Friends know how to configure VPN under win ' 2003, but many of these are based on the server in the public network IP premise, and at present many units are connected through a router outside the network, the rest of the servers are under the router, using the intranet IP, then how do we configure VPN? 51CCNP will be here to tell you a good way.
a single network adapter configures the VPN server (Windows 2003)
The server is a Windows 2003 system, and the VPN service in 2003 is called Routing and Remote Access, which is installed by default, but is not enabled.
To open Routing and Remote Access in Administrative tools
Right-click on the local server listed and select Configure and Enable Routing and Remote Access. Next
Choose VPN access here, I only need VPN functionality. Next, the Configuration Wizard completes.
Click "Yes" to start the service.
See the "Routing and Remote Access" interface after the VPN service is started
The following starts to configure the VPN server
Right-click on the server, select "Properties", select "IP" tab in the pop-up window, and select "Static address Pool" in IP address assignment.
Then click the "Add" button to set the IP address range, this IP range is the VPN LAN internal virtual IP address range, each dial-in to the VPN server will be assigned to a range of IP, in the virtual local area network with this IP mutual access.
This is set to 10.240.60.1-10.240.60.10, altogether 10 IP, the default VPN server occupies the first IP, so, 10.240.60.1 is actually this VPN server in the virtual LAN IP.
At this point, the VPN service is partially configured.
two routers transfer extranet IP to intranet
TCP (protocol) 61.232.15.5 (router external network fixed IP) 1723 (VPN port) 10.240.60.1 (intranet server address) 1723
The steps above are important, remember, the port is 1723
Three add VPN users
Each client dialing into the VPN server requires an account number, which is Windows authentication by default, so set a user for each client that needs to dial in to the VPN and make a fixed internal virtual IP for the user to access each other.
Add a user to the Computer Management in the Administration tool to add a chnking user as an example
First create a new user named "Chnking", after the creation, view the user's properties, in the "dial-in" tab to do the appropriate settings, as shown in the figure:
The remote access permission is set to allow access to allow this user to dial-in to the server through the VPN.
Click "Assign static IP address" and set up an IP address in the range of a static IP pool in a VPN server, set to 10.240.60.2
If you have more than one client machine to access VPN, please create a new user for each client, and set a virtual IP address, each client is assigned to their own users to dial in the VPN, so each client dial-in VPN will get the same IP. If the user is not set to "Assign static IP address", each time the client dials into the VPN,VPN server, the client is randomly assigned a range of IP.
>>
Four>
Configuring Windows 2003 clients
The client can be Windows 2003, or it can be Windows XP, set almost the same, here for example with 2003 client settings.
Select Program-Attachment-newsletter-New Connection Wizard, Start Connection Wizard
Here, select the second item, "Connect to my workplace network," which is used to connect VPN. Next.
Select Virtual Private network connection, and next.
In the Connection Name window, fill in the connection name Szbti, next.
Here to fill in the VPN server's public network IP address.
Next, complete the new connection.
When you are done, you can see the newly created SZBTI connection under the virtual private network in the Control Panel's network connection
Right-click on the SZBTI connection and select "Properties". Click on the "Network" tab in the pop-up window, and then select Internet Protocol (TCP/IP), click on the Properties button, click on the "Advanced" button in the pop-up window, and remove the check in front of the "Use default gateway on the remote network".
If you do not remove this hook, the client dial-in to the VPN, will use the remote network as the default gateway, the result is that the client can only connect virtual LAN, not on the Internet.
The following can start dialing into the VPN, double-click the SZBTI connection, enter the user name and password assigned to this client, after dialing in the taskbar in the lower right corner will appear a network connection icon, that has been dialed to the VPN server.
Once the virtual local area network is entered, the client sets the shared folder, and other clients can access its shared folder through other client IP addresses.
