To accomplish the given assignment, you need to perform the following tasks:
Configure RRAS as a VPN remote access solution.
Configure a new network policy for RRAS clients.
Configure logging.
Test logging levels.
Task 1: Configuring RRAS as a VPN Remote Access Solution To configure RRAS as a VPN remote access solution, you need to perform the following
1. Install the Network Policy and Access Services role in the Image_DC1 virtual machine.
2. Configure the Image DCL virtual machine as a VPN server with a static address pool for remote access clients.
3. Configure the available VPN ports on the RRAS server.
Task 1.1: Installing the Network Policy and Access Services Role in the Image DC1 Virtual MachineTo install the Network Policy and Access Services role in the Image_DC1 virtual machine, you need to perform the following steps:
1. Switch to the Image_DC1 virtual machine.
2. Ensure that the Server Manager window is open and active.
3. Click the Add roles and features link in the right pane.
4. Click the Next button. The Select installation type page is displayed.
5. Click the Next button. The Select destination server page is displayed.
6. Click the Next button. The Select server roles page is displayed.
7. Select the Network Policy and Access Services check box. The Add Roles and Features Wizard dialog box is displayed.
8. Click the Add Features button. The Select server roles page is displayed.
9. Click the Next button. The Select features page is displayed.
10. Click the Next button. The Network Policy and Access Services page is displayed.
11. Click the Next button. The Select role services page is displayed.
12. Ensure that the Network Policy Server check box is selected.
13. Click the Next button. The Confirm installation selections page is displayed.
14. Select the Restart the destination server automatically if required check box.
15. Click the Yes button. The Confirm installation selections page is displayed.
16. Click the Install button. The Installation progress page is displayed.
17. Click the Close button.
Task 1.2: Configuring the Image DC1 Virtual Machine as a IIPN Server with a Static Address Pool for Remote Access Clients
To configure the Image DC1 virtual machine as a VPN server with a static address pool for remote access clients, you need to perform the following steps:
1. Press the Windows key. The Start screen is displayed.
2. Click the Routing and Remote Access tile. The Routing and Remote Access window is displayed.
3. Select the DIAGE_DC1 (local) node in the left pane.
4. Right-click the IMAGE_DC1 (local) node, and then select the Disable Routing and Remote Access option. The Routing and Remote Access dialog box is displayed.
5. Click the Yes button. The Stopping Routing and Remote Access message box is displayed and disappears automatirAtly after a few moments.
6. Right-click the 1MAGE_DC1 (local) node, and then select the Configure and Enable Routing and Remote Access option. The Welcome to the Routing and Remote Access Server Setup Wizard page is displayed.
7. Click the Next button. The Configuration page is displayed.
8. Click the Next button. The Remote Access page is displayed.
9. Select the VPN check box.
10. Click the Next button. The VPN Connection page is displayed.
11. Select the Local Area Connection option under the Name column in the Network interfaces list.
12. Click the Next button. The IP Address Assignment page is displayed.
13. Select the From a specified range of addresses option.
14. Click the Next button. The Address Range Assignment page is displayed.
15. Click the New button. The New IPv4 Address Range dialog box is displayed.
16. Type 172.16.0.20 and 172.16.0.30 in the Start IP address and End IP address text boxes, respectively.
17. Click the OK button. The Address Range Assignment page is displayed.
18. Click the Next button. The Managing Multiple Remote Access Servers page is displayed.
19. Click the Next button. The Completing the Routing and Remote Access Server Setup Wizard page is displayed.
20. Click the Finish button. The Routing and Remote Access dialog box is displayed.
21. Click the OK button. The Routing and Remote Access message box is displayed.
22. Click the OK button. After a few moments, the Routing and Remote Access window is displayed.
Task 1.3: Configuring the Available VPN Ports on the RRAS Server
To configure the available VP/C ports on the RRAS server, you need to perform the following steps in the Image_DC1 virtual machine:
1. Ensure that the BLAGE DC1 (local) node is expanded in the left pane.
2. Select the Ports node in the left pane.
3. Right-click the Ports node in the left pane, and then select the Properties option.
4. Double-click the WAN Miniport (SSTP) option under the Name column.
5. Select and replace the existing value with 0 in the Maximum ports spin box.
6. Click the OK button. The Routing and Remote Access dialog box is displayed.
7. Click the Yes button. The Ports Properties dialog box is displayed.
8. Double-click the WAN Miniport (PPTP) option under the Name column.
9. Select and replace the existing value with 25 in the Maximum ports spin box.
10. Click the OK button. The Routing and Remote Access dialog box is displayed.
11. Click the Yes button. The Ports Properties dialog box is displayed.
12. Double-click the WAN Miniport (L2TP) option under the Name column.
13. Select and replace the existing value with 25 in the Maximum ports spin box.
14. Click the OK button. The Routing and Remote Access dialog box is displayed.
15. Click the Yes button. The Ports Properties dialog box is displayed.
16. Click the OK button. The Routing and Remote Access window is displayed.
17. Close the Routing and Remote Access window
Task 2: Configuring a New Network Policy for RRAS Clients To configure a new network policy for RRAS clients, you need to perform the following steps in the Image DC1 virtual machine:
1. Press the Windows key. The Start screen is displayed.
2. Click the Network Policy Server tile. The Network Policy Server window is displayed.
3. Expand the Policies node in the left pane.
4. Select the Network Policies node in the left pane.
5. Right-click the Network Policies node in the left pane, and then select the New option.
6. Type Secure LPN in the Policy name text box.
7. Select the Remote Access Server(VPN-Dial up) option from the Type of network access server drop-down list.
8. Click the Next button. The Specify Conditions page is displayed.
9. Click the Add button. The Select condition dialog box is displayed.
10. Scroll down the Select a condition, and then click Add list to locate the Connection Properties section.
11. Scroll down and double-click the Tunnel Type option under the Connection Properties section. The Tunnel Type dialog box is displayed.
12. Select the Layer Two Tunneling Protocol (L2TP) and Point-to-Point Tunneling Protocol (PPTP) check boxes under the Common dial-up and %TN tunnel types section.
13. Click the OK button. The Specify Conditions page is displayed.
14. Click the Next button. The Specify- Access Permission page is displayed.
15. Click the Next button. The Configure Authentication Methods page is displayed.
16. Clear the Microsoft Encrypted Authentication (MS-CHAP) check box.
17. Click the Next button. The Configure Constraints page is displayed.
18. Select the Day and time restrictions icon in the left pane under the Constraints section.
19. Select the Allow access only on these days and at these times check box in the right pane.
20. Click the Edit button. The Day and time restrictions dialog box is displayed.
21. Select the Denied option.
22. Select 12:00 PM to 6:00 PM time range from Monday to Friday.
23. Select the Permitted option.
24. Click the OK button. The Configure Constraints page is displayed.
25. Click the Next button. The Configure Settings page is displayed.
26. Select the Encryption icon under the Settings section in the left pane.
27. Clear all the check boxes except the Strongest encryption (MPPE 128-bit) check box in the right pane.
28. Click the Next button. The Completing New Network Policy page is displayed.
29. Click the Finish button. The Network Policy Server window is displayed.
30. Ensure that the Secure VPN policy is displayed under the Policy Name column in the right pane.
31. Close the Network Policy Server window.
Task 3: Configuring Logging To configure logging, you need to perform the following steps in in the Image_DC1 virtual machine:
1. Press the Windows key. The Start screen is displayed.
2. Click the Routing and Remote Access tile. The Routing and Remote Access window is displayed.
3. Select the IMAGE_DC1 (local) node in the left pane.
4. Right-click the IMAGE DC1 (local) node, and then select the Properties option.
5. Click the Logging tab.
6. Select the Log all events option.
7. Click the OK button.
8. Close the Routing and Remote Access window
Task 4: Testing Logging Levels To test the logging levels, you need to perform the following steps in the Image Win8_CL1 virtual machine:
1. Switch to the Image_WinS_CL1 virtual machine.
2. Ensure that the Start screen is displayed.
3. Type Control Panel.
4. Press the Enter key. The Control Panel window is displayed.
5. Click the Network and Internet link. The Network and Internet window is displayed.
6. Click the Network and Sharing Center link in the right pane. The Network and Sharing Center window is displayed.
7. Click the Set up a new connection or network link under the Change your networking settings section. The Choose a connection option page of the Set Up a Connection or Network wizard is displayed.
8. Select the Connect to a workplace link.
9. Click the Next button.
10. Select Use my Internet connection (VPN).
11. Select I'll set up an Internet connection later.
12. Type 172.16.0.10 in the Internet address text box.
13. Ensure that the Remember my credentials check box is selected.
14. Click the Create button. The Networks pane is displayed.
15. Right-click Infogreen VPN in the Networks pane, and click View connection properties.
16. Click the Security tab.
17. Select the Allow these protocols option.
18. Ensure that the Microsoft CHAP Version 2 (MS-CHAP v2) check box is selected.
19. Click the OK button.
20. Click the Network icon (E) in the taskbar to open the Networks pane.
21. Select Infogreen %TN, and then click the Connect button. The Network Authentication pane is displayed.
22. Type Infogreen \ Administrator and PaSSwOrd in the User name and Password text boxes, respectively.
23. Click the OK button to connect with the VPN connection.
Configure RRAS as a VPN remote access solution.
Configure a new network policy for RRAS clients.
Configure logging.
Test logging levels.
Task 1: Configuring RRAS as a VPN Remote Access Solution To configure RRAS as a VPN remote access solution, you need to perform the following
1. Install the Network Policy and Access Services role in the Image_DC1 virtual machine.
2. Configure the Image DCL virtual machine as a VPN server with a static address pool for remote access clients.
3. Configure the available VPN ports on the RRAS server.
Task 1.1: Installing the Network Policy and Access Services Role in the Image DC1 Virtual MachineTo install the Network Policy and Access Services role in the Image_DC1 virtual machine, you need to perform the following steps:
1. Switch to the Image_DC1 virtual machine.
2. Ensure that the Server Manager window is open and active.
3. Click the Add roles and features link in the right pane.
4. Click the Next button. The Select installation type page is displayed.
5. Click the Next button. The Select destination server page is displayed.
6. Click the Next button. The Select server roles page is displayed.
7. Select the Network Policy and Access Services check box. The Add Roles and Features Wizard dialog box is displayed.
8. Click the Add Features button. The Select server roles page is displayed.
9. Click the Next button. The Select features page is displayed.
10. Click the Next button. The Network Policy and Access Services page is displayed.
11. Click the Next button. The Select role services page is displayed.
12. Ensure that the Network Policy Server check box is selected.
13. Click the Next button. The Confirm installation selections page is displayed.
14. Select the Restart the destination server automatically if required check box.
15. Click the Yes button. The Confirm installation selections page is displayed.
16. Click the Install button. The Installation progress page is displayed.
17. Click the Close button.
Task 1.2: Configuring the Image DC1 Virtual Machine as a IIPN Server with a Static Address Pool for Remote Access Clients
To configure the Image DC1 virtual machine as a VPN server with a static address pool for remote access clients, you need to perform the following steps:
1. Press the Windows key. The Start screen is displayed.
2. Click the Routing and Remote Access tile. The Routing and Remote Access window is displayed.
3. Select the DIAGE_DC1 (local) node in the left pane.
4. Right-click the IMAGE_DC1 (local) node, and then select the Disable Routing and Remote Access option. The Routing and Remote Access dialog box is displayed.
5. Click the Yes button. The Stopping Routing and Remote Access message box is displayed and disappears automatirAtly after a few moments.
6. Right-click the 1MAGE_DC1 (local) node, and then select the Configure and Enable Routing and Remote Access option. The Welcome to the Routing and Remote Access Server Setup Wizard page is displayed.
7. Click the Next button. The Configuration page is displayed.
8. Click the Next button. The Remote Access page is displayed.
9. Select the VPN check box.
10. Click the Next button. The VPN Connection page is displayed.
11. Select the Local Area Connection option under the Name column in the Network interfaces list.
12. Click the Next button. The IP Address Assignment page is displayed.
13. Select the From a specified range of addresses option.
14. Click the Next button. The Address Range Assignment page is displayed.
15. Click the New button. The New IPv4 Address Range dialog box is displayed.
16. Type 172.16.0.20 and 172.16.0.30 in the Start IP address and End IP address text boxes, respectively.
17. Click the OK button. The Address Range Assignment page is displayed.
18. Click the Next button. The Managing Multiple Remote Access Servers page is displayed.
19. Click the Next button. The Completing the Routing and Remote Access Server Setup Wizard page is displayed.
20. Click the Finish button. The Routing and Remote Access dialog box is displayed.
21. Click the OK button. The Routing and Remote Access message box is displayed.
22. Click the OK button. After a few moments, the Routing and Remote Access window is displayed.
Task 1.3: Configuring the Available VPN Ports on the RRAS Server
To configure the available VP/C ports on the RRAS server, you need to perform the following steps in the Image_DC1 virtual machine:
1. Ensure that the BLAGE DC1 (local) node is expanded in the left pane.
2. Select the Ports node in the left pane.
3. Right-click the Ports node in the left pane, and then select the Properties option.
4. Double-click the WAN Miniport (SSTP) option under the Name column.
5. Select and replace the existing value with 0 in the Maximum ports spin box.
6. Click the OK button. The Routing and Remote Access dialog box is displayed.
7. Click the Yes button. The Ports Properties dialog box is displayed.
8. Double-click the WAN Miniport (PPTP) option under the Name column.
9. Select and replace the existing value with 25 in the Maximum ports spin box.
10. Click the OK button. The Routing and Remote Access dialog box is displayed.
11. Click the Yes button. The Ports Properties dialog box is displayed.
12. Double-click the WAN Miniport (L2TP) option under the Name column.
13. Select and replace the existing value with 25 in the Maximum ports spin box.
14. Click the OK button. The Routing and Remote Access dialog box is displayed.
15. Click the Yes button. The Ports Properties dialog box is displayed.
16. Click the OK button. The Routing and Remote Access window is displayed.
17. Close the Routing and Remote Access window
Task 2: Configuring a New Network Policy for RRAS Clients To configure a new network policy for RRAS clients, you need to perform the following steps in the Image DC1 virtual machine:
1. Press the Windows key. The Start screen is displayed.
2. Click the Network Policy Server tile. The Network Policy Server window is displayed.
3. Expand the Policies node in the left pane.
4. Select the Network Policies node in the left pane.
5. Right-click the Network Policies node in the left pane, and then select the New option.
6. Type Secure LPN in the Policy name text box.
7. Select the Remote Access Server(VPN-Dial up) option from the Type of network access server drop-down list.
8. Click the Next button. The Specify Conditions page is displayed.
9. Click the Add button. The Select condition dialog box is displayed.
10. Scroll down the Select a condition, and then click Add list to locate the Connection Properties section.
11. Scroll down and double-click the Tunnel Type option under the Connection Properties section. The Tunnel Type dialog box is displayed.
12. Select the Layer Two Tunneling Protocol (L2TP) and Point-to-Point Tunneling Protocol (PPTP) check boxes under the Common dial-up and %TN tunnel types section.
13. Click the OK button. The Specify Conditions page is displayed.
14. Click the Next button. The Specify- Access Permission page is displayed.
15. Click the Next button. The Configure Authentication Methods page is displayed.
16. Clear the Microsoft Encrypted Authentication (MS-CHAP) check box.
17. Click the Next button. The Configure Constraints page is displayed.
18. Select the Day and time restrictions icon in the left pane under the Constraints section.
19. Select the Allow access only on these days and at these times check box in the right pane.
20. Click the Edit button. The Day and time restrictions dialog box is displayed.
21. Select the Denied option.
22. Select 12:00 PM to 6:00 PM time range from Monday to Friday.
23. Select the Permitted option.
24. Click the OK button. The Configure Constraints page is displayed.
25. Click the Next button. The Configure Settings page is displayed.
26. Select the Encryption icon under the Settings section in the left pane.
27. Clear all the check boxes except the Strongest encryption (MPPE 128-bit) check box in the right pane.
28. Click the Next button. The Completing New Network Policy page is displayed.
29. Click the Finish button. The Network Policy Server window is displayed.
30. Ensure that the Secure VPN policy is displayed under the Policy Name column in the right pane.
31. Close the Network Policy Server window.
Task 3: Configuring Logging To configure logging, you need to perform the following steps in in the Image_DC1 virtual machine:
1. Press the Windows key. The Start screen is displayed.
2. Click the Routing and Remote Access tile. The Routing and Remote Access window is displayed.
3. Select the IMAGE_DC1 (local) node in the left pane.
4. Right-click the IMAGE DC1 (local) node, and then select the Properties option.
5. Click the Logging tab.
6. Select the Log all events option.
7. Click the OK button.
8. Close the Routing and Remote Access window
Task 4: Testing Logging Levels To test the logging levels, you need to perform the following steps in the Image Win8_CL1 virtual machine:
1. Switch to the Image_WinS_CL1 virtual machine.
2. Ensure that the Start screen is displayed.
3. Type Control Panel.
4. Press the Enter key. The Control Panel window is displayed.
5. Click the Network and Internet link. The Network and Internet window is displayed.
6. Click the Network and Sharing Center link in the right pane. The Network and Sharing Center window is displayed.
7. Click the Set up a new connection or network link under the Change your networking settings section. The Choose a connection option page of the Set Up a Connection or Network wizard is displayed.
8. Select the Connect to a workplace link.
9. Click the Next button.
10. Select Use my Internet connection (VPN).
11. Select I'll set up an Internet connection later.
12. Type 172.16.0.10 in the Internet address text box.
13. Ensure that the Remember my credentials check box is selected.
14. Click the Create button. The Networks pane is displayed.
15. Right-click Infogreen VPN in the Networks pane, and click View connection properties.
16. Click the Security tab.
17. Select the Allow these protocols option.
18. Ensure that the Microsoft CHAP Version 2 (MS-CHAP v2) check box is selected.
19. Click the OK button.
20. Click the Network icon (E) in the taskbar to open the Networks pane.
21. Select Infogreen %TN, and then click the Connect button. The Network Authentication pane is displayed.
22. Type Infogreen \ Administrator and PaSSwOrd in the User name and Password text boxes, respectively.
23. Click the OK button to connect with the VPN connection.
No comments:
Post a Comment