Setup VPN Penetration Testing Lab in Server 2008

You just need to follow the basic steps for configuring a remote access virtual private network (VPN) server using Server Manager, the Add Roles Wizard, and the Routing and Remote Access Server Setup Wizard. After you finish configuring a basic remote access VPN server, you can perform additional configuration tasks on client depending on the way you want to use the remote access VPN server.


 Start -> Administrative Tools -> Server Manager. Click Add Roles


This wizard helps you install roll on your server, click on next to continue


Check the status of “Network Policy Server” under Role Services and click on next.
               
Network policy and access services provides Network Policy server (NPS), Routing and Remote Access (RRAS), Health Registration Authority (HRA), and Host Credential Authorization Protocol (HCAP) ,which help safeguard the health and security of your network.


Read the requirements and click “Next” to continue.


On the following screen “Select Role Services” for Network Policy and Access Service, place a check mark on Routing and Remote Access Services and make sure “Remote Access Service” and “Routing” are selected as well. Click next to continue.


To install following role services for Network Policy and Access Service click on Install.


This show the summary of Remote Access services and Routing were installed successfully. Once the installation finishes, click close to end the wizard.
Till here I have completed installation of VPN in server.


To complete configuration in Routing and Remote Access follow these step.
Start -> Administrative Tools ->Routing and Remote Access


In the console that opens, right click your server name and right click on “Configure and Enable Routing and Remote Access “this configures Routing and Remote Access on the selected server.


In the Wizard you can enable any of following combinations of services. I will choose Custom Configuration for my server and click on Next.

Next is Routing and Remote Access server setup wizard in which I am going to decide which type of access should be allows to client to access server network.

You can configure the selected services in the Routing and Remote Access console. I am selecting the Check Box VPN access service on this server and click on next to continue

Now you have successfully completed the task of VPN access service in your server, to close this wizard click on finish.


Now you will get the dialog box which shows message that Routing and Remote Access service is ready to use. So click on Start Service.


Once the process is finished, and you are back on the main Server Manager window, routing and remote access should now be up and running.


Once you have successfully configuration of Routing and Remote, the administrator will select the desire user and give privilege to access the server through VPN connection for connecting client from different location.

 Start -> Administrative Tools -> Active Directory Users and Computers -> Right Click the properties of an user


Click on the Dial-In tab and under “Network Access Permission” select Allow Access. Click on Apply and Ok to finish. Only selected client will be able to connect with server network through VPN using different network.

This was first phase of VPN configuration on server-side performs by administrator.


SETUP VPN CONNECTION FOR CLIENT ON WINDOWS 7

Setting up a client connection to a VPN network is very similar to setting up an old-fashioned Dial-Up connection through a phone line. You need to enter a server address (hostname or IP), user and password. Once connected, this system will receive an IP address within the VPN network, so you’ll be able to access it from any other machines also connected to the same VPN network.

Click on the Start -> Control Panel ->Network and Internet -> Network and Sharing Center
Change your network settings click on setup a new connection or network option, this contains different types of network connection options like broadband, dial-up, VPN or set up a router or access point.



 Here you can many other options as I told, I will choose connect to a workplace to set a dial-up or VPN connections to your workplace. This option will set the connection to a workplace or say to our server for the client.



Now you will see next wizard for connect to workplace, which will ask for type of connection through which you will connect to your workplace or server.
My option will be use my internet connection (VPN) and the will be established using internet.


Now for connecting network you must aware of IP address of workplace or say server. 192.168.0.106 it is the IP of my windows server 2008 r2 having VPN setup and configuration ,so I have mention this IP in Internet Address for connection.


Now I had set privilege for user pentest to Allow Access for VPN connection. When you will try to connect it will ask for your credentials for authentication. Client will enter his username and password for establishing connection and click on connect.


When given credential will be found authorized, it will allow client to connect with workplace and provide VPN connection.

This is unshared and secure connection over internet between client and server for sharing data in a transparent medium


To ensure that you have successful VPN connection open your command promot and type ipconfig this show another IP over LAN.

My IP is 192.168.0.104 under PPP adapter VPN connection, which will be used for login in server to access network and share data, as I am also having my LAN IP 192.168.0.105. This shows my VPN connection is established successfully

0 comments:

Post a Comment