VPN connection for Microsoft Windows systems
VPN service is used to connect external computers an specific the
VLAN, with remote management purposes. Only the L2TP/IPSEC VPN
protocol with digital certificates authentication is supported.
Computers with Windows 2000 or Windows XP without SP2 require update KBQ818043. You can only connect a single client from each public IP address (even behind a NAT), and each user can only maintain one VPN session simultaneously.
Requirements
To connect to the VPN service ask your system administrator:
- File <customer>-VPNCA.crt
- VPN Certification Authority.
- This file can be downloaded from the SSL Certificates, page.
- It can be identified as "VPN INTERNAL CA CERTIFICATE"
- VPN IP address.
- It is the same IP address used to access the Cloud management system.
- It is the IP address corresponding to the name of your
Cloud-Bricks node.
- You can get by solving the name of your node through the nslookup
command, for example:
#nslookup sample1.cloud-bricks.net
- The following information can be obtained from the VPN Users page.
- File <user>-vpn.p12 (User certificate for the VPN connection).
- File <user>-vpn.key (Private key connection)
- Username and password with permissions to connect to the VPN.
Install Certification Authority
Execute the "mmc" command:
Add the Snap-in certificates.
Manage Certificates for Local Computer:
Select Local computer.
- Navigate to "Console Root" → "Certificates (Local Computer)" → "Trusted Root Certification Authorities" → "Certificates"..
- Right click and choose the "All Tasks" → Import option
The "Certificate Import Wizard" starts:
Select where to store the certificate.
Install User Certificate
Now we will import the user certificate in the "Personal" folder
The password to import the certificate is the same password used to connect the VPN.
Select where to store the certificate.
The process
ends with success.
Create the VPN connection
In the Windows Control Panel, navigate to Network and sharing Center:
