ComputersCov khoom

L2TP Mikrotik: qhov chaw. khoom Mikrotik

Tam sim no ntau thiab ntau tuam txhab uas muag thiab lawv cov ceg yuav sib sau ua ke rau hauv ib cov lus qhia network, li ntawd, lo lus nug no yog heev tseem ceeb. Tsis tas li ntawd feem ntau nws xav tau kev pab yuav tsum tau muab ib tug network rau neeg ua hauj lwm los ntawm qhov twg nyob rau hauv lub ntiaj teb no. Ces ua li cas kom integrate network, qhov no tsab xov xwm no yuav piav li cov piv txwv ntawm kev hloov lub ciaj ciam ntawm L2TP. Mikrotik, chaw uas yog tau piav tom qab, yog pom tias yuav tau ib tug zoo xaiv rau ob qho tib si hauv tsev thiab chaw ua hauj lwm. Vim HAP lite feature, koj yuav tau nrog me ntsis kev rau siab mus ua hauj lwm nrog tej thaj chaw deb rau txhua tus neeg ua hauj lwm. Performance router tso cai mus ua hauj lwm nyob rau hauv me me chaw ua hauj lwm, qhov chaw uas lub hauv pem hauv ntej ntawm ib lub tuam txhab tsis ua ntau dhau heev lawm yuav tsum tau.

Heev feem ntau nyob rau hauv tib lub zos network nrog chaw ua hauj lwm thiab ceg. Lawv ua hauj lwm nrog tib neeg zov me nyuam, yog li lub teeb liab kev twb kev txuas cov txheej txheem yog haum straightforward. Nws yuav tsum tau muab sau tseg hais tias feem ntau heev ceg yog nyob rau ntawm ib tug deb deb ntawm lub ntsiab qhov chaw thiab los ntawm txhua lwm yam. Feem ntau cov yuav tsum muaj thiab cov thaum lub caij ib tug technology hu ua Virtual Private Network (VPN). Nws muaj peev xwm muab los siv nyob rau hauv ntau txoj kev. Nws tsis pom zoo kom siv cov PPTP, raws li cov technology yog outdated, thiab OpenVPN. Cov yav tas yuav tsis sib txuas lus nrog tag nrho cov pab kiag li lawm.

L2TP raws tu qauv

Vim tus kwv tij nyob rau ntawm lub L2TP raws tu qauv Mikrotik, uas hloov yuav tau piav tom qab, nws tau khiav rau ntau operating systems. Nws yog suav tias yog qhov zoo tshaj plaws lub npe hu. Teeb meem nrog lawv yuav tsuas tshwm sim thaum tus neeg yuav qab leej. Nyob rau hauv cov ntaub ntawv no, tshwj xeeb software yuav thaiv nws tej pob khoom. Muaj ntau txoj kev mus rau qhov chaw no qhov teeb meem. Qhov no raws tu qauv nws muaj nws cov drawbacks.

Piv txwv li, cov neeg hauv lub L2TP yuav ntshai li kev ruaj ntseg thiab kev kawm ntawv. Thaum IPSec yog siv los ua rau kom qhov kev ruaj ntseg theem, tus thib ob feem yog txo. Qhov no thiaj li hu ua cov ntaub ntawv kev ruaj ntseg nqi.

Teem tau cov neeg rau zaub mov

Tus tswv neeg rau zaub mov yuav tsum muaj ib tug zoo li qub tus IP-qhov chaw nyob yam. Muaj yog nws tus yam ntxwv: 192.168.106.246. Qhov no nuance yog heev tseem ceeb, vim hais tias qhov chaw nyob nyob rau hauv txhua rooj plaub yuav tsum tsis txhob hloov. Txwv tsis pub, tus tswv tsev thiab lwm cov neeg yuav tau siv ib tug DNS-lub npe thiab muaj teeb meem rau koj tus kheej nrog ruaj ua.

Tsim profiles

Yuav kom tsim tau ib lub profile, koj yuav tau mus nyob rau hauv lub PPP seem. "Profiles" Yuav muaj ib cov zaub mov. Ntxiv nws yog tsim nyog los tsim lub profile uas yuav tsum muaj ntaub ntawv mus rau lub hom VPN sib txuas, i.e. ib zaug xwb network. Nws yuav tsum tau muab sau tseg, thiab muaj xws li hauv qab no: "Hloov TCP MSS», «Siv compression", "Siv Encryption". Raws li rau lub yav tas kev xaiv, nws yuav siv sij hawm lub neej ntawd tus nqi. Peb mus txuas ntxiv mus ua hauj lwm nrog cov router Mikrotik. L2TP neeg rau zaub mov thiab qhov chaw yog heev, yog li ntawd koj yuav tsum saib txhua kauj ruam.

Tom ntej no, cov neeg siv yuav tsum tau mus rau lub "Interface" tab. Muaj yuav tsum xyuam xim rau cov L2TP-neeg rau zaub mov. Ib cov lus qhia zaub mov nyob rau hauv uas mus nias lub khawm "Pab kom". Cov profile yuav xaiv los ntawm neej ntawd hais, raws li nws yog nws thiab tsim ib tug me ntsis ua ntej lawm. Yog hais tias koj xav tau, koj muaj peev xwm hloov lub hom authentication. Tab sis yog hais tias tus neeg siv tsis to taub dab tsi, nws yog ib qhov zoo tshaj plaws rau tawm hauv lub neej ntawd hais tus nqi. IPsec kev xaiv yuav tsum nyob twj ywm unactivated.

Tom qab uas tus neeg siv yuav tsum tau mus rau lub "Secrets" thiab tsim tau ib cov neeg siv nyob rau hauv lub network. Nyob rau hauv cov kem "neeg rau zaub mov" koj yuav tsum qhia kom meej L2TP. Yog hais tias qhov kev kawm no qhia cov profile uas yuav tau siv nyob rau hauv Mikrotik. Configuring L2TP neeg rau zaub mov thiab yuav luag tiav lawm. Hauv zos thiab tej thaj chaw deb neeg rau zaub mov qhov chaw nyob yuav tsum yog tib yam, qhov txawv yog lawv muaj tsuas kawg ob tug lej. Qhov no tus nqi 10.50.0.10/11 feem. Yog hais tias tsim nyog, koj yuav tsum tau tsim ntxiv cov neeg siv. Local chaw nyob, txawm li cas los, tseem unchanged, tab sis tej thaj chaw deb yog tsim nyog los maj mam nce mus rau tib tus nqi.

Configuring lub firewall

Nyob rau hauv thiaj li yuav ua hauj lwm nrog ib tug unified network, koj yuav tsum mus qhib ib tug tshwj xeeb ntawm UDP chaw nres nkoj. Nws nce txoj cai ua ntej thiab txav rau txoj hauj lwm saum toj no. Tib txoj kev mus cuag ib tug zoo ua hauj lwm L2TP. Mikrotik configuration yog nyuab, tab sis nws yeej muaj ib txhia dag zog. Ntxiv mus, lub tuner yuav tsum teev nyob rau hauv mus ntxiv ib leej thiab masquerading. Qhov no yog ua li cas thiaj li hais tias cov computers yuav tau pom nyob rau hauv tib network.

ntxiv txoj kev

tej thaj chaw deb subnet yog tsim thaum lub sij hawm tag nrho cov qhov chaw. Hais tias nws yuav tsum tau teev lawv. Qhov kawg tus nqi ntawm qhov subnet yuav 192.168.2.0/24. Rooj vag kuj ua nyob rau tib lub qhov chaw nyob ntawm tus neeg nyob rau hauv lub network xwb. Target ntim yuav tsum tau sib koom siab. Thaum no tag nrho kawg neeg rau zaub mov configuration, koj tsuas tuav neeg parameter hloov.

Configuring tus neeg

Los ntawm ntxiv kev kho me ntsis L2TP technology "Mikrotik" neeg configuration yuav tsum tau them zoo mloog. Nws yog tsim nyog los mus rau lub "Interface" seem thiab tsim ib tug tshiab L2TP neeg hom. Koj yuav tsum qhia kom meej rau neeg rau zaub mov qhov chaw nyob thiab lub peev xwm. Encryption yog xaiv los ntawm lub neej ntawd, lub neej ntawd kev xaiv nyob ze qhov lawv yog tsim nyog los tshem tawm cov ua kom daim tshev. Yog hais tias ua kom raug, ces tom qab txuag kev twb kev txuas yuav tsum tshwm sim nyob rau hauv lub L2TP network. Mikrotik, uas teeb yog yuav luag tiav, yog ib qho zoo heev kev xaiv rau siv nrog VPN.

Peb xyuas kev kawm ntawm lub tsim ntshav nyob rau hauv ib daim phiaj. Sau tus nqi ntawm 192.168.1.1. Cov kev twb kev txuas yuav tsum tau pib dua. Nws yog yog li ntawd tsim nyog los tsim ib tug tshiab zoo li qub txoj kev hom. Nws yog ib tug subnet hom 192.168.1.0/24. Rooj vag - lub virtual network chaw nyob rau zaub mov. Lub "qhov twg los" yog tsim nyog qhia kom meej rau qhov chaw nyob ntawm tus neeg siv network. Tom qab rechecking ntshav operability thiaj li hu ua ping nws yuav pom tias lub compound tshwm. Txawm li cas los, computers nyob rau hauv daim phiaj tseem tsis pom nws. Nyob rau hauv thiaj li yuav pab kom lawv mus cuag, tsim masquerading. Nws yuav tsum tau tag nrho zoo ib yam li dab tsi twb tau tsim rau hauv lub neeg rau zaub mov. Wherein cov qhov tso zis interface muaj ib tug nqi VPN-hom kev twb kev txuas. Yog hais tias lub ping rau fruition, ces txhua yam yuav tsum ua hauj lwm. Lub qhov yog tsim, lub computers muaj peev xwm txuas rau thiab ua hauj lwm nyob rau hauv daim phiaj. Nrog zoo tariff pob tau yooj yim muab tau cov kev ceev ntawm 50 megabits ib ob. Tej qhov taw qhia yuav ua tau tiav xwb nyob rau hauv cov ntaub ntawv ntawm tsis ua hauj lwm ntawm lub tshuab (siv L2TP) IPSec nyob rau hauv Mikrotik.

Nyob rau hauv cov txuj no network configuration yog ua kom tiav. Yog hais tias ib tug tshiab neeg siv ntxiv, nws yuav tsum tau nyob rau hauv nws ntaus ntawv mus rau ntxiv lwm txoj kev. Ces tus ntaus ntawv yuav pom txhua lwm yam. Yog hais tias ices lawv los ntawm Client1 thiab Client2, ces tej chaw rau cov neeg rau zaub mov yuav tsis tau hloov. Koj muaj peev xwm tsuas tsim kev, thiab teem lub rooj vag qhov chaw nyob ntawm lub network tus nrog sib ntaus.

Configuring L2TP thiab IPSec nyob rau hauv Mikrotik

Yog hais tias koj yuav tau saib xyuas kev ruaj ntseg, koj yuav tsum tau siv IPSec. Koj tsis tas yuav mus tsim ib tug tshiab network, koj yuav siv tau rau ib tug laus. Thov nco ntsoov tias koj yuav tsum tsim cov raws tu qauv ntawm cov chaw nyob ntawm hom 10.50.0. Qhov no yuav tso cai rau cov technology mus ua hauj lwm, tsis hais dab tsi tus neeg qhov chaw nyob.

Yog hais tias muaj yog ib tug muaj siab los tsim ib qho IPSec qhov nyob rau hauv Mikrotik ntawm neeg rau zaub mov thiab tus thov kev pab lub WAN, ces koj yuav tsum tau kom paub tseeb hais tias cov tom kawg yog ib tug sab nraud qhov chaw nyob. Yog hais tias nws yog dynamic, nws yog tsim nyog los hloov lub raws tu qauv kev cai los ntawm kev siv scripts. Yog hais tias IPSec yog enabled ntawm lwm cov chaw nyob, nyob rau hauv Feem ntau, thiab qhov yuav tsum tau rau L2TP yuav raug txo mus rau ib tug tsawg kawg nkaus.

Check kev kawm

Nco ntsoov qhov kawg ntawm lub chaw uas koj xav mus xyuas qhov kev kawm. Qhov no yog vim lub fact tias thaum uas siv L2TP / IPSec encapsulation tshwm sim los ntawm ob-yam, uas txhais tau tias cov CPU yog hnyav heev. Feem ntau, thaum twg koj tsim tau ib lub network nws yuav pom tias lub kev twb kev txuas ceev dauv. Ua kom nws los ntawm kev tsim ib co 10 ntws. Lub processor yuav ces yuav loaded yuav luag ib puas feem pua. Qhov no yog lub ntsiab disadvantage ntawm L2TP IPSec technology Mikrotik. Nws yog mus rau lub detriment ntawm kev ua tau zoo kuas nyiaj pab ntau tshaj kev ruaj ntseg.

Nyob rau hauv thiaj li yuav tau ib tug zoo ceev, koj yuav tau mus yuav ib theem siab ntawm txheej txheem. Koj yuav tau xaiv rau ib tug router uas txhawb nqa kev ua hauj lwm nrog ib lub computer thiab RouterOS. Yog hais tias nws yuav muaj encryption kho vajtse tsev, kev kawm ntawv ho pab txoj kev. Tu siab, pheej yig khoom Mikrotik no tshwm sim yuav tsis tau.

Similar articles

 

 

 

 

Trending Now

 

 

 

 

Newest

Copyright © 2018 hmn.delachieve.com. Theme powered by WordPress.