Professional Documents
Culture Documents
Client To Site Certificate L2TP
Client To Site Certificate L2TP
Cc bc ci t :
Trn my AD Server : + Ci t AD v DC + Cu hnh DNS + To User VPN Cc bc ny tng t nh bi Client to Site Trn my VPN Server : + Join domain : Vo Properties ca My Computer
+ Ci t Certificate Service Vo Server Manager Chn Roles Chn Add Roles nh du vo Active Directory Certificate Services Next
Next Next Chn Certification Authority web Enrollment Chn Add Required Services
- Trong Tab Subject Name > Chn vo Supply in the request > Hp thoi hin ln nhn OK
- Trong Certification Authority > Nhn phi vo Certificate Templates > New > Certificate template to issue
- M Internet Explore > Nhp a ch http://localhost/certsrv > Chn Request new certificate
- Nhn Yes
- Nhn Yes
+ Move Certificate vo Computer - Nhn vo Start > g MMC > Trong Console1 > File > Add/Remove snap-in
- Nhn OK
- Trong Console1 > Chn Certificates Current user > Chn Personal > Certificates - Nhn phi vo VPNServer.TruongTan.Local > Chn All Task > Export
- Nhn Next - Chn Yes, export the private key > Nhn Next Hnh nh ny c thay i kch thc. Click vo y xem hnh nh gc vi kch thc l 503x453
- Trong File to Export > Nhn Browse > La chn v tr lu, v d Desktop
- Nhn Next > Nhn Finish> Thng bo ca h thng export thnh cng
- Trong Console1 > Chn Certificates (Local Computer) > Chn Personal > Certificates - Nhn phi vo Certificates > Chn All Task > Import
- Nhn Next - Nhn Browse - Chn Desktop > La chn file type l Personal Information Exchange > Chn file Cert > Open
- Cc hp thoi tip theo mc nh > Finish - Kim tra Certificate c move thnh cng
+ Ci t Routing and Remote Access - M Server Manager > Nhn phi Roles > Add Roles
- Chn Next - Chn Routing and Remote Access Services > Next
- Vo Start > Administrative Tools > M Routing and remote access - Nhn phi vo VPNServer > Chn Configure and enable
- Nhn New
Nhn Finish
- Nhn OK
Trn My Client + Cu hnh Host File - Chn Start > nhp vo ng dn %windir%\system32\drivers\etc\hosts
+ Client cu hnh Trust Root certificate - M Internet Explorer > nhp vo ng dn http://192.168.1.2/certsrv
Chn Start > MMC > Trong Console1 > Chn File > Add/Remove Snap-in
- Nhn OK
- Nhn Next
- M Internet Explore > Nhp a ch http://192.168.1.2/certsrv > Chn Request new certificate - Chn Advanced certificate request - Chn Create and submit a request to this CA
Chn Certificate Template : VPNCert in tn vo phn Name l tn ca Client
+ Move Certificate vo Computer - Nhn vo Start > g MMC > Trong Console1 > File > Add/Remove snap-in
- Nhn OK
Current User Personal Certificates Click chut phi ln certificate chn export
Vo Network Connection Click chut phi ln biu tng kt ni . Tab Sercurity Chn L2TP/ IPSec OK
Connect
Kt ni thnh cng