1 / 52

VIRTUAL PRIVATE NETWORK

VIRTUAL PRIVATE NETWORK. By: Tammy Be Khoa Kieu Stephen Tran Michael Tse. VPN Introduction. Virtual private networking (VPN) in Microsoft Windows 2000 allows mobile users to connect over the Internet to a remote network.

quasim
Download Presentation

VIRTUAL PRIVATE NETWORK

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse

  2. VPN Introduction • Virtual private networking (VPN) in Microsoft Windows 2000 allows mobile users to connect over the Internet to a remote network. • With virtual private networking, the user calls the local ISP and then uses the Internet to make the connection to the Network Access Server (NAS). • Users only make a local call to the ISP instead of expensive long distance telephone calls to the remote access server.

  3. How VPN Works • ISA Server is configured as a VPN Server • The local ISA VPN computer connects to its ISP • The remote VPN wizard runs on the ISA Server on the remote network • The remote ISA Server VPN computer connects to its ISP • When a computer on the local network communicates with a computer on the remote network, data is encapsulated and sent through the VPN tunnel

  4. Main Modules • System Requirement • VPN Requirement • Microsoft Layer 2 Tunneling Protocols • Cables/Service for Internet Connection • How to Install and Enable VPN • How to Configure the VPN Server (Configure the Remote Access Server as a Router) • How to Configure the VPN Client

  5. Module System Requirement

  6. System Requirement • Microsoft Windows 2000, Server • Microsoft Windows 2000, Professional

  7. END OF SYSTEM REQUIREMENT MODULE

  8. Module VPN Requirement

  9. VPN Requirement • User Authentication • Address Management • Data Encryption • Multi-Protocol Support • Access Management

  10. User Authentication • The solution must identify the user’s identity and only allow access to authorized users. • The user account can be a local account on the VPN server or, in most cases, a domain account granted appropriate dial-in permissions. • The default policy for remote access is “Allowed access if dial-in permission is enabled.”

  11. Address Management • VPN must assign the client an IP address on the private network • The VPN server can assign the clients IP address using DHCP or a static pool of IP addresses • Clients typically will have an IP address from the ISP and an IP on the private network after the VPN connection is established

  12. Data Encryption • Data sent and received over the Internet must be encrypted for privacy • PPTP and L2TP use PPP-based data encryption methods • Optionally you can use Microsoft Point-to-Point Encryption (MPPE), based on the RSA RCA algorithm • Microsoft Implementation of the L2TP protocol uses IPSec encryption to protect the data stream form the client to the tunnel server.

  13. Multi-Protocol Support • Microsoft Layer 2 Tunneling Protocol supports multiple payload protocols, which makes it easy for tunneling clients to access their corporate networks using IP, IPX, and NetBUI.

  14. Access Management • Manage addresses and name server • VPN must have IP address available to assign to VPN client during the IP Control Protocol (IPCP) negotiation phase of the connection process. • The IP address assigned to the VPN client is assigned to virtual interface of the VPN client. • Manage access by user account • Manage access by group membership

  15. END OF VPN REQUIRMENT MODULE

  16. Module Microsoft Layer 2 Tunneling Protocols

  17. Microsoft Layer 2 Tunneling Protocols • PPTP – Point-to-Point Tunneling Protocol • Uses a TCP connection for tunnel maintenance and generic routing encapsulated PPP frames for tunneled data. • The payloads of the encapsulated PPP frames can be encrypted and/or compressed. • L2TP – Layer 2 Tunneling Protocol • Uses UDP and a series of L2TP messages for tunnel maintenance.

  18. END OF MICROSOFT LAYER 2 TUNNELING PROTOCOL

  19. Module Cables/Service for Internet Connection

  20. Cables/service for Internet Connection • Should use a dedicated line such as T-1, Fractional T-1, or Frame Relay. • T-1: a dedicated phone connection supporting data rates of 1.544Mbits per second, consists of 24 individual channels, each supports 64Kbits per second. • Fractional T-1: One or more channels of a T-1 services, less bandwidth, and less expensive. • Frame Relay: ( a way of utilizing existing T-1 and T-3 lines owned by a service provider), a packet-switching protocol for connecting devices on a WAN.

  21. END OF CABLES/SERVICE FOR INTERNET CONNECTION MODULE

  22. Module How to Install and Enable VPN

  23. Install and Enable VPN • VPN is automatically installed when one installs Windows 2000

  24. INTERNET CONNECTION NEDDED (DSL) CAN LEASE T-1 LINE COMPANY WILL PROVIDE REAL IP ADDRESS

  25. END OF HOW TO INSTALL AND ENABLE VPN MODULE

  26. Module How to Configure the VPN Server

  27. How to Configure the VPN Server(Configure the Remote Access Server as a Router) : Preview • Allow remote access server to forward traffic properly in side network. • Allow other locations in the intranet to be reached from the remote access. • Configure as router with static route or routing protocols.

  28. Steps for Configuring Remote Access Server as a Router Administrative Tools start Click Routing & Remote Access Right-click Server Name On General tap Click Enable This Computer As a Router Click Properties Select either LAN routing only or LAN and demand dial routing Ok

  29. END OF HOW TO CONFIGURE THE VPN SERVER MODULE

  30. Module How to Configure the VPN Client

  31. END OF HOW TO CONFIGURE A VPN CLIENT

  32. Summary • VPN must assign the client an IP address on the private network • Microsoft Implementation of the L2TP protocol uses IPSec encryption to protect the data stream form the client to the tunnel server

  33. Web Reference • For more information on VPN, visit www.Microsoft.com • Keyword “VPN”

More Related