I-SSTP VPN: Konke Ongathanda Ukukwazi
Mar 07, 2022 • Kufakwe ku: Ukufinyelela Iwebhu Ngokungaziwa • Izisombululo ezifakazelwe
I-SSTP ubuchwepheshe bobunikazi obasungulwa yi-Microsoft. Imele i-Secure Socket Tunnel Protocol futhi yethulwa okokuqala ku-Microsoft Vista. Manje, ungakwazi ukuxhuma kalula ku-SSTP VPN kuzinguqulo ezidumile ze-Windows (ne-Linux). Ukusetha i-SSTP VPN Ubuntu ye-Windows akuyona inkimbinkimbi kakhulu. Kulo mhlahlandlela, sizokufundisa indlela yokusetha i-SSTP VPN Mikrotik futhi uyiqhathanise namanye amaphrothokholi adumile futhi.
Ingxenye 1: Iyini i-SSTP VPN?
I-Secure Socket Tunnel Protocol iyiphrothokholi yomhubhe esetshenziswa kabanzi engasetshenziswa ukwakha eyakho i-VPN. Ubuchwepheshe bathuthukiswa yi-Microsoft futhi bungatshalwa ngomzila owuthandayo, njenge-Mikrotik SSTP VPN.
- • Isebenzisa i-Port 443, ebuye isetshenziswe uxhumano lwe-SSL. Ngakho-ke, ingaxazulula izinkinga ze-firewall NAT ezenzeka ku-OpenVPN ngezinye izikhathi.
- • I-SSTP VPN isebenzisa isitifiketi sokuqinisekisa esizinikele kanye nokubethela okungu-2048-bit, okuyenza ibe enye yezivumelwano ezivikeleke kakhulu.
- • Ingadlula kalula izindonga zomlilo futhi inikeze ukwesekwa kwePerfect Forward Secrecy (PFS).
- • Esikhundleni se-IPSec, isekela ukudluliswa kwe-SSL. Lokhu kuvumela ukuzulazula esikhundleni sokudluliswa nje kwephoyinti nephoyinti kwedatha.
- • I-drawback kuphela ye-SSTP VPN ukuthi ayinikezi ukusekelwa kwamadivayisi eselula afana ne-Android ne-iPhone.
Ku-SSTP VPN Ubuntu ye-Windows, imbobo 443 isetshenziswa njengoba ukuqinisekiswa kwenzeka ekupheleni kweklayenti. Ngemva kokuthola isitifiketi seseva, uxhumano luyasungulwa. Amaphakethe e-HTTPS nawe-SSTP abe esedluliswa esuka kuklayenti, okuholela ezingxoxweni ze-PPP. Uma isixhumi esibonakalayo se-IP sesinikeziwe, iseva neklayenti bangadlulisela kalula amaphakethe edatha.
Ingxenye 2: Uyisetha kanjani i-VPN nge-SSTP?
Ukusetha i-SSTP VPN Ubuntu noma iWindows kuhluke kancane ku-L2TP noma i-PPTP. Noma ubuchwepheshe bukhona ku-Windows, uzodinga ukulungisa i-Mikrotik SSTP VPN. Ungasebenzisa noma iyiphi enye irutha futhi. Nakuba, kulesi sifundo, sicabangele ukusethwa kwe-SSTP VPN Mikrotik ku-Windows 10. Le nqubo iyafana nakwezinye izinguqulo ze-Windows kanye ne-SSTP VPN Ubuntu futhi.
Isinyathelo 1: Ukuthola Isitifiketi Sokugunyazwa Kweklayenti
Njengoba wazi, ukuze umise i-Mikrotik SSTP VPN, sidinga ukudala izitifiketi ezizinikele. Ukuze wenze lokhu, iya kokuthi Isistimu > Izitifiketi bese ukhetha ukwakha isitifiketi esisha. Lapha, unganikeza igama le-DNS ukuze usethe i-SSTP VPN. Futhi, idethi yokuphelelwa yisikhathi kufanele ivumeleke izinsuku ezingama-365 ezilandelayo. Usayizi oyinhloko kufanele ube ngu-2048 bit.
Ngemva kwalokho, hamba kuthebhu yokusetshenziswa kokhiye bese unika amandla uphawu lwe-crl kuphela nesitifiketi sokhiye. sayina izinketho.
Londoloza izinguquko zakho ngokuchofoza inkinobho ethi "Sebenzisa". Lokhu kuzokuvumela ukuthi udale isitifiketi seseva se-SSTP VPN Mikrotik futhi.
Isinyathelo sesi-2: Dala Isitifiketi Seseva
Ngendlela efanayo, udinga ukudala isitifiketi seseva futhi. Inikeze igama elifanele bese usetha usayizi wokhiye ku-2048. Ubude besikhathi bungaba yinoma yini ukusuka ku-0 kuye ku-3650.
Manje, hamba kuthebhu yokusetshenziswa kokhiye bese uqinisekisa ukuthi akukho okunye okukhethwa kukho okunikwe amandla.
Vele uchofoze inkinobho ethi "Sebenzisa" bese uphuma efasiteleni.
Isinyathelo sesi-3: Sayina isitifiketi
Ukuze uqhubeke, kufanele usayine isitifiketi sakho uwedwa. Vele uvule Isitifiketi bese uchofoza inketho ethi "Sign". Nikeza igama le-DNS noma ikheli le-IP elimile bese ukhetha ukuzisayina ngokwakho isitifiketi.
Ngemva kokusayina, ngeke ukwazi ukwenza izinguquko esitifiketini.
Isinyathelo sesi-4: Sayina isitifiketi seseva
Ngendlela efanayo, ungasayina nesitifiketi seseva. Ungase udinge ukhiye oyimfihlo owengeziwe ukuze uwenze uvikeleke kakhulu.
Isinyathelo sesi-5: Nika amandla iseva
Manje, udinga ukunika amandla iseva ye-SSTP VPN futhi udale Imfihlo. Vele uye ezinkethweni ze-PPP bese uvula iseva ye-SSTP. Ukufakazela ubuqiniso kufanele kube “mschap2” kuphela. Futhi, khubaza inketho yesitifiketi seklayenti yokuqinisekisa ngaphambi kokulondoloza lezi zinguquko.
Ngaphezu kwalokho, dala Imfihlo ye-PPP entsha. Nikeza igama lakho lomsebenzisi, iphasiwedi kanye nekheli le-LAN lerutha yakho ye-Mikrotik. Futhi, ungacacisa ikheli le-IP leklayenti elikude lapha.
Isinyathelo sesi-6: Ukukhipha isitifiketi
Manje, sidinga ukuthekelisa isitifiketi sokuqinisekisa iklayenti. Ngaphambili, qiniseka ukuthi i-port 443 ivuliwe.
Vele uvule isixhumi esibonakalayo se-Router yakho kanye futhi. Khetha isitifiketi se-CA bese uchofoza inkinobho ethi "Khipha". Setha umushwana wokungena oqinile wokuthekelisa.
Kuhle! Cishe sesifikile. Iya kusixhumi esibonakalayo somzila bese ukopisha-unamathisele isitifiketi se-CA ku-Windows drive.
Ngemva kwalokho, ungakwazi ukwethula iwizadi ukuze Ngenisa Isitifiketi Esisha. Khetha umshini wendawo njengomthombo.
Kusuka lapha, ungaphequlula isitifiketi osidalile. Ungaphinda usebenzise i-"certlm.msc" futhi ufake isitifiketi sakho usuka lapho.
Isinyathelo sesi-7: Dala i-SSTP VPN
Ekugcineni, ungaya kokuthi Iphaneli Yokulawula > Inethiwekhi Nezilungiselelo bese ukhetha ukudala i-VPN entsha. Nikeza igama leseva futhi uqiniseke ukuthi uhlobo lwe-VPN lufakwe kuhlu njenge-SSTP.
Uma i-SSTP VPN isidaliwe, ungaya kusixhumi esibonakalayo se-Mikrotik. Ukusuka lapha, ungabuka i-Mikrotik SSTP VPN engeziwe. Manje usungakwazi ukuxhuma kule SSTP VPN Mikrotik noma nini.
Ingxenye 3: I-SSTP vs. PPTP
Njengoba wazi, i-SSTP ihluke kakhulu ku-PPTP. Isibonelo, i-PPTP iyatholakala cishe kuzo zonke izinkundla ezihamba phambili (okuhlanganisa i-Android ne-iOS). Ngakolunye uhlangothi, i-SSTP ivela ku-Windows.
I-PPTP futhi iyiphrothokholi yomhubhe esheshayo uma iqhathaniswa ne-SSTP. Noma kunjalo, i-SSTP iyindlela evikeleke kakhulu. Njengoba isuselwe ethekwini elingakaze livinjwe ama-firewall, ingadlula kalula ukuphepha kwe-NAT nama-firewall. Okufanayo akukwazi ukusetshenziswa ku-PPTP.
Uma ufuna iphrothokholi ye-VPN yezidingo zakho zomuntu siqu, ungahamba ne-PPTP. Ingase ingavikeleki njenge-SSTP, kodwa kulula kakhulu ukuyimisa. Kukhona futhi amaseva e-PPTP VPN atholakala mahhala.
Ingxenye 4: I-SSTP iqhudelana ne-OpenVPN
Nakuba i-SSTP ne-PPTP zihluke kakhulu, i-OpenVPN ne-SSTP zabelana ngokufana okuningi. Umehluko omkhulu ukuthi i-SSTP ingeyeMicrosoft futhi isebenza kakhulu ezinhlelweni zeWindows. Ngakolunye uhlangothi, i-OpenVPN iwubuchwepheshe bomthombo ovulekile futhi isebenza cishe kuwo wonke amapulatifomu amakhulu (okuhlanganisa ideskithophu nezinhlelo zeselula).
I-SSTP ingadlula zonke izinhlobo zomlilo, okuhlanganisa nalezo ezivimba i-OpenVPN. Ungakwazi ukumisa kalula insiza ye-OpenVPN ngokusebenzisa ukubethela okukhethile. Kokubili, i-OpenVPN ne-SSTP kuphephe kakhulu. Noma kunjalo, ungenza ngendlela oyifisayo i-OpenVPN ngokoshintsho kunethiwekhi yakho, engeke ifinyelelwe kalula ku-SSTP.
Ukwengeza, i-OpenVPN ingadonsa i-UDP namanethiwekhi futhi. Ukuze usethe i-OpenVPN, uzodinga isofthiwe yomuntu wesithathu kuyilapho ukusetha i-SSTP VPN ku-Windows kulula.
Manje uma wazi izisekelo ze-SSTP VPN nokuthi ungasetha kanjani i-Mikrotik SSTP VPN, ungakwazi ukuhlangabezana nezimfuneko zakho kalula. Vele uhambe nephrothokholi ye-VPN oyikhethile futhi uqiniseke ukuthi unolwazi oluphephile lokuphequlula.
I-VPN
- Ukubuyekezwa kwe-VPN
- Izinhlu eziphezulu ze-VPN
- Izinhlelo ze-VPN
James Davis
abasebenzi Mhleli