Benutzeranleitung / Produktwartung VPN des Produzenten Allied Telesis
Zur Seite of 29
C613-16004-00 REV D www .alliedtelesis.com AlliedW ar e TM OS How T o | Intr oduction This document descri bes how to pr ovide secur e remote acce ss through IP se curity (IPSec) Virtual Priva te Networks (VPN).
Which pr oducts and releases do es it apply to? > Page 2 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T This document describes h ow to configure the Windows system to use IPSec VPN to connect to your office through the AR4 1 5S r outer .
Security issue > Page 3 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T Security issue Since this Windows VPN solution is usually used to allow remote access int.
Configuring the r outer > P erform in itial sec urity configuration on the router Page 4 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T Configuring the r outer .
Configuring the r outer > The configuration script Page 5 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T The configuration script Note: Comments are indi cated in the script below using the # symbol.
Configuring the r outer > The configuration script Page 6 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T # Firewall enable fire create fire poli=main create fir.
Configuring the router > Set the r outer to use the configuration Page 7 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T Set the r outer to use the configuration After loading the configuration onto the switch, set the router to use the script after a reboot.
Configuring the VPN c lient > Add a ne w registry entr y Page 8 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T Configuring the VPN client Configuring the Wi ndo.
Configuring the VPN client > Add the IP Security Policy Managem ent snap-in Page 9 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T Add the IP Security P olicy Manag ement snap-in Note: Y ou need to know the public IP ad dress for the r outer from y our Internet Ser vice Pr ovider (ISP) for this configuration.
Configuring the VPN client > Add the IP Security Policy Managem ent snap-in Page 10 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T 3.
Configuring the VPN client > Create an IP Security Pol icy Page 11 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T Cr eate an IP Security P olicy 1. On the Console window , click , then right-click I P Security Policies on Local Mac hine .
Configuring the VPN client > Create an IP Security Pol icy Page 12 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T 3. Click Next , then enter a name for y our security po licy (e .g. “T o Head Office”), as shown in the follo wing figure.
Configuring the VPN client > Create an IP Securi ty Rule Page 13 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T 5. Click Next. Y ou ha ve now completed the IP Security P olicy Wizard, as sho wn in the following figure.
Configuring the VPN client > Create an IP Securi ty Rule Page 14 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T 2. Click Add . This opens the Security Rule Wizard , as shown in the f ollowing figure. 3. Click Next .
Configuring the VPN client > Create an IP Securi ty Rule Page 15 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T 4. Click Next . The next window lets y ou specify the network type the IP Security rule applies to .
Configuring the VPN client > Create an IP Filter Page 16 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T Cr eate an IP Filter 1. Click Next . The next window , shown in the following figur e , lets you specify the IP filter for the type of IP traffic the IP Secu rity rule applies to .
Configuring the VPN client > Create an IP Filter Page 17 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T 3. Click Add . This star ts the IP Filter Wizard , as shown in the following figure. 4. Click Next . This opens the IP T raff ic Source window .
Configuring the VPN client > Create an IP Filter Page 18 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T 5. Click Next . This opens the IP T raff ic Destination window . Select A specif ic IP Address fr om the Destination address dr op-down bo x, as shown in the follo wing figure.
Configuring the VPN client > Create an IP Filter Page 19 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T 7. Click Next . This opens the IP Protocol Port window . Sele ct Fro m t h is po r t and enter 1 70 1 , as shown in the following figur e .
Configuring the VPN client > Create an IP Filter Page 20 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T 9. Click Finish , then on the IP Filter Li st window , click Close . This r eturns you to the Secur ity Rule Wizard IP Filter List windo w .
Configuring the VPN client > Create an IP Filter Page 21 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T 11. Click Next . This completes the Rule wizar d. Leav e the Edit properties box uncheck ed, as sho wn in the following figur e .
Configuring the VPN client > Create an IP Filter Page 22 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T 13. Click and then right-click on T o Head Office , and select Assign .
Configuring the VPN client > Configure the connection Page 23 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T Configur e the connection 1. On your desktop , click Star t > Settings > Control P anel . 2. Double-click the Network and Dial-Up Connection fold er .
Configuring the VPN client > Configure the connection Page 24 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T 5. Click Next . The next window lets you assign an associated dialled call or select Do not dial the initial connection .
Configuring the VPN client > Configure the connection Page 25 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T 7. Click Next . This opens the Connection Availability window . Select Only for m yself , as shown in the follo wing figure.
Configuring the VPN client > Configure the connection Page 26 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T 9. Click Finish . This opens the Connection Window . Enter y our user name and passw ord as shown in the following figur e .
Configuring the VPN client > Configure the connection Page 27 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T 11. Click OK . This completes the configuration of the L2TP client. T o connect to the office, click Connect .
T esting the tunnel > Checking the connection from the Windows client Page 28 | AlliedW are™ OS Ho w T o Note: VPNs with Windo ws 2000 clients, without NA T -T T esting the tunnel The simplest wa y to tell if traffic is passing th rough the tunnel is to perform a tr acer ou te from the Windows 20 00 client to a PC in the r outer’ s LAN.
USA Headq u ar ters | 19800 Nor th Cr eek Parkwa y | S u ite 200 | Bothell | WA 98011 | USA | T: +1 800 424 4284 | F: +1 425 481 3895 E u r opea n Headq u ar ters | Via Motta 24 | 6830 Chiasso | Switzerla n d | T: +41 91 69769.
Ein wichtiger Punkt beim Kauf des Geräts Allied Telesis VPN (oder sogar vor seinem Kauf) ist das durchlesen seiner Bedienungsanleitung. Dies sollten wir wegen ein paar einfacher Gründe machen:
Wenn Sie Allied Telesis VPN noch nicht gekauft haben, ist jetzt ein guter Moment, um sich mit den grundliegenden Daten des Produkts bekannt zu machen. Schauen Sie zuerst die ersten Seiten der Anleitung durch, die Sie oben finden. Dort finden Sie die wichtigsten technischen Daten für Allied Telesis VPN - auf diese Weise prüfen Sie, ob das Gerät Ihren Wünschen entspricht. Wenn Sie tiefer in die Benutzeranleitung von Allied Telesis VPN reinschauen, lernen Sie alle zugänglichen Produktfunktionen kennen, sowie erhalten Informationen über die Nutzung. Die Informationen, die Sie über Allied Telesis VPN erhalten, werden Ihnen bestimmt bei der Kaufentscheidung helfen.
Wenn Sie aber schon Allied Telesis VPN besitzen, und noch keine Gelegenheit dazu hatten, die Bedienungsanleitung zu lesen, sollten Sie es aufgrund der oben beschriebenen Gründe machen. Sie erfahren dann, ob Sie die zugänglichen Funktionen richtig genutzt haben, aber auch, ob Sie keine Fehler begangen haben, die den Nutzungszeitraum von Allied Telesis VPN verkürzen könnten.
Jedoch ist die eine der wichtigsten Rollen, die eine Bedienungsanleitung für den Nutzer spielt, die Hilfe bei der Lösung von Problemen mit Allied Telesis VPN. Sie finden dort fast immer Troubleshooting, also die am häufigsten auftauchenden Störungen und Mängel bei Allied Telesis VPN gemeinsam mit Hinweisen bezüglich der Arten ihrer Lösung. Sogar wenn es Ihnen nicht gelingen sollte das Problem alleine zu bewältigen, die Anleitung zeigt Ihnen die weitere Vorgehensweise – den Kontakt zur Kundenberatung oder dem naheliegenden Service.