إضغط لتفاصيل الإعلانات



Page 1 of 2 12 LastLast
Results 1 to 15 of 24
Share
  1. #1
    Join Date
    Feb 2008
    Posts
    532
    Blog Entries
    2
    Rep Power
    13

    Question تعالوووووا نتعلم

    ؟
    تعالوا نتعلم



    ايه اخباركم يا جماعه

    موضوعنا انهارده موضوع شيق جدا جدا والكل ان شاء الله هيستفيد منه

    انا قلت بجانب موضوع "خيركم من تعلم العلم وعلمه" ننزل مشروع "تعالوا نتعلم" ؟؟؟

    فكرة المشروع

    المنتدى بتاعنا الحمد لله فيه من مختلف المجالات الهندسيه
    وفينا ناس بسم الله ما شاء الله اكفاء فى حاجات كتير

    الفكره بتقول اننا كل واحد فينا شايف انه كفىء فى جزء معين او مجال معين او نقطه معينه يشرحها بالتفصيل الكامل لكل المنتدى

    يعنى مثلا
    فلان شايف نفسه انه قادر يشرح نقطه معينه فى مجال الشبكات
    يشرحها بالكامل ويستعين بالصور والخطوات لتنفيذها والمهندسين فى منتدانا العزيز يبدءوا يناقشوا المحاضر فى الجزء اللى بيشرحه إلى ان يتم شرحه بكل تفاصيله

    بس اهم حاجه يا جماعه ان اللى يشرح يشرح بتفصيل جدا بحيث ان حتى اللى اول مره يقرا الموضوع يفهمه

    او

    اللى عاوز يستعين بأى مساعده تكون موجوده تحت ايده وسهل انه يفهمها



    ايه رايكم فى الفكره دى؟؟؟
    يارب تعجبكم

    انا قلت على الموضوع ده انه مشروع لان بجد لو كلنا اتحادنا فيه ممكن نعملوا فيه شغل جامد اوى ونستفيد كلنا منه



    Last edited by eljoker70000; 05-07-2009 at 09:12 AM.
    إذا كان عندك ملل من الدنيا وضيق في النفس وقلق وتفكير زائدين وخوف من المستقبل وعدم راحة في العيش ،، قل لا إله إلا الله محمد رسول الله ...
    فلديك نقص في الدين وستجده إن شاء الله بالصلاة والاستغفار وطاعة أوامر الله سبحانه وتعالى .

    Best Regards,
    MOHAMMED ELJOKER
    Security Engineer

    من مواضيع eljoker70000 :



  2. Facebook Comments - تعليقـك على الفيس بوك يسعدنا ويطور مجهوداتنـا


  3. Forum Ads:

  4. Forum Ads:

    اضفط هنا لمعرفة تفاصيل الإعلانات بالموقع


  5. Forum Ads:

    -->

  6. #2
    Join Date
    Nov 2007
    Location
    Arab world!
    Posts
    6,169
    Blog Entries
    4
    Rep Power
    10

  7. #3

    Default

    معاكم ان شاء الله

    انا بشتغل photoshope cs3

    وبعمل بانرات (متواضعه طبعا) وكمان

    حاليا بدرس lillustrator &in designe

    وان شاء الله قريبا جداا ابدأ معاكم بكل اللى املكه من علم ووسائل مساعده كمان

    شكرا يابشمهندس جوكر على المبادرة والفكرة الجميله دى

  8. Forum Ads:

  9. #4
    Join Date
    Feb 2008
    Posts
    532
    Blog Entries
    2
    Rep Power
    13

    Default

    شكرا ليكم انتوا يا جماعه على التشجيع والتحفيز الجامد ده وان شاء الله كل الناس تستفيد
    إذا كان عندك ملل من الدنيا وضيق في النفس وقلق وتفكير زائدين وخوف من المستقبل وعدم راحة في العيش ،، قل لا إله إلا الله محمد رسول الله ...
    فلديك نقص في الدين وستجده إن شاء الله بالصلاة والاستغفار وطاعة أوامر الله سبحانه وتعالى .

    Best Regards,
    MOHAMMED ELJOKER
    Security Engineer

    من مواضيع eljoker70000 :


  10. #5
    Join Date
    Feb 2008
    Posts
    532
    Blog Entries
    2
    Rep Power
    13

    Default

    مين ناوى يقص الشريط ويبتدى اول واحد
    مين مين مين؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟

    إذا كان عندك ملل من الدنيا وضيق في النفس وقلق وتفكير زائدين وخوف من المستقبل وعدم راحة في العيش ،، قل لا إله إلا الله محمد رسول الله ...
    فلديك نقص في الدين وستجده إن شاء الله بالصلاة والاستغفار وطاعة أوامر الله سبحانه وتعالى .

    Best Regards,
    MOHAMMED ELJOKER
    Security Engineer

    من مواضيع eljoker70000 :


  11. Forum Ads:

  12. #6
    Join Date
    Jan 2008
    Location
    Egypt
    Posts
    3,946
    Blog Entries
    1
    Rep Power
    16

    Default

    فكرة روووووووعة جدا يا جوكر والله
    وفعلا ربنا يجازيك الف خير على افكارك اللى كلها خير
    واللى غرضها أكيد نشر العلم للجميع وتشجيع الغير على فعل المثل
    انت فعلا بتحسسنا بالغيرة اننا ليه مانعملشى زيك
    وناخد الثواب والدعوات الحلوة اللى انت عمال تجمعها لوحدك

    ومع انى اخدت منحة جرافيك واخدت فيها برامج رائعة

    لكنى للاسف مش هاعرف أشرح بالكتابة والصور هنا زى ما ممكن اشرحه فى الكلاس
    لكن اللى عنده مشكلة فى اى برنامج من البرامج دى
    Adobe:
    Photoshop CS2, Illustrator CS2 , InDesign CS2, ImageReady CS2, Premiere Pro.
    Autodesk:
    3ds Max 8, AutoCAD2006

    Discreet:
    Combustion 4

    · Macromedia:
    Director MX 2004, Flash MX 2004, Dreamweaver 8

    ممكن اساعده فيها على قدر استطاعتى
    واعتقد بما انك صاحب فكرة الموضوع يا جوكر
    فيبقى انت اللى تاخد المبادرة وتقص الشريط
    Last edited by hopy_braya; 07-07-2009 at 05:14 PM.

    MCP,MCSA,MCSE
    ACE,ICDL
    ******
    يا قارئ خطى لا تبكى على موتى
    ******
    فاليوم انا معك وغدا فى التراب فان عشت فانى معك وان مت فللذكرى
    ******

    من مواضيع hopy_braya :


  13. #7
    Join Date
    Feb 2008
    Posts
    532
    Blog Entries
    2
    Rep Power
    13

    Default

    هههههههههههههه
    ايه التدبيسه اللى انا حطيت نفسى فيها دى
    وعلى العموم ماشى يا هوبى
    ولا شكر على واجب احنا كلنا بنكمل بعض

    وده اللى ان شاء الله هنعملوه فى الشرح ممكن اكون كفىء فى برنامج معين بس نسيت اشرح نقطه او شرحتها بسرعه ممكن ساعتها اى حد من اخواتنا يكملها معايا بحيث تكون كل افكارنا اتجمعت فى حاجه واحده
    Last edited by eljoker70000; 22-07-2009 at 08:09 PM.
    إذا كان عندك ملل من الدنيا وضيق في النفس وقلق وتفكير زائدين وخوف من المستقبل وعدم راحة في العيش ،، قل لا إله إلا الله محمد رسول الله ...
    فلديك نقص في الدين وستجده إن شاء الله بالصلاة والاستغفار وطاعة أوامر الله سبحانه وتعالى .

    Best Regards,
    MOHAMMED ELJOKER
    Security Engineer

    من مواضيع eljoker70000 :


  14. #8
    Join Date
    Feb 2008
    Posts
    532
    Blog Entries
    2
    Rep Power
    13

    Default

    اسف يا جماعه اذا كنت اخرت عليكم بس انا كنت بدور على موضوع مفيد لينا كلنا نتكلم فيه
    والحمد لله لاقيته
    وهنزله على مراحل لانه كبير شويه والصور والخطوات كتيره بصراحه

    ان شاء الله يعجبكم

    انا بكتب فيه دلوقتى
    إذا كان عندك ملل من الدنيا وضيق في النفس وقلق وتفكير زائدين وخوف من المستقبل وعدم راحة في العيش ،، قل لا إله إلا الله محمد رسول الله ...
    فلديك نقص في الدين وستجده إن شاء الله بالصلاة والاستغفار وطاعة أوامر الله سبحانه وتعالى .

    Best Regards,
    MOHAMMED ELJOKER
    Security Engineer

    من مواضيع eljoker70000 :


  15. #9

    Default

    انا فى الانتظار

    أنا بحب اقرأ وأتعلم حاجات جديدة وممكن أجرب كمان

    جزاك الله خيرا يابشمهندس جوكر

  16. #10
    Join Date
    Feb 2008
    Posts
    532
    Blog Entries
    2
    Rep Power
    13

    Default

    بسم الله الرحمن الرحيم

    توكلنا على الله

    VPN

    مشروعنا انهارده يا جماعه عباره عن لاب فيه 5 اجهزه 4 منهم ويندوز 2003 سيرفر والخامس اكس بى

    فى المشروع بتاعنا ان شاء الله هنتعلم اننا نعمل
    VPN

    • Point-to-Point Tunneling Protocol (PPTP)


    • Layer Two Tunneling Protocol (L2TP)


    • with Internet Protocol security (L2TP/IPsec) connection


    • and a VPN connection that uses certificate-based Extensible Authentication Protocol-Transport Level Security (EAP-TLS) authentication


    Certificate Server

    Internet Authentication Service



    اولا هنشتغلوا فى
    PPTP VPN

    نبداء بجهاز 2003 سيرفر
    Enterprise

    خلى اى بى الجهاز كالاتى
    172.16.0.1
    255.255.255.0
    واسمه
    DC1

    هنزلوا عليه DC كالاتى
    start --->run--->
    dcpromo
    then press enter

    Welcome to the Active Directory Installation Wizard-----> next----> Operating System Compatibility---->next---> Domain controller for a new domain--->next----> Domain in a new forest--->اختار ----> just install and configure DNS on this computer----> فى اسم الدومين هنكتب --->example.com--->next--->example--->next-->
    Accept the default Database and Log Folders directories
































    Raise the domain functional level

    1. Open the Active Directory Domains and Trusts snap-in from the Administrative Tools folder, and then right-click the domain computer dc1.egyeng.com.

    2. Click Raise Domain Functional Level, select Windows Server 2003 on the Raise Domain Functional Level page, and then click Raise, as shown in the following figure.






    Install and configure DHCP


    • from control panel ----add or remove prog--->add/remove windows components---->network services---->DHCP



    then



    • open DHCP from administrative tools ---->action---->authorize -to authorize dhcp service




    • In the console tree, right-click dc1.example.com, and then click New Scope


    new scope wizard ---> on scope name type External








    click next --->in ip range type in start 172.16.0.10
    in end ip 172.16.0.100









    next on add excluation ---> next -lease duration- ---->next---> on configure dhcp options click yes --->







    click next ---> router (default gateway) --->next --->on domain name and dns page type example.com in the parent domain ---> and ---> in IP address 172.16.0.1 then click add







    then next --->wins server ---->next---> click yes I want to active this scope now










    Install Certificate Services

    "ان شاء الله يا جماعه هنتكلم عن موضوع الــــ
    Certificate
    بالتفصيل فى حلقات قادمه ان شاء الله

    ده طبعا بعد اذن الجميع لو مفيش حد عاوز ياخد الموضوع ده"

    in control panel --->add or remove orog --->add /remove win components --->certificate services componant then type example CA
























    then finish





    • Open the Active Directory Users and Computers snap-in.


    • In the console tree, open example.com.


    • Right-click Users, point to New, and then click Computer.


    • In the New Object - Computer dialog box, type IAS1 in Computer name. This is shown in the following figure








    • Click Next. In the Managed dialog box, click Next. In the New Object - Computer dialog box, click Finish.


    • Use steps 3 through 5 to create additional computer accounts with the following names: IIS1, VPN1, and CLIENT1.


    • In the console tree, right-click Users, point to New, and then click User.


    • In the New Object - User dialog box, type VPNUser in First name, and type VPNUser in User logon name. This is shown in the following figure.















    • Click Next.


    • In the New Object - User dialog box, type a password of your choice in Password and Confirm password. Clear the User must change password at next logon check box and select the Password never expires check box. This is shown in the following figure.













    • In the New Object - User dialog box, click Finish.


    • In the console tree, right-click Users, point to New, and then click Group.


    • In the New Object - Group dialog box, type VPNUsers in Group name, and then click OK. This is shown in the following figure.












    • In the details pane, double-click VPNUsers.


    • Click the Members tab, and then click Add.


    • In the Select Users, Contacts, Users, or Groups dialog box, type vpnuser in Enter the object names to select. This is shown in the following figure












    • Click OK. In the Multiple Names Found dialog box, click OK. The VPNUser user account is added to the VPNUsers group. This is shown in the following figure.











    • Click OK to save changes to the VPNUsers group.




    دلوقتى نبداء بالجهاز التانى
    win server 2003 standard
    RADIUS authentication, authorization, and accounting for VPN1
    ip 172.16.0.2
    sup 255.255.255.0
    dns 172.16.0.1


    in control Panel -----> add or remove programs ---->win componante --->network service --->install Internet Authentication Sevice

    Internet Authentication Service from the Administrative Tools



    then right click on it and choose register server in active directory
    When the Register Internet Authentication Server in Active Directory dialog box appears, click OK




    In the console tree, right-click RADIUS Clients, and then click New RADIUS Client.

    • On the Name and Address page of the New RADIUS Client wizard, for Friendly name, type VPN1. In Client address (IP or DNS), type 172.16.0.4. This is shown in the following figure









    Click Next. On the Additional Information page of the New RADIUS Client wizard, for Shared secret, type a shared secret for VPN1, and then type it again in Confirm shared secret. This is shown in the following figure.








    Click Finish.







    • In the console tree, right-click Remote Access Policies, and then click New Remote Access Policy.


    • On the Welcome to the New Remote Access Policy Wizard page, click Next.


    • On the Policy Configuration Method page, type VPN remote access to intranet in Policy name. This is shown in the following figure






































    Click Next. On the Authentication Methods page, the Microsoft Encrypted Authentication version 2 (MS-CHAPv2) authentication protocol is selected by default. This is shown in the following figure






    Click Next. On the Policy Encryption Level page, clear the Basic encryption and Strong encryption check boxes, leaving only Strongest encryption selected. This is shown in the following figure










    • Click Next. On the Completing the New Remote Access Policy page, click Finish





    Configure Windows Firewall on IAS1




    In Control Panel, double-click Windows Firewall.

    In the Windows Firewall dialog box, click the Exceptions tab.

    Click Add Port, and in the Add a Port dialog box add the following port exceptions





    You must click Add Port on the Exceptions tab for each port exception


    Name ---------- port no-------------- protocol
    Legacy RADIUS
    --------------1645----------------- UDP
    Legacy RADIUS --------------1646 ---------------- UDP
    RADIUS Accounting -----------------1812----------------- UDP
    RADIUS Authentication----------------- 1813 -------------------- UDP












    ونكمل الحلقه القادمه ان شاء الله
    Last edited by eljoker70000; 23-07-2009 at 03:26 AM.
    إذا كان عندك ملل من الدنيا وضيق في النفس وقلق وتفكير زائدين وخوف من المستقبل وعدم راحة في العيش ،، قل لا إله إلا الله محمد رسول الله ...
    فلديك نقص في الدين وستجده إن شاء الله بالصلاة والاستغفار وطاعة أوامر الله سبحانه وتعالى .

    Best Regards,
    MOHAMMED ELJOKER
    Security Engineer

    من مواضيع eljoker70000 :


  17. #11
    Join Date
    Feb 2008
    Posts
    532
    Blog Entries
    2
    Rep Power
    13

    Default

    الحلقه الثانيه



    VPN1

    VPN1 is a computer running Windows Server 2003 with SP1, Standard Edition, that is providing VPN server services for Internet-based VPN clients.
    1. Install Windows Server 2003 with SP1, Standard Edition, as a member server named VPN1 in the example.com domain.
    2. Open the Network Connections folder.
    3. For the intranet local area connection, rename the connection to exterrnal.






    4. Configure the TCP/IP protocol for the CorpNet connection with the IP address of 172.16.0.4, the subnet mask of 255.255.255.0, and the DNS server IP address of 172.16.0.1.
    5. Configure the TCP/IP protocol for the Internet connection with the IP address of 10.0.0.2 and the subnet mask of 255.255.255.0.


    Windows Firewall and Routing and Remote Access cannot run simultaneously on VPN1. If Windows Firewall is turned on, you will need to turn it off; if the Windows Firewall/Internet Connection Sharing (ICS) service has started or is set to automatic before you configure Routing and Remote Access, you must disable it.


    1. Click Administrative Tools, and then click Services.
    2. In the Services details pane, right-click Windows Firewall/Internet Connection Sharing (ICS) service, and then click Properties.
    3. If the service Startup Type is either Automatic or Manual, change it to Disabled.
    4. Click OK to close the Windows Firewall/Internet Connection Sharing (ICS) dialog box, and then close the Services page.




    Configure Routing and Remote Access




    1. Run the Routing and Remote Access snap-in from the Administrative Tools folder.
    2. In the console tree, right-click VPN1, then and click Configure and Enable Routing and Remote Access.
    3. On the Welcome to the Routing and Remote Access Server Setup Wizard page, click Next.
    4. On the Configuration page, Remote access (dial-up or VPN) is selected by default.










    Click Next. On the Remote Access page, select VPN.







    Click Next. On the VPN Connection page, click the Internet interface in Network interfaces.






    Click Next. On the IP Address Assignment page, Automatically is selected by default.










    Click Next. On the Managing Multiple Remote Access Servers page, click Yes, set up this server to work with a RADIUS server.








    Click Next. On the RADIUS Server Selection page, type 172.16.0.2 in Primary RADIUS server and the shared secret in Shared secret.










    10. Click Next. On the Completing the Routing and Remote Access Server Setup Wizard page, click Finish.
    11. You are prompted with a message describing the need to configure the DHCP Relay Agent.









    12. Click OK.
    13. In the console tree, open VPN1 (local), then IP Routing, and then DHCP Relay







    15. Click Add, and then click OK



    CLIENT1

    CLIENT1 is a computer running Windows XP Professional with SP2 that is acting as a VPN client and gaining remote access to intranet resources across the simulated Internet.




    CLIENT1

    CLIENT1 is a computer running Windows XP Professional with SP2 that is acting as a VPN client and gaining remote access to intranet resources across the simulated Internet.




    Installing Windows XP Professional with SP2 also installs and automatically turns on Windows Firewall. Leave Windows Firewall turned on for this scenario. You will not need to configure any port or program exceptions







    Add the VPNUser account in the example.com domain to the local Administrators group.
    4. Log off and then log on using the VPNUser account in the example.com domain.
    5. In Control Panel, open the Network Connections folder, obtain properties on the Local Area Network connection, and then obtain properties on the Internet protocol (TCP/IP).
    6. Click the Alternate Configuration tab, and then click User configured.
    7. In IP address, type 10.0.0.1. In Subnet mask, type 255.255.255.0.




    8. Click OK to save changes to the TCP/IP properties. Click OK to save changes to the Local Area Network connection.
    9. Shut down the CLIENT1 computer.
    10. Disconnect CLIENT1 from the intranet network segment, and connect it to the simulated Internet network segment.
    11. Restart CLIENT1 and log on using the VPNUser account.
    12. On CLIENT1, in Control Panel, open the Network Connections folder.
    13. In Network Tasks, click Create a new connection.
    14. On the Welcome to the New Connection Wizard page of the New Connection Wizard, click Next.
    15. On the Network Connection Type page, click Connect to the network at my






























    Click Properties, and then click the Networking tab.
    On the Networking tab, in Type of VPN, click PPTP VPN. .









    Click OK to save changes to the PPTPtoCorpnet connection. The Connect PPTPtoCorpnet dialog box appears.
    24. In User name, type example\VPNUser. In Password, type the password you chose for the VPNUser account.
    . Click Connect.
    . When the connection is complete, run Internet Explorer.
    . If prompted by the Internet Connection Wizard, configure it for a LAN connection. In Address, type http://IIS1.example.com/iisstart.htm. You should see a message saying the Web page is under construction.
    . Click Start, click Run, type \\IIS1\ROOT, and then click OK. You should see the contents of the local drive (drive C) on IIS1.
    . Right-click the PPTPtoCorpnet connection, and then click Disconnect.




    L2TP/IPsec-based Remote Access VPN Connections

    L2TP/IPsec-based remote access VPN connections require computer certificates on the VPN client and the VPN server. L2TP/IPsec is typically used when there are stronger requirements for security and a public key infrastructure (PKI) is in place to issue computer certificates to VPN clients and servers





    1. Open the Active Directory Users and Computers snap-in.
    2. In the console tree, double-click Active Directory Users and Computers, right-click the example.com domain, and then click Properties.
    3. On the Group Policy tab, click Default Domain Policy, and then click Edit.
    4. In the console tree, open Computer Configuration, open Windows Settings, open Security Settings, open Public Key Policies, and then open Automatic Certificate Request Settings










    5. Right-click Automatic Certificate Request Settings, point to New, and then click Automatic Certificate Request.
    6. On the Welcome to the Automatic Certificate Request Setup Wizard page, click Next.
    7. On the Certificate Template page, click Computer













    8. Click Next. On the Completing the Automatic Certificate Request Setup Wizard page, click Finish. The Computer certificate type now appears in the details pane of the Group Policy Object Editor snap-in.








    9. Type gpupdate at a command prompt to update Group Policy on DC1





    CLIENT1

    To obtain a computer certificate on CLIENT1 and then configure an L2TP/IPsec-based remote access VPN connection, perform the following steps.




    1. Shut down the CLIENT1 computer.
    2. Disconnect CLIENT1 from the simulated Internet network segment, and connect it to the intranet network segment.
    3. Restart CLIENT1 and log on using the VPNUser account. The computer and user Group Policy is automatically updated.
    4. Shut down CLIENT1.
    5. Disconnect CLIENT1 from the intranet network segment, and connect it to the simulated Internet network segment.
    6. Restart CLIENT1 and log on using the VPNUser account.
    7. On CLIENT1, in Control Panel, open the Network Connections folder.
    8. In Network Tasks, click Create a new connection.
    9. On the Welcome to the New Connection Wizard page of the New Connection Wizard, click Next.
    10. On the Network Connection Type page, click Connect to the network at my workplace



























    Click Properties, and then click the Networking tab.
    On the Networking tab, in Type of VPN, click L2TP IPSec VPN.







    Click OK to save changes to the L2TPtoCorpnet connection. The Connect L2TPtoCorpnet dialog box appears.
    In User name, type example\VPNUser. In Password, type the password you chose for the VPNUser account.
    21. Click Connect.
    When the connection is established, run the Web browser.
    In Address, type http://IIS1.example.com/iisstart.htm. You should see a message saying the Web site is under construction.
    . Click Start, click Run, type \\IIS1\ROOT, and then click OK. You should see the contents of the local drive (drive C) on IIS1.
    Right-click the L2TPtoCorpnet connection, and then click Disconnect.





    Last edited by eljoker70000; 31-07-2009 at 12:14 AM.
    إذا كان عندك ملل من الدنيا وضيق في النفس وقلق وتفكير زائدين وخوف من المستقبل وعدم راحة في العيش ،، قل لا إله إلا الله محمد رسول الله ...
    فلديك نقص في الدين وستجده إن شاء الله بالصلاة والاستغفار وطاعة أوامر الله سبحانه وتعالى .

    Best Regards,
    MOHAMMED ELJOKER
    Security Engineer

    من مواضيع eljoker70000 :


  18. #12
    Join Date
    Feb 2008
    Posts
    532
    Blog Entries
    2
    Rep Power
    13

    Default

    EAP-TLS-based Remote Access VPN Connections

    EAP-TLS-based remote access VPN connections require a user certificate on the VPN client and a computer certificate on the IAS server. EAP-TLS is for authenticating your VPN connection with the most secure user-level authentication protocol. Locally installed user certificates, enabled in the following steps, make it easier to set up a test lab. In a production environment, it is recommended that you use smart cards, rather than locally installed user certificates, for EAP-TLS authentication



    in DC1


    1. Click Start, click Run, type mmc, and then click OK.
    2. On the File menu, click Add/Remove Snap-in, and then click Add.
    3. Under Snap-in, double-click Certificate Templates, click Close, and then click OK.
    4. In the console tree, click Certificate Templates. All of the certificate templates will be displayed in the details pane





    6. On the Action menu, click Duplicate Template.
    7. In the Template display name box, type VPNUser.
    8. Verify that the Publish Certificate in Active Directory check box is selected






    9. Click the Security tab.
    10. In the Group or user names list, click Domain Users.
    11. In the Permissions for Domain Users list, select the Read, Enroll, and Autoenroll check boxes so that these permissions are allowed







    12. Click the Subject Name tab.
    13. Clear the Include E-mail name in subject name and E-mail name check boxes. Because you did not configure an e-mail name for the VPNUser user account, you must clear these check boxes to allow a user certificate to be issued








    14. Click OK.
    15. Open the Certification Authority snap-in from the Administrative Tools folder.
    16. In the console tree, open Certification Authority, open Example CA, and then open Certificate Templates








    17. On the Action menu, point to New, and then click Certificate Template to Issue.
    18. Click VPNUser. This is shown in the following figure









    then press ok




    20. Open the Active Directory Users and Computers snap-in.
    21. In the console tree, double-click Active Directory Users and Computers, right-click the example.com domain, and then click Properties.
    22. On the Group Policy tab, click Default Domain Policy, and then click Edit.
    23. In the console tree, open User Configuration, open Windows Settings, open Security Settings, and then open Public Key Policies. This is shown in the following figure




    24. In the details pane, double-click Autoenrollment Settings.
    25. Click Enroll certificates automatically. Select the Renew expired certificates, update pending certificates, and remove revoked certificates check box. Select the Update certificates that use certificate templates check box










    IAS1

    Configure IAS1 with a computer certificate for EAP-TLS authentication
    1. Restart IAS1 to ensure that IAS1 has autoenrolled a computer certificate.
    2. Open the Internet Authentication Service snap-in.
    3. In the console tree, click Remote Access Policies.
    4. In the details pane, double-click VPN remote access to intranet. The VPN remote access to intranet Properties dialog box appears






    5. Click Edit Profile, and then click the Authentication tab






    6. On the Authentication tab, click EAP Methods. The Select EAP Providers dialog box appears


    7. Click Add. The Add EAP dialog box appears






    8. Click Smart Card or other certificate, and then click OK.
    9. Click Edit. The Smart Card or other Certificate Properties







    10. The properties of the computer certificate issued to the IAS1 computer are displayed. This step verifies that IAS1 has an acceptable computer certificate installed to perform EAP-TLS authentication. Click OK.
    11. Click OK to save changes to EAP providers. Click OK to save changes to the profile settings.
    12. When prompted to view help topics, click No. Click OK to save changes to the remote access policy.
    These configuration changes will allow the VPN remote access to intranet remote access policy to authorize VPN connections using the EAP-TLS authentication method.





    CLIENT1

    Obtain a user certificate on CLIENT1, and then configure an EAP-TLS-based remote access VPN connection





    1. Shut down the CLIENT1 computer.
    2. Disconnect CLIENT1 from the simulated Internet network segment, and connect it to the intranet network segment.
    3. Restart CLIENT1 and log on using the VPNUser account. The computer and user Group Policy is automatically updated.
    4. Shut down CLIENT1.
    5. Disconnect CLIENT1 from the intranet network segment, and connect it to the

    6. Restart CLIENT1 and log on using the VPNUser account.
    7. On CLIENT1, in Control Panel, open the Network Connections folder.
    8. In Network Tasks, click Create a new connection.
    9. On the Welcome to the New Connection Wizard page of the New Connection Wizard, click Next.
    10. On the Network Connection Type page, click Connect to the network at my workplace.
    11. Click Next. On the Network Connection page, click Virtual Private Network connection.
    12. Click Next. On the Connection Name page, type EAPTLStoCorpnet in Company Name.
    13. Click Next. On the Public Network page, click Do not dial the initial connection.
    14. Click Next. On the VPN Server Selection page, type 10.0.0.2 in Host name or IP address.
    15. Click Next. On the Connection Availability page, click Next.
    16. On the Completing the New Connection Wizard page, click Finish. The Connect EAPTLStoCorpnet dialog box appears



    17. Click Properties, and then click the Security tab.
    18. On the Security tab, click Advanced, and then click Settings. The Advanced Security Settings dialog box appears.
    19. In the Advanced Security Settings dialog box, click Use Extensible Authentication Protocol (EAP)







    20. Click Properties. In the Smart Card or other Certificate Properties dialog box, click Use a certificate on this computer





    21. Click OK to save changes to the Smart Card or Other Certificate dialog box. Click OK to save changes to the Advanced Security Settings. Click OK to save changes to the Security tab. The connection is immediately initiated using the installed user certificate. The first time you try to connect, it may take several attempts to successfully make a connection.
    22. When the connection is successful, run the Web browser.
    23. In Address, type http://IIS1.example.com/iisstart.htm. You should see a message saying the Web site is under construction.
    24. Click Start, click Run, type \\IIS1\ROOT, and then click OK. You should see the contents of the local drive (drive C) on IIS1.
    25. Right-click the EAPTLStoCorpnet connection, and then click Disconnect




    The END
    I hope that my explain in good way
    ABD Elghaffar

    It's only for EGY ENG

    Last edited by eljoker70000; 31-07-2009 at 05:16 AM.
    إذا كان عندك ملل من الدنيا وضيق في النفس وقلق وتفكير زائدين وخوف من المستقبل وعدم راحة في العيش ،، قل لا إله إلا الله محمد رسول الله ...
    فلديك نقص في الدين وستجده إن شاء الله بالصلاة والاستغفار وطاعة أوامر الله سبحانه وتعالى .

    Best Regards,
    MOHAMMED ELJOKER
    Security Engineer

    من مواضيع eljoker70000 :


  19. #13
    Join Date
    Nov 2007
    Location
    Arab world!
    Posts
    6,169
    Blog Entries
    4
    Rep Power
    10

  20. #14
    Join Date
    Feb 2008
    Posts
    532
    Blog Entries
    2
    Rep Power
    13

    Default

    Thanks Eng Fouad
    إذا كان عندك ملل من الدنيا وضيق في النفس وقلق وتفكير زائدين وخوف من المستقبل وعدم راحة في العيش ،، قل لا إله إلا الله محمد رسول الله ...
    فلديك نقص في الدين وستجده إن شاء الله بالصلاة والاستغفار وطاعة أوامر الله سبحانه وتعالى .

    Best Regards,
    MOHAMMED ELJOKER
    Security Engineer

    من مواضيع eljoker70000 :


  21. #15
    Join Date
    Jan 2008
    Location
    Egypt
    Posts
    3,946
    Blog Entries
    1
    Rep Power
    16

    Default

    وانا كمان مش لاقية والله كلام
    اشكر بيه الجوكر على أمانته واخلاصه
    ومجهوده الخرافى ونيته الصادقة
    للعمل لوجه الله و بدون اى مقابل
    حقيقى يا جوكر انت ربنا هيكرمك
    وهيديك على اد نيتك وحبك
    لعمل الخير ومساعدة الناس
    جزاك الله الف الف خير
    وجعله الله فى ميزان حسناتك

Similar Threads

  1. Replies: 15
    Last Post: 02-12-2010, 12:20 AM
  2. في عيد الاضحى......نتعلم كيف نفرح
    By bondo2h in forum Engineers discussions
    Replies: 3
    Last Post: 07-12-2008, 08:43 PM
  3. لو بقيت رئيس جمهورية مصر هتعمل ايه؟
    By Mr.Mosty in forum Engineers discussions
    Replies: 23
    Last Post: 19-10-2008, 01:53 PM
  4. هتعمل ايه لو قبلت حد كده؟!!!!!!!
    By bondo2h in forum Engineers discussions
    Replies: 7
    Last Post: 02-07-2008, 04:55 AM
  5. Replies: 4
    Last Post: 04-04-2008, 10:39 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

أقسام المنتدى

الروابط النصية

تابع جروبنا على الفيس بوك

صفحة Egypt Engineers على الفيس بوك

تابعنا على linkedin

جروبنا على الياهو جروب