Download VPN

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
Document related concepts

Network tap wikipedia , lookup

AppleTalk wikipedia , lookup

Deep packet inspection wikipedia , lookup

Net bias wikipedia , lookup

Distributed firewall wikipedia , lookup

Extensible Authentication Protocol wikipedia , lookup

Airborne Networking wikipedia , lookup

Dynamic Host Configuration Protocol wikipedia , lookup

Server Message Block wikipedia , lookup

Computer network wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Internet protocol suite wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Wireless security wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Lag wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Remote Desktop Services wikipedia , lookup

Transcript 
VIRTUAL PRIVATE
NETWORK
By:
Tammy Be
Khoa Kieu
Stephen Tran
Michael Tse
VPN Introduction
• Virtual private networking (VPN) in Microsoft
Windows 2000 allows mobile users to connect
over the Internet to a remote network.
• With virtual private networking, the user calls the
local ISP and then uses the Internet to make the
connection to the Network Access Server (NAS).
• Users only make a local call to the ISP instead of
expensive long distance telephone calls to the
remote access server.
How VPN Works
• ISA Server is configured as a VPN Server
• The local ISA VPN computer connects to its ISP
• The remote VPN wizard runs on the ISA Server
on the remote network
• The remote ISA Server VPN computer connects to
its ISP
• When a computer on the local network
communicates with a computer on the remote
network, data is encapsulated and sent through the
VPN tunnel
Main Modules
•
•
•
•
•
•
System Requirement
VPN Requirement
Microsoft Layer 2 Tunneling Protocols
Cables/Service for Internet Connection
How to Install and Enable VPN
How to Configure the VPN Server
(Configure the Remote Access Server as a Router)
• How to Configure the VPN Client
Module
System Requirement
System Requirement
• Microsoft Windows 2000, Server
• Microsoft Windows 2000, Professional
END OF SYSTEM
REQUIREMENT MODULE
Module
VPN Requirement
VPN Requirement
•
•
•
•
•
User Authentication
Address Management
Data Encryption
Multi-Protocol Support
Access Management
User Authentication
• The solution must identify the user’s identity and
only allow access to authorized users.
• The user account can be a local account on the
VPN server or, in most cases, a domain account
granted appropriate dial-in permissions.
• The default policy for remote access is “Allowed
access if dial-in permission is enabled.”
Address Management
• VPN must assign the client an IP address on the
private network
• The VPN server can assign the clients IP address
using DHCP or a static pool of IP addresses
• Clients typically will have an IP address from the
ISP and an IP on the private network after the
VPN connection is established
Data Encryption
• Data sent and received over the Internet must be
encrypted for privacy
• PPTP and L2TP use PPP-based data encryption
methods
• Optionally you can use Microsoft Point-to-Point
Encryption (MPPE), based on the RSA RCA
algorithm
• Microsoft Implementation of the L2TP protocol
uses IPSec encryption to protect the data stream
form the client to the tunnel server.
Multi-Protocol Support
• Microsoft Layer 2 Tunneling Protocol
supports multiple payload protocols, which
makes it easy for tunneling clients to access
their corporate networks using IP, IPX, and
NetBUI.
Access Management
• Manage addresses and name server
– VPN must have IP address available to assign
to VPN client during the IP Control Protocol
(IPCP) negotiation phase of the connection
process.
– The IP address assigned to the VPN client is
assigned to virtual interface of the VPN client.
• Manage access by user account
• Manage access by group membership
END OF VPN REQUIRMENT
MODULE
Module
Microsoft Layer 2 Tunneling
Protocols
Microsoft Layer 2 Tunneling Protocols
• PPTP – Point-to-Point Tunneling Protocol
– Uses a TCP connection for tunnel maintenance and
generic routing encapsulated PPP frames for
tunneled data.
– The payloads of the encapsulated PPP frames can be
encrypted and/or compressed.
• L2TP – Layer 2 Tunneling Protocol
– Uses UDP and a series of L2TP messages for tunnel
maintenance.
END OF MICROSOFT LAYER 2
TUNNELING PROTOCOL
Module
Cables/Service for Internet
Connection
Cables/service for Internet
Connection
• Should use a dedicated line such as T-1, Fractional T-1,
or Frame Relay.
– T-1: a dedicated phone connection supporting data
rates of 1.544Mbits per second, consists of 24
individual channels, each supports 64Kbits per
second.
– Fractional T-1: One or more channels of a T-1
services, less bandwidth, and less expensive.
– Frame Relay: ( a way of utilizing existing T-1 and
T-3 lines owned by a service provider), a packetswitching protocol for connecting devices on a
WAN.
END OF CABLES/SERVICE
FOR INTERNET CONNECTION
MODULE
Module
How to Install and Enable VPN
Install and Enable VPN
• VPN is automatically installed when one
installs Windows 2000
INTERNET CONNECTION NEDDED (DSL)
CAN LEASE T-1 LINE
COMPANY WILL PROVIDE REAL
IP ADDRESS
END OF HOW TO INSTALL
AND ENABLE VPN MODULE
Module
How to Configure the VPN Server
How to Configure the VPN Server
(Configure the Remote Access Server as a Router) :
Preview
• Allow remote access server to forward traffic
properly in side network.
• Allow other locations in the intranet to be reached
from the remote access.
• Configure as router with static route or routing
protocols.
Steps for Configuring Remote
Access Server as a Router
start
Administrative Tools
Click Routing & Remote Access
Click Properties
Right-click Server Name
On General tap
Click Enable This Computer
As a Router
Select either LAN routing
only or LAN and demand dial routing
Ok
END OF HOW TO CONFIGURE
THE VPN SERVER MODULE
Module
How to Configure the VPN Client
END OF HOW TO CONFIGURE
A VPN CLIENT
Summary
• VPN must assign the client an IP address on
the private network
• Microsoft Implementation of the L2TP
protocol uses IPSec encryption to protect
the data stream form the client to the tunnel
server
Web Reference
• For more information on VPN, visit
www.Microsoft.com
– Keyword “VPN”
Glossary
• Virtual Private Network (VPN)- a network that
is constructed by using public wires to connect
nodes.
• Tunneling- A technology that enables one
network to send its data via another network's
connections.
• Point-to-Point Tunneling Protocol (PPTP)- is
used to ensure that messages transmitted from one
VPN node to another are secure.
• Layer Two Tunneling Protocol (L2TP)Provides data encryption, authentication, and
integrity and IPSec.
END OF VPN PROJECT
Related documents
Mullvad Barnprogram
Mullvad Barnprogram
BUS 352 Week 4 Discussion 2 (Security components)
BUS 352 Week 4 Discussion 2 (Security components)
Virtual Private Network(VPN)
Virtual Private Network(VPN)
Networking in Linux
Networking in Linux
What is a VPN? A VPN (Virtual Private Network) is a private
What is a VPN? A VPN (Virtual Private Network) is a private
Mikrotik VPN Technology
Mikrotik VPN Technology
XP Road Warrior Connection
XP Road Warrior Connection
Remote Access - York Technical College
Remote Access - York Technical College
level 3sm secure access - Level 3 Communications
level 3sm secure access - Level 3 Communications
3.3d - mr-damon.com
3.3d - mr-damon.com