connection, whether it is a LAN connection, a dial-up connection, or a satellite broadcast connection; By default, the tool uses a LAN connection, and if you use other connection methods, You can select the corresponding connection option, and then click the Next button;
In the next Figure 4 Interface, the wizard window asks you which network adapter to use to connect directly to the Internet, and if you have only one network adapter card in your server, you can skip this step by clicking the "Next" button; If you have more than one network adapter card in your server, click Available Adapter "At the Drop-down button, and from the Drop-down list to select the Internet-connected network card, then you will see the network adapter card IP address, netmask address and MAC address, etc.;
The wizard window then asks you if you want to restrict the use of Internet services to users on your local area network, and if you select the Allow access to all service option, you are not restricting the use of Internet services by LAN users. But actually, given the security of the server, we recommend that you select the Allow access to the following service only option, and then, in the list interface shown in Figure 5, select the few services that are required, such as the HTTP service, the SMTP service, POP3 service and so on;
Continue clicking the "Next" button, and in the wizard settings box shown in Figure 6, select the "Yes,i want to use Kerio VPN" item, and then click the Finish button so that the Kerio Winroute The VPN service built into the firewall tool was successfully launched.
[First Page] 12 [Next page] [last page]
After completing the VPN server startup task, you also need to make some personalized configuration of the server, in order to ensure that the VPN server to provide services correctly. When configuring parameters for a VPN server, you can double-click the Configuration/interfaces option in the console interface of the Kerio Winroute firewall program, and in the subsequent VPN Server Properties Settings window, click VPN Server tab, and in the property configuration box that is shown in Figure 7, click the General tab, and in the corresponding tab page you will find that the VPN server automatically generates a C-class IP address that is completely different from the local network address for the VPN client in the default state. At this point you can modify the C-class address to meet the requirements of the network IP address according to the actual needs.
To avoid security attacks on the VPN server, you can also click the "SSL Certificate" button in the Figure 7 interface, and in the following Figure 8 Settings box, click the "Generate Certificate ..." button, Enter the SSL certificate information in the interface that appears, and then click the OK button so that the information transmitted in the VPN server is encrypted by an automatically generated SSL certificate, so that the VPN server will not be able to disclose it easily.
Considering that the VPN server uses the service port number "4090" by default, you might want to modify the service port number used by the VPN server to prevent illegal attackers from illegally attacking the server through the service port, so that the VPN service cannot be used by illegal users. When modifying a service port, you can click the "Advanced" tab in the VPN Server property settings box, and then enter the new port value that is not yet used by the server in the "Listen on port" setting item on the label page of Figure 9. When the above VPN server parameter setting task is finished, click the OK button in the Settings box to save the set parameters so that the new parameters are valid.
Access VPN server
Through the above steps, a simple VPN server even if set up completed, how, is not easy and fast!? But here it is. Ordinary VPN clients are also unable to access the VPN server, and in order to successfully access the VPN server, you also need to assign a legitimate user account to the VPN client, as well as a simple configuration on the client.
When assigning a legitimate user account to a VPN client, you can double-click the Users and Groups/users option in the console interface of the Kerio Winroute firewall program, and then click the Add button on the Users Options page. Open the Account Creation Wizard interface shown in Figure 10, where you can enter the name of the VPN account in the "Name" text box, say "0001VPN", and then select the "Internal User database" option from "Authentication". At the same time correctly enter the corresponding VPN account access password.
After completing the login username and password set operation, click the "Next" button, when the wizard window asks you if you want to set user rights, you can assign different permissions according to the actual needs of different accounts, but be sure to "User can connect using VPN" selected, This is the only way to ensure that each VPN user is properly connected to the VPN server. After you continue to click the "Next" button, you can limit the access traffic for each user, and set the VPN user's content policy appropriately, complete all of the above settings, then click the Finish button to end the VPN account creation task.
With the VPN server's login account, you will not be able to access the contents of the VPN server from the remote client, you will also need to download and install the Kerio Winroute Firewall tool client program from the Internet. Then, in the Open VPN Client program interface, click the Add button, and in the dialog box that appears, fill in the previously created VPN server IP address, enter the access account name and login password at "Username" and "Password", and click "OK" button so that you can complete a network connection project that communicates with the VPN server. You can then select the network connection item in the VPN client interface, and then click the Connect button, and the remote client will be able to successfully access the VPN server for a long time.
[First Page] [prev] 1 2 [last page]
