ISA Server 2004 UNLEASHED [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

ISA Server 2004 UNLEASHED [Electronic resources] - نسخه متنی

Michael Noel

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید






Configuring ISA 2004 to Integrate with Third-Party VPN Tunnel Products


If the remote network is connected to a non-Microsoft third-party VPN product, the IPSec Tunnel Mode option is the only protocol that can be supported. Fortunately, using IPSec Tunnel mode to set up a remote site network is relatively straightforward.

Setting Up an IPSec Tunnel Mode VPN Connection


As with L2TP over IPSec protocol methods, IPSec in tunnel mode can be set up to use either certificates based authentication or shared-key methods. The same security concepts apply for this scenario as well, and the pre-shared key is inherently less secure than a certificates-based approach. That said, certain third-party products may only support shared key, and ISA supports either implementation.

Configuring the Third-Party VPN Site


To use the IPsec tunnel mode to define a remote site, perform the following steps on the local ISA Server:


1.

Open the ISA Server Management console.

2.

Select the Virtual Private Networks (VPN) node from the console tree.

3.

Select the Remote Sites tab from the Details pane.

4.

Select Add Remote Site Network from the Tasks pane.

5.

Enter the name of the connection in the Network Name field; for example, enter Toronto and click Next.

6.

Select IP Security protocol (IPSec) tunnel mode, as shown in Figure 10.11, and click Next to continue.

Figure 10.11. Creating an IPSec tunnel mode remote site for third-party VPN support.

7.

Enter the remote IP address of the VPN third-party gateway and enter the local VPN gateway IP Address. Click Next to continue.

8.

On the IPSec Authentication page, enter whether to use certificates or a pre-shared key for authentication. In this example, a pre-shared key is entered. Click Next to continue.

9.

Add the network ranges of the remote network. For example, use 10.10.20.0 as the starting address and 10.10.20.255 as the ending address.

10.

Click Finish, Apply, and OK to save the changes.


Configuring the Third-Party VPN Server


After ISA has been configured with the information of the remote site VPN server, that server then needs to be configured to recognize ISA as a VPN gateway as well. This process varies between the various ISA VPN products, so it is recommended to consult the documentation of the product in question on how to set up an IPSec tunnel back to the ISA Server.

As with PPTP and L2TP connections, network and firewall rules must be set up between the newly configured networks to make sure that traffic can properly flow between them.


/ 191