packages, 124
packet filtering. See also filters
clients, 92
configuring, 187
deployment, 267
described, 38, 43–44
extranets, 267
input filters, 93
IP, 43
L2TP/IPSec, 44
output filters, 93
PPTP, 43
profiles, 48, 91
routing, 92, 184
site-to-site VPNs, 179, 184, 300, 308
troubleshooting, 287, 300, 308
unable to connect problems, 300
PAP (Password Authentication Protocol), 21, 38, 55, 75, 187
Password Never Expires option, 178, 198, 252
passwords
authentication, 21, 38, 70
certificates, 211
CHAP, 39
character requirements, 25, 74
clear-text, 39
Connection Manager, 141, 167
demand-dial routing, 218, 221
deployment, 206, 211, 218, 221, 252, 258
EAP, 40
expiration, 39, 178, 198, 252
interoperability, 55
MS-CHAP, 39
quarantine features, 141, 167
single sign-on, 69
site-to-site VPNs, 178, 188, 198, 218, 221, 297
strong, 25, 40, 74, 75, 188
troubleshooting, 283, 297
unable to connect problems, 283
PBS (Phone Book Service), 68
perimeter networks, 186
Periodic Status option, 115, 225
permissions
Active Directory, 223
Connection Manager, 135
deployment, 223
domain user accounts, 94
policies, 91, 197
quarantine features, 135
Read, 285, 299
shared folders, 135
site-to-site VPNs, 223, 298, 299
troubleshooting, 285, 298, 299
unable to connect problems, 298
Permit Only The Packets Listed Below option, 93, 148
Persistent Connection option, 173, 261, 262
persistent connections
deployment, 257–265
described, 169
domain configuration, 258
on-demand VPNs, 173
site-to-site VPNs, 169
Personal folder, 106, 110, 211, 213
pfx format, 210
Phone Book Administrator, 34, 68
Phone Book Bitmap page, 164
Phone Book From This Profile option, 161
Phone Book Service (PBS). See PBS (Phone Book Service)
phone books, 33–34, 164
Connection Manager, 161
creating custom, 33, 68
quarantine features, 161
updating, 68
Ping, 71, 187, 297
PKI (public key infrastructure), 52, 56
Pocket PC (Microsoft), 6, 65
Point of Presence (POP) information. See POP (Point of Presence) information
Point-to-Point Protocol (PPP). See PPP (Point-to- Point Protocol)
Point-to-Point Tunneling Protocol (PPTP). See PPTP (Point-to-Point Tunneling Protocol)
policies. See also Group Policy
AAA infrastructure, 90–92
authorization, 31
certificates, 99
conditions, 91, 197
configuring, 117–119
Connection Manager, 141–149
creating, 141–149, 226–227
deployment, 117–119, 214, 226–227, 248, 259–260
described, 31, 117
IAS, 117–119, 226–227
packet filtering, 48
permissions, 91, 197
profiles, 91, 197
quarantine features, 46, 141–149
remote deployment, 250, 253
reviewing, 150
site-to-site VPNs, 178–181, 185, 196–198, 214,
226–227
split tunneling, 87
troubleshooting, 298, 303
unable to connect problems, 298, 303
VPN routers, 178–181
VPN servers, 82
Policy Configuration Method page, 117, 141, 143, 144, 226
Policy Encryption Level page, 118, 141, 143, 144, 227
POP (Point of Presence) information, 33, 68
ports
L2TP, 81
PPTP, 81, 181
RADIUS, 95
site-to-site VPNs, 177, 181, 190
TCP, 190
UDP, 95, 190
VPN servers, 81
Ports object, 121, 298, 299
postconnect actions, 124
PPP (Point-to-Point Protocol), 20–23, 55, 56
L2TP/IPSec, 41
logs, 280
site-to-site VPNs, 13, 169, 177, 188
troubleshooting, 280, 282
Ppp.log, 280
PPTP (Point-to-Point Tunneling Protocol)
advantages, 26, 52, 56
authentication, 40
clients, 64, 76
Connection Manager, 67, 129, 143, 167
demand-dial routing, 217, 221
deployment, 102, 118, 121, 205, 214, 216–217
described, 18, 23
dictionary attacks, 24
disadvantages, 76
extranets, 268–269
future directions, 58
Industry Forum, 54
interoperability, 51-54
IP datagrams, 23
L2TP/IPSec, 24–28, 76
NAT, 76
packet filtering, 43
passwords, 24
policies, 118
ports, 181
quarantine features, 143, 167
site-to-site VPNs, 173, 177–180, 182, 184, 187–191
troubleshooting, 282, 285, 287, 299, 300
tunneling, 19–20
unable to connect problems, 300
VPN servers, 121
when to use, 75–77
preconnect actions, 124
preshared keys, 54, 55, 70
configuring, 202
described, 28
L2TP/IPsec, 28–30, 75
site-to-site VPNs, 202
private virtual circuits (PVCs). See PVCs (private virtual circuits)
private-key encryption, 44, 45. See also encryption
profiles, 130, 136, 160–168
packet filtering, 48
policies, 91, 197
troubleshooting, 284, 298
Protocols And Security page, 218, 221
proxy servers, 287. See also Winsock Proxy
PSTN (public switched telephone network), 14, 15, 270
public-key encryption, 44, 45, 52, 56. See also encryption
public key infrastructure (PKI). See PKI (public key infrastructure)
Publish Certificate In Active Directory option, 108
PVCs (private virtual circuits), 240