{"id":433,"date":"2013-01-29T22:16:00","date_gmt":"2013-01-29T14:16:00","guid":{"rendered":"http:\/\/note.systw.net\/note\/?p=433"},"modified":"2023-11-01T22:19:09","modified_gmt":"2023-11-01T14:19:09","slug":"tunnel-vpn","status":"publish","type":"post","link":"https:\/\/systw.net\/note\/archives\/433","title":{"rendered":"Tunnel VPN"},"content":{"rendered":"\n

<\/p>\n\n\n\n

vpn(virtual private network,\u865b\u64ec\u79c1\u4eba\u7db2\u8def)
\u7c4d\u7531\u901a\u9053\u5354\u5b9a\u5728\u4e0d\u5b89\u5168\u7684\u7db2\u8def\u4e2d\u5efa\u7acb\u8d77\u5b89\u5168\u53ef\u9760\u7684\u9023\u7dda

VPN\u4f9d\u89e3\u6c7a\u554f\u984c\u53ef\u4ee5\u5206\u6210\u4e09\u5927\u9805\u76ee
1 \u9060\u7aef\u5b58\u53d6VPN:
\u9023\u7d50<\/strong>Mobile User<\/strong>(<\/strong>\u79fb\u52d5\u7528\u6236<\/strong>)\u53ca\u5c0f\u578b\u7684\u5206\u516c\u53f8\uff0c\u900f\u904e\u96fb\u8a71\u64a5\u63a5\u4e0a\u7db2\u4f86\u5b58\u53d6\u4f01\u696d\u7db2\u8def\u8cc7\u6e90
\u3000\u539f\u672c\u4f7f\u7528RAS\u9060\u7aef\u5b58\u53d6\u670d\u52d9<\/strong>
   \u8b93\u591a\u4f7f\u7528\u8005\u5404\u81ea\u5f9e\u9060\u7aef\u9023\u7dda\u7684\u5de5\u696d\u6a19\u6e96,\u6709\u591a\u5c11\u5ba2\u6236\u7aef\u5c31\u62c9\u5e7e\u689d\u5c08\u7dda\u904e\u53bb,\u5982ISDN
   \u4e0d\u9700\u8edf\u9ad4\u914d\u5408
   \u7ba1\u7406\u8207\u7dad\u8b77\u8907\u96dc
   \u64f4\u5145\u4e0d\u6613,\u5b89\u5168\u8f03\u5dee
\u3000\u4f7f\u7528VPN,\u6216\u53ebVPDN(<\/strong>virtual private dialup network,<\/strong>\u865b\u64ec\u79c1\u5bc6\u64a5\u63a5\u7db2\u8def)<\/strong>
   \u4f3a\u670d\u7aef\u9700\u6709\u5c08\u7dda\u5230ISP,\u800c\u5ba2\u6236\u7aef\u6703\u5411ISP\u9023\u7dda
   \u9700\u8edf\u9ad4\u914d\u5408,\u53ef\u4f7f\u7528l2f,l2tp\u5728ip\u4e0a\u5be6\u4f5c,\u4e26\u904b\u7528ppp\u8a0a\u6846
   \u7ba1\u7406\u8207\u7dad\u8b77\u5bb9\u6613,\u53ea\u9700\u8655\u7406\u4f3a\u670d\u7aef\u5230ISP\u7684\u9023\u7dda,\u5176\u4ed6\u5de5\u4f5c\u4ea4\u7531ISP\u53bb\u8ca0\u8cac
   \u64f4\u5145\u5bb9\u6613,\u6210\u672c\u8f03\u4f4e
2 <\/strong>Intranet VPN:
\u662f\u5229\u7528Internet\u4f86\u5c07\u56fa\u5b9a\u5730\u9ede\u7684\u7e3d\u516c\u53f8\u53ca\u5206\u516c\u53f8\u52a0\u4ee5\u9023\u7d50\uff0c\u6210\u70ba\u4e00\u500b\u4f01\u696d\u7e3d\u9ad4\u7db2\u8def 
\u3000\u539f\u672c<\/strong>\u4f7f\u7528WAN:\u7a69\u5b9a\u5b89\u5168
<\/strong>   \u4f7f\u7528\u50b3\u7d71\u6280\u8853\u6216\u7528WAN\u6280\u8853\u4f86\u5be6\u505a\u5982x.25,frame relay,atm\u7b49\u79df\u7528\u5c08\u7dda\u4f86\u9023\u63a5\u7ad9\u53f0,
   \u4e0d\u9700\u8edf\u9ad4\u914d\u5408,\u53ea\u8981\u9023\u7dda\u5169\u7aef\u4f7f\u7528\u76f8\u540c\u901a\u8a0a\u5354\u5b9a\u5373\u53ef
   \u7ba1\u7406\u8207\u7dad\u8b77\u8f03\u4e0d\u8907\u96dc,\u4e3b\u8981\u662f\u5178\u578b\u7db2\u7ba1\u57fa\u672c\u6280\u5de7,\u4f46\u96a8\u8457\u898f\u6a21\u64f4\u5927\u6703\u9010\u6f38\u56f0\u96e3
   \u8f03\u7a69\u5b9a\u4e5f\u8f03\u5b89\u5168,\u9664\u975e\u6709\u4eba\u5077\u63a5\u96fb\u7e9c
   \u64f4\u5145\u8f03\u9ebb\u7169,\u9700\u8655\u7406\u5404\u7aef\u5be6\u9ad4\u7dda\u8def,\u82b1\u8cbb\u4e5f\u8f03\u6602\u8cb4
\u3000\u4f7f\u7528VPN:\u64f4\u5145\u6613\u6210\u672c\u4f4e
<\/strong>   VPN\u4e5f\u53ef\u4f7f\u7528isdn,frame relay\u7b49,\u4f46\u7dda\u8def\u9808\u9023\u5230isp
   \u9700\u8207\u8edf\u9ad4\u76f8\u914d\u5408\u4ee5\u78ba\u4fdd\u5b89\u5168\u7684\u9023\u7dda,\u5982ssh,l2f,l2tp,pptp
   \u7ba1\u7406\u8207\u7dad\u8b77\u8f03\u8907\u96dc,\u9808\u4e86\u89e3vpn\u904b\u4f5c\u539f\u7406,\u4f46\u82e5\u9078\u5c0d\u597d\u7684isp\u5247\u53ef\u7701\u4e8b\u8a31\u591a
   \u7a69\u5b9a\u6027\u9010\u6f38\u63d0\u9ad8,\u56e0\u67b6\u69cb\u5728\u4e0d\u65b7\u6539\u826f\u7684\u4e0d\u53ef\u9760\u6280\u8853internet\u4e0a
   \u64f4\u5145\u5bb9\u6613,\u53ef\u76f4\u63a5\u5411isp\u8981\u6c42\u589e\u52a0\u983b\u5bec,\u6216\u8a2d\u5099
\u3000\u4e5f\u53ebsite-to-site vpn
3 Extranet VPN:
\u5247\u662f\u5c07Intranet VPN\u7684\u9023\u7d50\u518d\u64f4\u5c55\u5230\u4f01\u696d\u7684\u7d93\u71df\u5925\u4f34\uff0c\u5982\u4f9b\u61c9\u5546\u53ca\u5ba2\u6236\uff0c\u4ee5\u9054\u5230\u5354\u529b\u5ee0\u5546\u5f7c\u6b64\u8cc7\u8a0a\u5171\u4eab\u7684\u76ee\u7684\u3002
<\/strong>   \u4e5f\u53ebLAN-to-LAN VPN,\u670d\u52d9\u54c1\u8cea\u8f03\u4e0d\u56b4\u683c,\u9069\u5408\u900f\u904e\u7db2\u969b\u7db2\u8def

\u4f9d\u670d\u52d9\u4f9b\u61c9\u5546\u548c\u7528\u6236\u5728\u90a3\u500bosi\u5c64\u4ea4\u63db\u62d3\u6a38\u8cc7\u8a0a\u5206
 overlay model(\u8986\u758a\u6a21\u5f0f):\u670d\u52d9\u4f9b\u61c9\u5546\u53ea\u63d0\u4f9bvc(\u908f\u8f2f\u7684\u5c08\u7dda),\u8def\u5f91\u8cc7\u8a0a\u76f4\u63a5\u5728\u908a\u5883\u7528\u6236\u8def\u7531\u5668\u9593\u4ea4\u63db
   \u7b2c\u4e8c\u5c64vpn:x.25,frame relay,atm,pptp,MPLS VPN
   \u7b2c\u4e09\u5c64vpn:ipsec,gre,MPLS VPN
 peer model(\u5c0d\u7b49\u6a21\u5f0f):\u6703\u4ea4\u63db\u7b2c\u4e09\u5c64\u7684\u8def\u5f91\u8cc7\u8a0a,\u4e14\u7528\u6236\u8def\u5f91\u8cc7\u8a0a\u662f\u5728\u7528\u6236\u8def\u7531\u5668\u8207\u670d\u52d9\u4f9b\u61c9\u5546\u8def\u7531\u5668\u9593\u4ea4\u63db<\/p>\n\n\n\n

vpn\u4e5f\u53ef\u88ab\u5206\u70ba\u4ee5\u4e0b\u4e09\u7a2e
trusted vpn:\u901a\u9053\u5be6\u8cea\u4e0a\u662f\u4e00\u689d\u908f\u8f2f\u7684\u96fb\u8def\u3000
ex:ATM or frame relay circuits , MPLS
secure vpn:\u901a\u9053\u4f7f\u7528\u52a0\u5bc6\u6280\u8853  
ex:ipsec ssl tls with encryption,ipsec inside of l2tp
hybrid vpn:\u5728trusted vpn\u4e0a\u5efa\u7acbsecure vpn <\/p>\n\n\n\n

vpn\u7684\u6838\u5fc3\u6280\u8853\u5305\u62ec
Tunneling(\u7a7f\u96a7\u6280\u8853):\u5728\u516c\u773e\u7db2\u8def\u4e0a\u5efa\u7acb\u4e00\u689d\u79d8\u5bc6\u901a\u9053
\u3000\u5c07\u79c1\u6709\u6578\u64da\u7db2\u8def\u7684\u8cc7\u6599\u5728\u516c\u773e\u6578\u64da\u7db2\u8def\u4e0a\u50b3\u8f38\u7684\u4e00\u7a2e\u8cc7\u6599Encapsulation(\u5305\u88dd\u65b9\u5f0f)
\u3000\u7a7f\u96a7\u6280\u8853\u5354\u5b9a\u4e3b\u8981\u6709\uff1aIPsec\u3001PPTP \u53ca L2TP \u7b49\u4e09\u7a2e
encryption\/decryption(\u52a0\u89e3\u5bc6\u6280\u8853) ex:des,3des,rsa
key management(\u91d1\u9470\u7ba1\u7406) ex:ike
user authentication(\u8a8d\u8b49) ex:radius,tacas
ps:\u5176\u4ed6\u6709\u8cc7\u6599\u5b8c\u6574\u6027,firewall,IDS,…\u7b49<\/p>\n\n\n\n

\u7b2c\u4e00\u500bVPN\u4ee5X.25\u548cframe relay\u7684\u6280\u8853\u70ba\u57fa\u790e,\u7136\u5f8c\u53c8\u767c\u5c55\u51fasmds\u548catm
VPN\u5efa\u7acb\u5f8c,\u4efb\u4f55\u8a72VPN\u7528\u6236\u5728\u5169\u500b\u7aef\u9ede\u9593\u53ea\u6703\u770b\u5230\u4e00\u500b\u8df3\u8e8d
\u4f7f\u7528\u865b\u64ec\u7684\u9023\u7dda,\u9019\u662f\u4e00\u7a2e\u66ab\u6642\u6027\u7684\u9023\u7dda
\u512a\u9ede\uff1a\u76f8\u8f03\u65bc\u50b3\u7d71\u7684\u5c08\u7dda\u5f0f\u7db2\u8def\u9023\u7d50\u6210\u672c\u8f03\u4f4e,\u7db2\u8def\u67b6\u69cb\u5f48\u6027\u8f03\u5927<\/p>\n\n\n\n

………………<\/p>\n\n\n\n

\u4e0d\u540c\u5ee0\u5546\u7684vpn\u7522\u54c1\u53ef\u80fd\u6703\u6709\u4e92\u901a\u6027\u4e0d\u76f8\u5bb9\u7684\u554f\u984c
vpn\u8207\u8a2d\u5099\u76f8\u5bb9\u6027\uff1a
 +firewall\uff1a\u9700\u5c07vpn\u7528\u7684port\u6253\u958b
 +proxy:\u6709\u4e9b\u7121\u6cd5\u4e00\u8d77\u904b\u4f5c,\u6700\u597d\u8b93vpn\u4f3a\u670d\u5668\u4ee5\u591a\u5bc4\u4e3bmulti-home\u7684\u65b9\u5f0f\u67b6\u69cb\u5728internet\u8207lan\u9593,\u5404\u8d70\u5404\u7684\u8def
 +nat:\u5efa\u8b70\u4f7f\u7528double-router(\u96d9\u8def\u7531\u5668)\u7684\u5efa\u69cb\u65b9\u5f0f,\u4e26\u8b93vpn\u4f3a\u670d\u5668\u4ee5multi-home\u67b6\u69cb,\u6216\u8a2d\u5728vpn\u4f3a\u670d\u5668\u5f8c

VPN\u7522\u54c1
\u786c\u9ad4\u5f0f\u7684VPN\u7cfb\u7d71
<\/strong>\u6700\u5e38\u898b\u7684\u786c\u9ad4\u5f0f\u7684VPN\u8a2d\u5099\u4fbf\u662fVPN Router(VPN\u52a0\u5bc6\u7684\u8def\u7531\u5668)\u3002\u56e0\u70ba\u9019\u4e9b\u8a2d\u5099\u5c07\u52a0\u89e3\u5bc6\u7684\u9470\u5319\u5132\u5b58\u65bc\u8a18\u61b6\u9ad4\u4e2d\uff0c\u6545\u8f03\u4e0d\u6613\u88ab\u640d\u58de\uff0c\u540c\u6642\u52a0\u89e3\u5bc6\u7684\u901f\u5ea6\u4ea6\u8f03\u5feb\uff1b\u5c24\u5176\u662f\u5c08\u7dda\u983b\u5bec\u8f03\u9ad8\u4e4b\u4f01\u696d\uff0c\u786c\u9ad4\u5f0f\u7684\u8a2d\u5099\u61c9\u662f\u8f03\u4f73\u7684\u9078\u64c7\u3002\u6b64\u5916\uff0c\u82e5\u518d\u642d\u914dVPN Client Software(\u500b\u4eba\u7528\u6236\u4f7f\u7528\u7684VPN\u8edf\u9ad4)\uff0c\u5247\u5176\u529f\u80fd\u4ea6\u8207\u8edf\u9ad4\u5f0f\u7684VPN\u7522\u54c1\u76f8\u8fd1\u3002
ex:cisco router,cisco vpn client
\u8edf\u9ad4\u5f0f\u7684VPN
<\/strong>\u8edf\u9ad4\u5f0f\u7684VPN\u7522\u54c1\u4e43\u662f\u67b6\u8a2d\u65bc\u4f3a\u670d\u5668\u53ca\u4f5c\u696d\u5e73\u53f0\u4e4b\u4e0a\uff0c\u53ef\u4ee5\u63d0\u4f9b\u8f03\u70ba\u5f48\u6027\u7684\u529f\u80fd\uff0c\u4f8b\u5982\u4f9d\u64da\u76ee\u7684\u5730\u4f4d\u5740\u6216\u901a\u8a0a\u5354\u5b9a\u4f86\u5efa\u7acbVPN\u901a\u9053\u3002\u76f8\u5c0d\u7684\uff0c\u786c\u9ad4\u5f0f\u7684VPN\u7cfb\u7d71\u5247\u591a\u6578\u4f9d\u64da\u4f4d\u5740\u76ee\u7684\u5730\u4f86\u5efa\u7acbVPN\u901a\u9053\uff0c\u5c07\u50b3\u8f38\u7684\u6240\u6709\u901a\u8a0a\u5354\u5b9a\u5747\u52a0\u5bc6\u3002
\u7136\u800c\uff0c\u8edf\u9ad4\u5f0f\u7684VPN\u7522\u54c1\u901a\u5e38\u8f03\u96e3\u4ee5\u7ba1\u7406\uff1b\u9700\u8981\u5c0d\u4f5c\u696d\u7cfb\u7d71\u3001VPN\u8edf\u9ad4\u53ca\u76f8\u95dc\u4e4b\u7db2\u8def\u5b89\u5168\u6a5f\u5236\u5747\u6709\u76f8\u7576\u7a0b\u5ea6\u7684\u4e86\u89e3\uff0c\u624d\u80fd\u771f\u6b63\u7ba1\u7406\u597dVPN\u7cfb\u7d71\u3002\u540c\u6642\uff0c\u6709\u4e9b VPN\u8edf\u9ad4\u4ea6\u9700\u8981\u5c0dRouting Table(\u8def\u7531\u8def\u5f91\u8868)\u53caNetwork Address Scheme(\u7db2\u8defIP\u4f4d\u5740\u898f\u5283)\u52a0\u4ee5\u4fee\u6539\u3002
\u8207\u9632\u706b\u7246\u76f8\u7d50\u5408\u7684VPN\u7cfb\u7d71
<\/strong>\u8207\u9632\u706b\u7246\u76f8\u7d50\u5408\u7684VPN\u7cfb\u7d71\u81ea\u7136\u627f\u8972\u4e86\u9632\u706b\u7246\u5b89\u5168\u529f\u80fd\u7684\u512a\u9ede\uff0c\u4f7f\u9032\u51fa\u7684\u4ea4\u901a\u5747\u80fd\u53d7\u5230\u8f03\u4f73\u7684\u9650\u5236\u53ca\u4fdd\u8b77\uff0c\u4ee5\u53ca\u5f37\u5316\u7684\u8a8d\u8b49\u529f\u80fd\u3002\u4e00\u822c\u800c\u8a00\uff0c\u76f8\u7576\u591a\u7684VPN\u5ee0\u5546\u4e26\u6c92\u6709\u63d0\u4f9b\u5c0d\u65bc\u5176\u4f5c\u696d\u7cfb\u7d71\u7684\u5b89\u5168\u4fdd\u8b77\u3002\u82e5\u662f\u63a1\u7528\u786c\u9ad4\u5f0f\u4e14\u5177\u6709VPN\u529f\u80fd\u7684\u9632\u706b\u7246\u8a2d\u5099\uff0c\u5247\u672c\u8eab\u4fbf\u5df2\u5c0d\u5176\u904b\u4f5c\u7684Harden O.S(\u4f5c\u696d\u7cfb\u7d71\u505a\u4e86\u88dc\u5f37\u4f5c\u7528)\uff0c\u4e8b\u5148\u5c07\u6240\u6709\u4e0d\u5fc5\u8981\u53ca\u6709\u5371\u96aa\u7684Service(\u670d\u52d9)\u5747\u52a0\u4ee5\u53bb\u9664\uff0c\u4ee5\u78ba\u4fdd\u6b64VPN\u8a2d\u5099\u4e0d\u6703\u88ab\u99ed\u5ba2\u6240\u5165\u4fb5\uff0c\u800c\u5c0e\u81f4\u6574\u9ad4VPN \u7cfb\u7d71\u529f\u80fd\u7121\u6cd5\u904b\u4f5c\u3002
\u540c\u6642\u64c1\u6709VPN\u53ca\u9632\u706b\u7246\u529f\u80fd\u7684\u8a2d\u5099\uff0c\u5c0d\u65bc\u7db2\u8def\u7684\u5b89\u5168\u5efa\u69cb\u6709\u76f8\u7576\u5927\u7684\u597d\u8655\uff0c\u53ea\u9700\u4e00\u53f0\u6a5f\u5668\u4fbf\u53ef\u64c1\u6709\u5169\u9805\u4e0d\u53ef\u6216\u7f3a\u7684\u529f\u80fd\uff0c\u5efa\u7f6e\u6210\u672c\u660e\u986f\u964d\u4f4e\uff0c\u4e14\u7ba1\u7406\u7684\u8ca0\u64d4\u4ea6\u8f03\u8f15\u3002
ex:\u6574\u5408pix firewall,vpn concentrator\u7684cisco asa(adaptive security appliance)<\/p>\n\n\n\n

………………..<\/p>\n\n\n\n

vpn\u5e38\u898b\u554f\u984c
<\/strong>\u9023\u7dda\u554f\u984c
  \u96fb\u8a0a\u7dda\u8def\u56fa\u969c\u5982\u8f49\u63a5\u5668\u8ca0\u8377\u904e\u91cd,isp\u7684\u554f\u984c\u5982\u7dda\u8def\u904e\u5fd9,\u7528\u6236\u672c\u8eab\u554f\u984c\u5982\u8a2d\u5b9a\u7d44\u614b\u554f\u984c,\u8a2d\u5099\u548cisp\u4e0d\u76f8\u5bb9
\u9a57\u8b49\u554f\u984c
  \u5e33\u865f\u5bc6\u78bc\u4e0d\u7b26,\u96d9\u65b9\u7528\u4e0d\u540c\u7684\u9a57\u8b49\u65b9\u5f0f,\u5982\u4e00\u908apap\u53e6\u4e00\u908achap
\u50b3\u8f38\u554f\u984c
  \u7121\u6cd5\u900f\u904einternet\u8207\u67d0\u7279\u5b9a\u4e3b\u6a5f\u9023\u7dda,\u6216\u7121\u6cd5\u5b58\u53d6internet,\u53ef\u80fd\u56e0\u9078\u5f91\u554f\u984c,\u53ef\u80fd\u662f\u81ea\u5df1\u7d44\u614b\u672a\u8a2d\u597d\u6216isp\u7684\u8def\u7531\u5668\u6c92\u8a2d\u5b9a\u597d

vpn\u4fdd\u5168\u63aa\u65bd
<\/strong> \u9650\u5236\u90a3\u4e9b\u4eba\u53ef\u4ee5\u5b58\u53d6vpn,client\u7aef\u4e0d\u80fd\u7528multi-home\u65b9\u5f0f\u9023\u7dda,\u4e5f\u5c31\u662fsplit-tunnel(\u5206\u53c9\u901a\u9053)
 \u9650\u5236vpn\u4f7f\u7528\u8005\u6240\u80fd\u505a\u7684\u4e8b,\u9700\u63a7\u5236\u5b58\u53d6\u6b0a,\u6301\u7e8c\u4fdd\u6301\u958b\u653e\u5bb9\u6613\u6210\u70ba\u6536\u653b\u64ca\u7684\u9ede
 \u907f\u514dvpn\u4f3a\u670d\u5668\u8207\u8def\u7531\u5668\u7684\u8cc7\u8a0a\u516c\u958b\u5230\u516c\u773edns<\/p>\n\n\n\n

………………………………<\/p>\n\n\n\n

GRE(Generic Routing Encapsulation,\u901a\u7528\u8def\u7531\u5c01\u88dd)<\/strong>
Cisco\u958b\u767c\u7684tunneling\u5354\u5b9a
\u4e00\u7a2e\u57fa\u65bcIP\u7684\u96a7\u9053\u6280\u8853\uff0c\u53ef\u88ab\u7528\u4f86\u5728\u57fa\u65bcIP\u7684\u9aa8\u5e79\u7db2\u4e0a\u50b3\u8f38\u591a\u7a2e\u5354\u8b70\u7684\u6578\u64da\u6d41\u91cf\uff0c\u5982IPX\u3001AppleTalk\u7b49\u3002
\u512a\u9ede\u70ba\u652f\u63f4IGP\uff0c\u652f\u63f4\u591a\u5354\u5b9a(\u5927\u90e8\u4efdVPN\u4e0d\u652f\u63f4IGP\u8207\u591a\u5354\u5b9a) \u3000
\u4e26\u4e0d\u5c6c\u65bc\u5b89\u5168\u6027\u7684\u901a\u9053\uff0c\u4f46\u53ef\u4ee5\u548c\u5176\u4ed6\u52a0\u5bc6\u6280\u8853\u5408\u7528\uff0c\u50cf\u662fipsec+gre
PPTP\u4e3b\u8981\u4f7f\u7528gre\u6280\u8853\u5efa\u7acbVPN
\u4f7f\u7528tcp1723,ip47<\/p>\n\n\n\n

SSL VPN<\/strong>
\u904b\u7528\u700f\u89bd\u5668\u8207VPN\u9598\u9053\u5668\u5efa\u7acbSSL\u9023\u7dda\uff0c\u4f7f\u8cc7\u6599\u65e2\u53ef\u4ee5\u4fdd\u5bc6\uff0c\u540c\u6642\u4f01\u696d\u5167\u90e8\u7db2\u8def\u4e5f\u53ef\u7d93\u7531\u6b64\u901a\u9053\u5b58\u53d6\u3002
\u6700\u91cd\u8981\u7684\u662f\uff0c\u7531\u65bc\u5b83\u662f\u900f\u904e\u4f7f\u7528\u6bcf\u90e8\u96fb\u8166\u90fd\u6709\u7684\u700f\u89bd\u5668\uff0c\u56e0\u6b64\u4f7f\u7528\u8005\u53ef\u4ee5\u5728\u4efb\u4f55\u5730\u65b9\u4efb\u4f55\u96fb\u8166\u5b58\u53d6\u4f01\u696d\u5167\u90e8\u8cc7\u6e90\u3002
\u7f3a\u9ede:
\u5b83\u4e0d\u50cfIPSec VPN\u5728\u7db2\u8def\u5c64\u4e0a\u52a0\u5bc6\u904b\u4f5c\uff0c\u800c\u662f\u5728\u61c9\u7528\u5c64\u4e0a\u904b\u4f5c\uff0c\u9996\u5148\u6548\u80fd\u5c31\u7121\u6cd5\u8ddf\u4e0aIPSec VPN(\u76ee\u524d\u5c1a\u7121SSL VPN\u7684\u786c\u9ad4\u5f0f\u52a0\u901f\u8a2d\u5099)\u3002
\u7531\u65bcSSL VPN\u6839\u57fa\u65bc\u700f\u89bd\u5668\uff0c\u56e0\u6b64\u4e00\u4e9b\u975eWeb-based\u7684\u61c9\u7528\u7a0b\u5f0f\u4fbf\u5fc5\u9808\u7d93\u904e\u6e2c\u8a66\u8207\u8a2d\u5b9a\u624d\u80fd\u5b58\u53d6\u3002
\u4f7f\u7528\u8005\u53ef\u4ee5\u5b58\u53d6\u7684\u61c9\u7528\u7a0b\u5f0f\u5fc5\u9808\u662f\u7db2\u8def\u7ba1\u7406\u8005\u4e8b\u5148\u5b9a\u7fa9\u597d\u7684(\u7db2\u7ba1\u8005\u7121\u53ef\u907f\u514d\u7684\u8ca0\u64d4\uff01)\uff0c\u7121\u6cd5\u50cfIPSec VPN\u4e00\u6a23\u53ea\u8981\u9023\u63a5\u4e0a\u7db2\u6240\u6709IP-based\u7684\u61c9\u7528\u7a0b\u5f0f\u90fd\u53ef\u4f7f\u7528\u3001\u5b58\u53d6\u3002
\u524d\u5e02\u9762\u4e0a\u7684SSL VPN\u7522\u54c1\u591a\u80fd\u5b58\u53d6Outlook\u3001Notes\u3001Exchange\u3001Citrix\u3001Microsoft Terminal Service<\/p>\n","protected":false},"excerpt":{"rendered":"

vpn(virtual private network,\u865b\u64ec …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[10],"tags":[],"class_list":["post-433","post","type-post","status-publish","format-standard","hentry","category-securitysloution"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/433","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/comments?post=433"}],"version-history":[{"count":0,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/433\/revisions"}],"wp:attachment":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/media?parent=433"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/categories?post=433"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/tags?post=433"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}