4.7 Management in a Large-Scale Environment
To construct a VPN server in an enterprise with a large number of
users, the administrator may be required to implement measures to
simplify VPN Client user operations and provide remote management of VPN
Client on client computers. This section describes how to properly
manage a large number of VPN Client users in a large-scale environment.
4.7.1 Remote Management of VPN Client
VPN Client Manager is normally used to connect to and control the VPN
Client service running on a local computer, but by properly configuring
the settings, you can also VPN Client Manager to remotely operate VPN
Client services running on remote computers.
Setting VPN Client to Allow Remote Management
To enable the remote operation of the VPN Client service running on a
remote computer, [Allow Remote Management of VPN Client Service] must be
enabled on the setting of the VPN Client service at the remote
destination. The user can enable this option by clicking [Options] on
the [Tool] menu of VPN Client Manager.
A password must also be set for VPN Client with enabled remote
management. The user can set the password by clicking [Set Password] on
the [Tool] menu.
By checking the boxes next to [Set password] and [Only Request
Password For Remote Operation] on the [Password Setting] window, you can
set the local computer to not request a password when starting VPN
Client Manager and only request a password when connecting for remote
operation.
Figure 4-7-1 Remote Management Setup Window |
Remotely Connecting to VPN Client on a Separate Computer
You can remotely connect to and manage PacketiX VPN Client running on
a separate computer by clicking [Start] > [PacketiX VPN Client Manager]
> [Manage PacketiX VPN Client on a Separate Computer]. Specify the name
of the destination PacketiX VPN Client computer in [Computer name] and
click [OK].
Figure 4-7-2 Window for Remotely Connecting to VPN Client on
a Separate Computer |
By remotely operating PacketiX VPN Client on a separate computer, the
administrator can, for example, configure the proper connection settings
for a user that does not understand the connection method without the
administrator having to go to that user's computer.
The following operations cannot be performed with VPN Client Manager
when connected to a remote VPN Client.
- Adding a Virtual Network Adapter or reinstalling a device driver
- Configuring smart card settings
- Displaying network devices on a remotely connected VPN Client
- Using a TCP Optimization Utility
4.7.2 Distributing Configuration Files
The configuration data of VPN Client is automatically saved to
vpn_client.config in the directory where PacketiX VPN Client is
installed. Each time VPN Client is started, this file is read and the
configuration data is managed and maintained. By replacing the
vpn_client.config file, you can back up or roll back the operations or
configuration data of VPN Client at any time, and the file can also be
copied to other computers.
The administrator can configure the default settings of VPN Client
and then distribute the vpn_client.config file to client computers,
thereby providing the default settings across the VPN in advance.
The contents of the vpn_client.config file cannot be directly
replaced while the VPN Client service is running. First stop the VPN
Client service, and then change the vpn_client.config file and restart
the VPN Client service.
To stop the VPN Client service running on a VPN client computer,
execute the net stop vpnclient command. To start the VPN Client
service, execute the net start vpnclient command.
4.7.3 Distributing a Connection Setting File to Users
You can export the connection setting data of VPN Client, as
described in 「4.4.20 Exporting and Importing Connection Settings」. The exported file can be sent by e-mail to VPN
Client users who can then simply double-click the received connection
setting file to register that connection setting to VPN Client on the
user's computer.
Because the connection setting file is comprised of simple text data,
the system administrator can automatically create this file for each
user. In this way, connection setting files with the necessary settings
can be created and distributed to a large number of VPN Client users to
ensure that even users with little knowledge of VPN connection settings
can easily connect to the VPN.
|