Computer Network Technology and Application
Chapter 15 Internet Network Protocols and Technologies
Chapter 15 Internet Network Protocols and Technologies (3)
(2) SSLVPN
It is suitable for enterprises that require high flexibility. Employees can access internal company resources at different locations and use various mobile terminals or devices, such as laptops and PDAs.
The IT maintenance level of the enterprise is low, the employees know little about IT technology, and the investment in IT is not much.
SSLVPN is easy to use, does not need configuration, can be installed and used immediately; does not need a client, directly uses the embedded SSL protocol, and almost all browsers support the SSL protocol; has good compatibility, supports computers, PDAs, smart phones, A series of terminal equipment such as 3G mobile phones and applications accessed by a large number of mobile users.
SSLVPN is only suitable for Site-to-LAN (point-to-network) connections, and does not support LANto LANVPN connections.
4. The development trend of VPN
VPN is a technology that utilizes public networks to build private networks, and is accomplished through tunnels established by specially designed hardware and software that directly share IP networks.Some research institutes have shown that if an enterprise adopts VPN instead of renting a DDN dedicated line, the cost of the entire network can be saved by 21% to 45%. By more enterprises of all ages.
【chapter summary】
This chapter mainly introduces the TCP/IP system structure and several major protocols; accessing the Internet is the first step in using the Internet. This chapter introduces several methods for individuals and organizations to access the Internet. This chapter mainly considers the connection of LAN input method.
【Difficulties in this chapter】
(1) VPN technology.
(2) ADSL technical standard.
Exercise 4
[-]. Multiple choice questions
1. The network protocol used by the Internet is ().
A. TCP/IP
B. NET BIOS
C. OSI
D.SDLC
2. ADSL technology is a technology that uses () bandwidth for uploading and downloading services.
A. fixed
B.random
C. the same
D.different
3. The advantages of WLAN include ( ).
A. Easy to move the computer
B. The environment is clean
C. Easy to wire
D. All of the above
4.VLAN is suitable for enterprise internal network, campus network, etc. ().
A. Wide area network
B. Metropolitan area network
C. Access to the network
D.Local area network
5. The TCP/IP protocol is an open protocol standard. Which of the following is not its characteristic?
A. Independent of specific computer hardware and operating system
B. Uniform Addressing Scheme
C. Government Standards
D. Standardized high-level protocols
Two, short answer questions
1. Compare the TCP/IP protocol and the OSI architecture.
2. Explain the security mechanism of enterprise network interconnection VPN technology.
Experiment [-] Use VPN connection to build a local area network
【Purpose】
Learn to establish a VPN connection and form a virtual local area network to share resources within the network.
【Experimental content】
(1) Configure the VPN server.
(2) Configure the dial-in computer.
(3) Test the connectivity of the network.
[class hours] 2
【Experimental Requirements】
Master the method of VPN establishment.
【Experimental conditions】
At least two computers, one computer with Windows Server 2005 operating system installed.
【Experimental steps】
A computer with Windows Server 2005 operating system is used as a server, and a VPN virtual local area network can be built through this server, and other computers can be in a virtual local area network by dialing into this VPN server, that is to say, a virtual local area network can be established by using a VPN dial-up server. local area network.
1. Configure Windows Server 2005 VPN server
The VPN service in the server system WindowsServer 2005 is called "Routing and Remote Access". The system has installed this service by default, but it is not enabled.
(1) Enable the "Routing and Remote Access" service
Open "Routing and Remote Access" in the management tool, right-click on the listed local server, select "Configure and Enable Routing and Remote Access", and click "Next".
(2) Select "Custom Configuration" and click "Next".
(3) Select "VPN Access" and click "Next".
(4) Click "Next" to complete the configuration wizard.Click Yes to start the service.
(5) Configure the VPN server.
Right-click the server, select "Properties", select the "IP" option in the opened window, and select "Static Address Pool" in "IP Address Assignment".
Click "Add" to set the IP address range. The IP range is the virtual IP address range inside the VPN LAN. Each server that dials into the VPN will be assigned an IP within a range, and use this IP to access each other in the virtual LAN.
Set 10.10.0.1 to 10.10.0.10, a total of 10 IPs, the default VPN server occupies the first IP, so 10.10.0.1 is actually the IP address of the VPN server in the virtual LAN. The VPN server configuration is complete.
2. Add VPN users
Every computer that dials into the VPN server needs to have an account, and the default is Windows authentication, so a user should be set up for each client that needs to dial into the VPN, and a fixed internal virtual IP should be set for this user so that Clients access each other.
Add users in the computer management in the management tool, take adding a TEST user as an example.
(1) Create a new "TEST" user. After creation, check the user's properties and make corresponding settings in the "Dial-in" option.
①Set the remote access permission to "Allow access" to allow this user to dial into the server through VPN.
②Select "Assign Static IP Address" and set an IP address within the static IP pool range of a VPN server, for example, set it to 10.10.0.2.
If there are multiple client machines to access the VPN, you need to create a new user for each client and set a virtual IP address. Each client uses the user assigned to it to dial in to the VPN, so that each client After dialing into the VPN, you will get the same IP; if you do not choose to set "assign a static IP address", every time the client dials into the VPN, the VPN server will randomly assign an IP within its range to the dialing-in computer.
3. Configure the client computer
The client computer can use the Windows Server operating system or the Windows XP/VISTA operating system, and there is not much difference in the setting. Here, the client setting of the Server operating system is taken as an example.
(1) Open "Program" → "Accessories" → "Communication" → "New Connection Wizard" to start the connection wizard.
(2) Select "Connect to my workplace's network" to establish a connection, and click Next.
(3) Select "Virtual Private Network Connection", click "Next"; in the "Connection Name" window, fill in the connection name "my office", and click "Next".Enter the interface and set the corresponding IP address.
Tip: This IP address is the public IP address obtained by the VPN server.
(4) Click "Next" to complete the new connection.
After the connection is completed, you can see the newly created my office connection under the virtual private network in the network connection of the control panel.
(5) Right-click the my office connection, select "Properties", click the "Network" option in the pop-up window, select "Internet Protocol (TCP/IP)", click the "Properties" button, and then click the "Advanced" button , and the "Advanced TCP/IP Settings" interface pops up, and remove the check in front of "Use default gateway on remote network".
If this check is not removed, after the client dials in to the VPN, the remote network will be used as the default gateway. As a result, the client can only connect to the virtual LAN, but cannot access the Internet.
Next, you can start dialing into the VPN, double-click the my office connection, enter the user name and password assigned to this client, and after dialing, a network connection icon will appear in the lower right corner of the taskbar, indicating that you have dialed in to the VPN server.
Once in the virtual local area network, after the client sets up the shared folder, other clients can access its shared folder through the IP address of other clients.
(End of this chapter)
(2) SSLVPN
It is suitable for enterprises that require high flexibility. Employees can access internal company resources at different locations and use various mobile terminals or devices, such as laptops and PDAs.
The IT maintenance level of the enterprise is low, the employees know little about IT technology, and the investment in IT is not much.
SSLVPN is easy to use, does not need configuration, can be installed and used immediately; does not need a client, directly uses the embedded SSL protocol, and almost all browsers support the SSL protocol; has good compatibility, supports computers, PDAs, smart phones, A series of terminal equipment such as 3G mobile phones and applications accessed by a large number of mobile users.
SSLVPN is only suitable for Site-to-LAN (point-to-network) connections, and does not support LANto LANVPN connections.
4. The development trend of VPN
VPN is a technology that utilizes public networks to build private networks, and is accomplished through tunnels established by specially designed hardware and software that directly share IP networks.Some research institutes have shown that if an enterprise adopts VPN instead of renting a DDN dedicated line, the cost of the entire network can be saved by 21% to 45%. By more enterprises of all ages.
【chapter summary】
This chapter mainly introduces the TCP/IP system structure and several major protocols; accessing the Internet is the first step in using the Internet. This chapter introduces several methods for individuals and organizations to access the Internet. This chapter mainly considers the connection of LAN input method.
【Difficulties in this chapter】
(1) VPN technology.
(2) ADSL technical standard.
Exercise 4
[-]. Multiple choice questions
1. The network protocol used by the Internet is ().
A. TCP/IP
B. NET BIOS
C. OSI
D.SDLC
2. ADSL technology is a technology that uses () bandwidth for uploading and downloading services.
A. fixed
B.random
C. the same
D.different
3. The advantages of WLAN include ( ).
A. Easy to move the computer
B. The environment is clean
C. Easy to wire
D. All of the above
4.VLAN is suitable for enterprise internal network, campus network, etc. ().
A. Wide area network
B. Metropolitan area network
C. Access to the network
D.Local area network
5. The TCP/IP protocol is an open protocol standard. Which of the following is not its characteristic?
A. Independent of specific computer hardware and operating system
B. Uniform Addressing Scheme
C. Government Standards
D. Standardized high-level protocols
Two, short answer questions
1. Compare the TCP/IP protocol and the OSI architecture.
2. Explain the security mechanism of enterprise network interconnection VPN technology.
Experiment [-] Use VPN connection to build a local area network
【Purpose】
Learn to establish a VPN connection and form a virtual local area network to share resources within the network.
【Experimental content】
(1) Configure the VPN server.
(2) Configure the dial-in computer.
(3) Test the connectivity of the network.
[class hours] 2
【Experimental Requirements】
Master the method of VPN establishment.
【Experimental conditions】
At least two computers, one computer with Windows Server 2005 operating system installed.
【Experimental steps】
A computer with Windows Server 2005 operating system is used as a server, and a VPN virtual local area network can be built through this server, and other computers can be in a virtual local area network by dialing into this VPN server, that is to say, a virtual local area network can be established by using a VPN dial-up server. local area network.
1. Configure Windows Server 2005 VPN server
The VPN service in the server system WindowsServer 2005 is called "Routing and Remote Access". The system has installed this service by default, but it is not enabled.
(1) Enable the "Routing and Remote Access" service
Open "Routing and Remote Access" in the management tool, right-click on the listed local server, select "Configure and Enable Routing and Remote Access", and click "Next".
(2) Select "Custom Configuration" and click "Next".
(3) Select "VPN Access" and click "Next".
(4) Click "Next" to complete the configuration wizard.Click Yes to start the service.
(5) Configure the VPN server.
Right-click the server, select "Properties", select the "IP" option in the opened window, and select "Static Address Pool" in "IP Address Assignment".
Click "Add" to set the IP address range. The IP range is the virtual IP address range inside the VPN LAN. Each server that dials into the VPN will be assigned an IP within a range, and use this IP to access each other in the virtual LAN.
Set 10.10.0.1 to 10.10.0.10, a total of 10 IPs, the default VPN server occupies the first IP, so 10.10.0.1 is actually the IP address of the VPN server in the virtual LAN. The VPN server configuration is complete.
2. Add VPN users
Every computer that dials into the VPN server needs to have an account, and the default is Windows authentication, so a user should be set up for each client that needs to dial into the VPN, and a fixed internal virtual IP should be set for this user so that Clients access each other.
Add users in the computer management in the management tool, take adding a TEST user as an example.
(1) Create a new "TEST" user. After creation, check the user's properties and make corresponding settings in the "Dial-in" option.
①Set the remote access permission to "Allow access" to allow this user to dial into the server through VPN.
②Select "Assign Static IP Address" and set an IP address within the static IP pool range of a VPN server, for example, set it to 10.10.0.2.
If there are multiple client machines to access the VPN, you need to create a new user for each client and set a virtual IP address. Each client uses the user assigned to it to dial in to the VPN, so that each client After dialing into the VPN, you will get the same IP; if you do not choose to set "assign a static IP address", every time the client dials into the VPN, the VPN server will randomly assign an IP within its range to the dialing-in computer.
3. Configure the client computer
The client computer can use the Windows Server operating system or the Windows XP/VISTA operating system, and there is not much difference in the setting. Here, the client setting of the Server operating system is taken as an example.
(1) Open "Program" → "Accessories" → "Communication" → "New Connection Wizard" to start the connection wizard.
(2) Select "Connect to my workplace's network" to establish a connection, and click Next.
(3) Select "Virtual Private Network Connection", click "Next"; in the "Connection Name" window, fill in the connection name "my office", and click "Next".Enter the interface and set the corresponding IP address.
Tip: This IP address is the public IP address obtained by the VPN server.
(4) Click "Next" to complete the new connection.
After the connection is completed, you can see the newly created my office connection under the virtual private network in the network connection of the control panel.
(5) Right-click the my office connection, select "Properties", click the "Network" option in the pop-up window, select "Internet Protocol (TCP/IP)", click the "Properties" button, and then click the "Advanced" button , and the "Advanced TCP/IP Settings" interface pops up, and remove the check in front of "Use default gateway on remote network".
If this check is not removed, after the client dials in to the VPN, the remote network will be used as the default gateway. As a result, the client can only connect to the virtual LAN, but cannot access the Internet.
Next, you can start dialing into the VPN, double-click the my office connection, enter the user name and password assigned to this client, and after dialing, a network connection icon will appear in the lower right corner of the taskbar, indicating that you have dialed in to the VPN server.
Once in the virtual local area network, after the client sets up the shared folder, other clients can access its shared folder through the IP address of other clients.
(End of this chapter)
Tap the screen to use advanced tools
Tip: You can use left and right keyboard keys to browse between chapters.
You'll Also Like
-
All Beast Tamers: My beasts are all mythical!
Chapter 385 17 hours ago -
Everyone has a golden finger, and I can copy
Chapter 379 17 hours ago -
Pokémon: Rise of the Orange League
Chapter 294 17 hours ago -
Zhan Shen: Mental illness? Please call me the God of Mystery!
Chapter 227 17 hours ago -
Senior sister, please let me go. I still have seven fiancées.
Chapter 552 1 days ago -
I am in Naruto, and the system asks me to entrust the elves to someone?
Chapter 628 1 days ago -
As a blacksmith, it's not too much to wear a set of divine equipment.
Chapter 171 1 days ago -
Treasure Appraisal: I Can See the Future
Chapter 1419 1 days ago -
Immortality cultivation starts with planting techniques
Chapter 556 1 days ago -
The Lord of Ghost
Chapter 217 1 days ago
