We used Windows system, "Routing and Remote Access" component set up VPN server, but this method is more complicated configuration. If you can network firewall and VPN capabilities integrated with, you can simplify the set up process, and can also use firewall policies enhance the security of VPN services. Kerio Winroute Firewall (hereinafter referred to KWF) is such a tool, built-in VPN server, and can also use the built-in KWF features enhanced security, easy VPN management, how to use the KWF VPN server set up, with the following terms on the right !
Install VPN server
KWF built-in VPN services, VPN services and the installation process is very simple, it does not need a separate configuration, VPN services, firewall installation and KWF installation is synchronized. From http://www.cloudnet.com.cn/download/WinRoute-
Firewall-Antivirus.exe Download KWF software, which can be used in Windows 2000/XP/2003 systems, run the KWF firewall setup, by default, will install the VPN service, but also remember that in the "Administrator Account" dialog box for the administrator set the initial account password, you can complete the installation of VPN services.
Tip: the process of installing the VPN server will pop-up "Kerio VPN Adapter driver has not passed Windows Logo testing ... ..." dialog box, do not ignore the error message, click "Continue" button.
Configuring VPN server
1. Start the VPN service
Restart the Windows system, complete the VPN server installation, but then not start the VPN service. Double-click the system tray "KWF icon", the console login dialog box pops up in the "Host" column select "Localhost", then in the "Username" and "Password" Enter the administrator account and password, click "Connect" button, you can log on to the KWF console.
Start the VPN service is fully automated, the first log KWF console will pop up "Network rules Wizard" dialog box, then all the way click on the "Next (Next)", but to ensure that the fifth page, select "Yes, I want to use Kerio VPN "option, and finally click" Finish "button to complete the VPN service starts.
2. Configuring VPN parameters
Completed the VPN service starts, then even a simple VPN configuration parameters. In the KWF in turn the console on the left frame click on "Configuration → Interfaces" option, and then double-click in the right frame "VPN Server" project, pop-up VPN Server Properties configuration dialog box, switch to the "General" tab. By default, VPN services, VPN client will randomly generate a different internal network to your local C-class network address, but this may not be able to meet the needs of the network address, you can manually modify according to their needs.
To ensure the security of VPN networks, VPN services also use "SSL Certificate" encryption of information networks, and VPN services, this certificate is automatically generated. If you want to modify the "SSL Certificate" is also very simple, click on the "General" tab under the "Change SSL Certificate" button, pop-up "Server SSL Certificate" dialog box, click the "Generate Certificate ..." button, then enter the SSL certificate information, and finally Click "OK" button to generate a new certificate.
To modify the listening port VPN service is also very simple, default "4090." Switch to the "Advanced" tab, in the "Listen on port" column you can enter the new port value.
After the completion of the above parameter settings VPN, VPN Server Properties remember click configuration dialog in the "OK" button to save modified settings.
3. Create a VPN account
Although the completion of the VPN service over the startup and parameter configuration, but then still can not log VPN client VPN network, the legitimate needs of the user account.
In the KWF console window, then click click "Users and Groups → Users", you can create the right frame VPN account. Click the "Add" button to bring up the Create Account Wizard dialog box, in the "Name" column enter the VPN account, such as "CCE1VPN", then in the "Authentication" drop-down list box, select "Internal user database" item, then we still have two times enter the VPN account password.
Two clicks "Next" button, enter the user permission settings dialog box, here designated according to the actual needs of the user's permission, but must select "User can connect using VPN" key, or VPN users can not connect VPN server.
Click "Next" after entering "limit" dialog box, where users can VPN to limit network traffic, such as restrictions on "CCE1VPN" 账号 the total daily flow for the 100MB, here we must select the "Enable daily limit" election item, then "Direction" drop-down list, select "all traffic", in the "Quota" column enter "100", the unit select "MB", thus completing the user's traffic restrictions. Click "Next" after the contents of the strategy set for the VPN users, KWF default firewall is not allowed access to the Internet through the KWF, here you can use the default value.
Click "Next" button, enter to "Automatic Login" Settings dialog box, if "CCE1VPN" account to use the IP addresses are no special restrictions, may not be any restrictions, and finally click "Finish" button to complete the creation of VPN accounts.
4. Automatically generate VPN traffic strategy
When the KWF VPN service started, you'll find in the console's "Traffic policy" frame in two more on the VPN service strategy, its role is to allow external VPN users to access VPN services, and to allow VPN clients and mutual visits within the network. No need for manual configuration, auto-complete the VPN service on the public network release.
Log in VPN network
More complete VPN server's settings. The next remote clients can connect to the VPN server, and from "http://www.cloudnet.com.cn/download/WinRoute-
vpnclient.exe "Download Kerio VPN client, run after installation. In the VPN Client dialog box, click the" Add "button to bring up the Edit VPN server dialog box, in the" Server "field enter the VPN server's IP address," Username "and "Password" box enter the VPN account and password, and finally click "OK" button.
The following dialog box in the VPN client to select just the new option, then click on the bottom of the "Connect" button, wait, VPN client can be connected to the VPN network.
Kerio VPN client and VPN client in general is slightly different, it is log on to the VPN server, will automatically update the local routing table, will not make any changes to other content. Therefore Kerio VPN client can simultaneously connect to multiple VPN servers, and will not create any conflict, this is the other VPN client very difficult to achieve.