By THEAM DARA, dara.theam@gmail.

com

HOW TO CREATE SITE TO SITE VPN (L2TP)

ENABLE VPN AND REMOTE ACCESS SERVICE

1- we do on “Routing and Remote Access console”

2- choose service you want to enable

By THEAM DARA, dara.theam@gmail.com

3- choose what you need

4- select the interface connect to internet and disable stateful firewall

By THEAM DARA, dara.theam@gmail.com

5- select the source ip that server will provide to client

6- create ip range for client – if we use automatic we don’t need to create it will choose from dhcp server
By THEAM DARA, dara.theam@gmail.com

7- we choose to get the authenticate source from the vpn server, or we can choose from RADIUS server

8- finish enable vpn remote access server

=== NOTE ===

Completing this step, you can use Remote Access client (PPTP) to connect to server

EXAMPLE TO MAKE A CONNECTION TO SERVER ON WINDOWS XP

By THEAM DARA, dara.theam@gmail.com

1- select to “network connection”

2- create new vpn connection

By THEAM DARA, dara.theam@gmail.com

3- follow through

4- follow trough
By THEAM DARA, dara.theam@gmail.com

5- name your connection

6- follow through
By THEAM DARA, dara.theam@gmail.com

7- enter your server ip

8- then follow the screen until finish

=== YOU GET A INTERFACE TO YOUR VPN SERVER BUT YOU HAVE TO HAVE A USER NAME
AND PASSWORD TO CONNECT TO IT ===

THE USER ACCOUNT MUST ENABLE ON SERVER IN ORDER TO DAIL IN. DO SHOW
1- we use computer management console
By THEAM DARA, dara.theam@gmail.com

2- double click on user that you allow to dail in

3- in dail-in tab select “allow access “

=== NOW YOU ARE READY TO DAIL-IN USING USER DARA ===
By THEAM DARA, dara.theam@gmail.com

1- double click on your new interface you just created in “Network Connections” named “my workplace at
Phnom Penh”

2- when you finish you will see the result

=== FINISH REMOTE ACCESS CONNECTION (PPTP) ===

By THEAM DARA, dara.theam@gmail.com

NOW I PROCEED TO SITE TO SITE CONNECTION (L2TP)

- I will edit the above server to make it became site-to-site vpn server
- You need to have 2 server to make it work

MAKE IT TO BECAME SITE-TO-SITE SERVER

1- we still use “routing are remote access” console

By THEAM DARA, dara.theam@gmail.com

2- select security tap to add PRE-SHARED KEY phrase

3- do like this on both servers

=== WE HAVE TO ADD STATIC ROUTE TO MAKE CLIENT ON BOTH CAN COMMUNICATE WITH
EACHE OTHER ===

172.16.138
outside 192.168.5.1
inside
intern
Vpn1 et Vpn2
192.168.4.2
inside
172.16.1.153
outside

ADD STATIC ROUTE IN ORDER TO MAKE BOTH LOCAL NETWORK CONNECT EACH OTHER
By THEAM DARA, dara.theam@gmail.com

1- we still use “routing and remote access” console

2- add the route on vpn2 from lan on vpn2 to lan on vpn1

3- do this also on vpn1

=== FINISH CONFIGURE ON BOTH SERVER SO IT CAN USE SITE-TO-SITE VPN ===
=== NOTE WE HAVE TO DIAL ON BOTH SERVER TO EACH OTHER, BUT LOCAL NETWORK ON
BOTH SITES CAN COMMUNICATE WITH EACH OTHER ===
By THEAM DARA, dara.theam@gmail.com

MAKE L2TP INTERFACE

1- it is the same as the one we created above, but only a little configure to make it become L2TP interface

2- on security tab type the PRE-SHARED KEY phrase

By THEAM DARA, dara.theam@gmail.com

3- do this on other vpn too, then dial-in on both servers

=== AFTER DAIL-IN ON BOTH SERVER YOU WILL HAVE THIS RESULT ===

================FINISH BOTH PPTP AND L2TP VPN===================

ANY CONSULTANT CONTACT dara.theam@gamil.com

===========================================