1. Configuring A VPN Server
In order to provide a secure way which you can use to access the private information, the
following instructions will show the steps to set up a Virtual Private Network (VPN) on
Windows 2000 Server or Windows 2000 Advanced Server environments.
1. Select Routing and Remote Access on Administrative tools, and to start the RRAS configuration process.
2. Right-click the server name and choose Configure and Enable Routing and Remote Access.
3. Do not choose Virtual private network (VPN) server—there is a bug in the wizard. Instead, choose Manually configured server.
　　　　　
4. When prompted, click Yes to start RRAS. RRAS initializes and shows its MMC interface. Make sure that the server is selected.
5. Right-click the server name and choose Properties. Then click the IP tab.
6. Choose Static address pool and click Add. Enter a range of IP addresses that the RRAS server will distribute to remote clients. In this example, the range is
192.168.1.1-200. Click OK.
7. (Option)In the Use the following adapter to obtain DHCP, DNS, and WINS addresses for dial-up clients field, choose the adapter that is connected to your private network.
　　　　　
8. Click the Event Logging tab and choose Log the maximum amount of information.
　　　　
9. Next, you must configure the PPTP and L2TP ports. In the RRAS interface, select Ports.
　　　　
10. Right-click Ports and choose Properties.
11. To configure the PPTP ports, select "WAN Miniport (PPTP)" and click Configure.
Clear the Demand-dial routing connections (inbound and outbound) checkbox. Increase the number of ports as necessary for your environment. In this example, 128 ports are configured. Click OK.
　　　　
12. Since you are not using IPSec in this example, there is no need for L2TP ports.
Select WAN Miniport (L2TP) and click Configure. Change the number of ports to 0. Click OK.
　　　　
13. You may receive a notice indicating that current connections might be
disconnected. Click Yes.
14. When the Ports Properties dialog box appears, click OK.
15. In the RRAS MMC, select Remote Access Logging and Right-click Local File in
the right pane and choose Properties. Select Log authentication requests on
the Settings tab. Click OK.
Now you are finished configuring RRAS on the server.
2. Creating a VPN Connection File
To create a connection file that can be distributed to many users you must first make sure
that you have the Connection Manager Administration Kit installed. A connection file, in
Windows 9x and Windows NT, is an icon representing a dial-up networking connection
that also executes a script for logging onto the network dialed.
To verify that you have the Connection Manager Administration Kit installed
1. On Administrative Tools, check for a link to the Connection Manger
Administration Kit.
2. If it is not present, you must install it.
3. On Control Panel Click Add Remove Programs, and click Add Remove
Windows Components.
4. Select Management and Monitoring tools and click Details.
5. Select only Connection Manager Components and click OK.
2.1 Building a Connection File
1. Click Connection Manager Administration Kit on Administrative Tools.
2. Make sure the Create New Service Profile radio button is selected and click
Next.
3. You are prompted for a service name and a file name. The service name is the
name for the connection file. The file name is the name of the executable file that
will be created. After typing the names, click Next.
4. Next you are asked to merge service profiles. Because you do not have an
existing profile, click Next.
5. On the Support Information page, type your support information. This can
point the users to the help button or provide them a phone number to call. Click
Next.
6. Click Next on the Realm Name page. The VPN service does not require a realm
name.
7. Click Next on the Dial-Up Networking Entries page. Once again, We do not
use this function.
8. On the VPN support page, select This Service Profile and click Next.
9. On the VPN Connection page, you can either use the IP address for the VPN
connection server or the fully qualified name of the server. When you are finished
click Next.
10. The next page click Next.
11. Click Next on the Auto-Applications page.
12. On the Logon Bitmap page, you can choose a graphic for the logon screen. If
you do not have a graphic, select the default and click Next.
13. Click Next on the Phone Book Bitmap page because you are not using dial-up
networking.
14. Click Next on the Phone Book page because, again, you are not using dial-up
networking..
15. On the Icons page, accept the defaults and click Next.
16. On the Status-Area-Icon Menu page, accept the defaults and click Next.
17. The next page prompts you for a Help File. If you do not, accept the default and
click Next.
18. On the Connection Manager Software page, make sure the Include
Connection Manager 1.2 software checkbox is selected and click Next.
19. On the License Agreement page, accept the defaults unless you have a license
agreement file. Click Next.
20. The next page prompts you for additional files to provide the end user. At this
time you do not have any, so click Next.
21. On the Ready to Build Service Profile page, click Next.
22. The final step is to accept the default file location and click Finish.
2.2 Setup Configuration Settings
1. First locate the executable for the connection file which you just created. You
should find this in the c:\Program Files\CMAK\Profiles\(connection file name)
folder. In this folder there is a file that has a .CMS extension.
2. Next, you need to edit this file in Notepad, change
Dialup=1 to Dialup=0
3. Now, reconfigure the connection file. Open the Connection Manager
Administration Kit and click Next.
4. On the Service Profile Source page, choose Edit this existing service
profile. Then choose your connection file from the dropdown list and click Next.
5. If you do not need to make any other changes, you can just click Next until you
are prompted to overwrite the existing file. Click Yes and then click Finish on the
completion page.
Now you can distribute the .exe file to your end users. Customers can run the .exe file on
their desktop to install the VPN Client file on their local computer. They can find the
VPN icon under My Network Properties on the desktop.

　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　E-Mail　：wxp@ccxx.net

　　　　　　（亚威科技 http://www.ccxx.net 转载请注明出处）