1 / 38

Create object for PPTP server IP address and IP address range Click “ Address ” in Objects

Scenario & Hands-on 7-1 VPN Configuration- PPTP. 1. 2. 3. 4. 5. 6. Create object for PPTP server IP address and IP address range Click “ Address ” in Objects Key in the correspond IP address. Scenario & Hands-on 7-1 VPN Configuration- PPTP. 1. 2. 3. 4. 5. 6.

hmcbride
Download Presentation

Create object for PPTP server IP address and IP address range Click “ Address ” in Objects

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Scenario & Hands-on7-1 VPN Configuration-PPTP 1 2 3 4 5 6 Create object for PPTP server IP address and IP address range Click “Address” in Objects Key in the correspond IP address

  2. Scenario & Hands-on7-1 VPN Configuration-PPTP 1 2 3 4 5 6 Create Local Database for PPTP authentication Click “Local User Databases ” in User Authentication Key in the correct Username and Password

  3. Scenario & Hands-on7-1 VPN Configuration-PPTP 1 2 3 4 5 6 Create PPTP tunnel Click “PPTP/L2TP Servers ” in Interface Choose the correspond configuration

  4. Scenario & Hands-on7-1 VPN Configuration-PPTP 1 2 3 4 5 6 Create User Authentication Rules for PPTP tunnel Click “User Authentication Rules ” in User Authentication Choose the correspond configuration Enable Log setting and choose local user database

  5. Scenario & Hands-on7-1 VPN Configuration-PPTP 1 2 3 4 5 6 Create IP Rules for PPTP tunnel Click “IP Rules ” in Rules Choose the correspond configuration Enable Log setting

  6. Scenario & Hands-on7-1 VPN Configuration-PPTP 1 2 3 4 5 6 • After all configuration, Click “configuration” on main menu bar • Click “Save and Activate”

  7. Scenario & Hands-on7-1 VPN Configuration-PPTP Testing Result

  8. Internal LAN1 IP: 192.168.1.0/24 Internal LAN2 IP: 192.168.2.0/24 Internal LAN3 IP: 192.168.3.0/24 Scenario & Hands-on7-1 Exercise 7-1- VPN Configuration-PPTP PPTP Client VPN Tunnel WAN1 DHCP IP Objectives: Use Windows client to Dial-up PPTP Ping the IP address of LAN in firewall DFL-1600

  9. Internal LAN1 IP: 192.168.1.0/24 Internal LAN2 IP: 192.168.2.0/24 Internal LAN3 IP: 192.168.3.0/24 Scenario & Hands-on7-2 VPN Configuration-L2TP/IPsec Network topology IP: 192.168.174.71/24 L2TP/IPsec Client VPN Tunnel WAN1 DHCP • Note: • L2TP/IPsec must use transport mode • Choose correct local net and remote net for IPsec tunnel • Choose correct inner IP address and Outer Interface filter for L2TP tunnel DFL-1600

  10. Objectives The user dial-up to firewall by Windows L2TP/IPsec client software Dial-up user communicate with LAN1 of firewall The logic of configuration Create objects for L2TP server IP address and IP address range Create Authenticating database Configure IPsec tunnel Configure L2TP server Create the IP rule for L2TP tunnel Scenario & Hands-on7-2 VPN Configuration-IPsec

  11. Scenario & Hands-on7-2 VPN Configuration-L2TP/IPsec 1 2 3 4 5 6 7 8 9 10 11 Create objects for L2TP server IP address and IP address range Click “Address” in Objects Key in the correspond IP address

  12. Scenario & Hands-on7-2 VPN Configuration-L2TP/IPsec 1 2 3 4 5 6 7 8 9 10 11 Create Local Database for L2TP authentication Click “Local User Databases ” in User Authentication Key in correct Username and Password

  13. Scenario & Hands-on7-2 VPN Configuration-L2TP/IPsec 1 2 3 4 5 6 7 8 9 10 11 Create the pre-shared key for L2TP Click “Pre-Share Keys ” in VPN Objects Key in the correspond value

  14. Scenario & Hands-on7-2 VPN Configuration-L2TP/IPsec 1 2 3 4 5 6 7 8 9 10 11 Create the IPsec tunnel Click “IPsec Tunnels” in Interface Choose correspond configuration

  15. Scenario & Hands-on7-2 VPN Configuration-L2TP/IPsec 1 2 3 4 5 6 7 8 9 10 11 Verify the IPsec tunnel Click “Authentication” in this IPsec tunnel Apply pre-shared key to this IPsec tunnel

  16. Scenario & Hands-on7-2 VPN Configuration-L2TP/IPsec 1 2 3 4 5 6 7 8 9 10 11 Verify the IPsec tunnel Click “Routing” in this IPsec tunnel Enable “Dynamically add routes to remote network when a tunnel is established “in this IPsec tunnel

  17. Scenario & Hands-on7-2 VPN Configuration-L2TP/IPsec 1 2 3 4 5 6 7 8 9 10 11 Verify the IPsec tunnel Click “Advanced” in this IPsec tunnel Disable “Add route for remote network “in this IPsec tunnel

  18. Scenario & Hands-on7-2 VPN Configuration-L2TP/IPsec 1 2 3 4 5 6 7 8 9 10 11 Create the L2TP tunnel Click “PPTP/L2TP Servers ” in Interface Choose correspond configuration

  19. Scenario & Hands-on7-2 VPN Configuration-L2TP/IPsec 1 2 3 4 5 6 7 8 9 10 11 Create User Authentication Rules for L2TP tunnel Click “User Authentication Rules ” in User Authentication Choose correspond configuration Enable Log setting and choose local user database

  20. Scenario & Hands-on7-2 VPN Configuration-L2TP/IPsec 1 2 3 4 5 6 7 8 9 10 11 Create IP Rules for L2TP tunnel Click “IP Rules” in Rules Choose correspond configuration Enable Log setting

  21. Scenario & Hands-on7-2 VPN Configuration-L2TP/IPsec 1 2 3 4 5 6 7 8 9 10 11 • After all configuration , Click “configuration” on main menu bar • Click “Save and Activate”

  22. Scenario & Hands-on7-2 VPN Configuration-L2TP/IPsec Testing Result

  23. Internal LAN1 IP: 192.168.1.0/24 Internal LAN2 IP: 192.168.2.0/24 Internal LAN3 IP: 192.168.3.0/24 Scenario & Hands-on7-2 Exercise 7-2- VPN Configuration-L2TP/IPsec L2TP/IPsec Client VPN Tunnel WAN1 DHCP IP Objectives: The user dial-up to firewall by Windows L2TP/IPsec client software Ping the IP address of LAN in firewall DFL-1600

  24. Scenario & Hands-on7-3 VPN Configuration- IPsec VPN Objects – Pre Shared Keys • For users to authenticate VPN tunnels • 2 types of method to enter PSK – ASCII and HEX • ASCII – type in passphrase • HEX – type in passphrase and use “generate” to cipher passphrase

  25. Scenario & Hands-on7-3 VPN Configuration- IPsec VPN Objects – LDAP • For secured authentication to established over VPN, CA need to be downloaded to LDAP Server

  26. Scenario & Hands-on7-3 VPN Configuration- IPsec ID Lists • The Concept of ID Lists is to manage and control accessibility of the VPN clients and gateways • Mobile clients can be restricted from accessing Internal networks by ID Lists

  27. Scenario & Hands-on7-3 VPN Configuration- IPsec IKE/IPsec Algorithms • Predefined IKE & IPSec Algorithms by default • High – Very Secured • Medium – Secured • You can defined your own algorithms

  28. Internal LAN1 IP: 192.168.1.0/24 Internal LAN2 IP: 192.168.2.0/24 Internal LAN3 IP: 192.168.3.0/24 Scenario & Hands-on7-3 VPN Configuration- IPsec Network topology DFL-1600 WAN1 IP: 192.168.174.71/24 Remote LAN Internal LAN IP: 192.168.10.0/24 VPN Tunnel WAN1 Static IP: 192.168.174.70/24 • Note: • Use same pre-share key and algorithm between two IPsec settings • Choose correct local net and remote net for IPsec tunnel DFL-1600

  29. Objectives Two firewalls communicate to each other by IPsec tunnel . The client of local-net ping to the client of remote-net The logic of configuration Create VPN Object( pre-shared key) Configure IPsec tunnel Create the IP rule for IPsec tunnel Scenario & Hands-on7-3 VPN Configuration-IPsec

  30. Scenario & Hands-on7-3 VPN Configuration- IPsec 1 2 3 4 5 6 Create objects for IP address of remote IP address and network Click “Address” in Objects Key in the correspond IP address

  31. Scenario & Hands-on7-3 VPN Configuration- IPsec 1 2 3 4 5 6 Create the pre-shared key for IPsec tunnel Click “Pre-Share Keys ” in VPN Objects Key in the correct value

  32. Scenario & Hands-on7-3 VPN Configuration- IPsec 1 2 3 4 5 6 Create the IPsec tunnel Click “IPsec Tunnels” in Interface Choose the correspond configuration

  33. Scenario & Hands-on7-3 VPN Configuration- IPsec 1 2 3 4 5 6 Combine two interfaces to one interface group Click “Interface Groups” in this Interface Choose the correspond interfaces

  34. Scenario & Hands-on7-3 VPN Configuration- IPsec 1 2 3 4 5 6 Create IP Rules for L2TP tunnel Click “IP Rules” in Rules Choose correspond configuration Enable Log setting

  35. Scenario & Hands-on7-3 VPN Configuration- IPsec 1 2 3 4 5 6 • After all configuration , Click “configuration” on main menu bar • Click “Save and Activate”

  36. Internal LAN1 Scenario & Hands-on7-3 Exercise 7-3- VPN Configuration-IPsec Odd group DFL-1600 Remote LAN Internal LAN VPN Tunnel Even group DFL-1600 Objectives: Two firewalls communicate to each other by IPsec tunnel The client of local-net ping to the client of remote-net

  37. Internal LAN1 IP: 192.168.1.0/24 Internal LAN2 IP: 192.168.2.0/24 Internal LAN3 IP: 192.168.3.0/24 Scenario & Hands-on7-4 VPN Configuration- IPsec with NetScreen 204 Network topology NetScreen 204 WAN1 IP: 192.168.174.71/24 Remote LAN Internal LAN IP: 192.168.10.0/24 VPN Tunnel WAN1 Static IP: 192.168.174.70/24 • Note: • Use same pre-share key and algorithm between two DFL-1600 and NS-204 • Choose correct local net and remote net for IPsec tunnel DFL-1600

  38. Objectives Two firewalls communicate to each other by IPsec tunnel . The client of local-net ping to the client of remote-net The logic of configuration Create VPN Object( pre-shared key, remote net/gateway and algorithm ) Configure IPsec tunnel Create the IP rule for IPsec tunnel Scenario & Hands-on7-4 VPN Configuration- NetScreen 204

More Related