Eicon Networks S92 Manual do Utilizador descarregar pdf (Página 121)

YuChakTinMichael‘sGIACGCFWProjectAssignment

Page 121

SecurityPolicy:

Thesecuritypoliciestobeenforcedhereare:

1. OnlyPPTPconnectionsfromthelegitimateexternalpartners/suppliersare

allowed.

2. Nootherinbound/outboundtraffictypesareallowedthroughthisrouter.That

means,dropandlogeverythingelse.

ConfigureW2K_VPN:

BasedontheunderstandingofourVPNmodel,wecan take thenecessarystepsto

configuresuchaVPN.Thesestepsare:

1.InstallhardwareintheVPNserver

2.ConfigureTCP/IPontheadapters

3.InstalltheRoutingandRemoteAccessservice

4.Enableanyauthenticationmethod

5.Configurestaticroutestoreachintranetlocations

6.IncreasethenumberofPPTPports tosuittheneedofGIAC

7.ConfigurePPTPpacketfilters

W2K_VPNhasthefollowinginterfaces:

n 192.168.6.2(toRouter_Eiconcard)

n 192.168.16.5(tothecoreswitch/Core_Net)

BeforetakingthestepstoconfigurethisVPNserver,itisimportantforustoharden

thissystem.InformationonhowtohardenWindows2000isavailableinAssignment

1.

ConfigureRRAS:

Toconfigure VPNonW2K_VPN,wemustensurethatitactsasaRemoteAccess

Server.Regardingauthentication,weuseWindowsAuthenticationasthe

authenticationprovider.Thecorrespondinguseraccountshavetobesetuponthis

1 2 ... 116 117 118 119 120 121 122 123 124 125 126 ... 208 209

Sem comentários

Eicon Networks S92 Manual do Utilizador Página 121