Virtual Private Networking in Windows 2003


A virtual private network (VPN) is the extension of a private network that encompasses links across shared or public networks like the Internet. A VPN allows data to be sent between two computers across the Internet in a manner that emulates a point-to-point private link. With a virtual private network, illustrated in Figure 26.2, a point-to-point link, or tunnel, is created by encapsulating or wrapping the data with a header that provides routing information that allows the data to travel through the Internet. A private link is created by encrypting the data for confidentiality; data packets that are intercepted while traveling through the Internet are unreadable without the proper encryption keys.

Figure 26.2. Virtual private networking across the Internet.


VPN technology provides corporations with a scalable and low-cost solution for remote access to corporate resources. VPN connections allow remote users to securely connect to their corporate networks across the Internet. Remote users would access resources as if they were physically connected to the corporate LAN.

Components Needed to Create a VPN Connection

A virtual private network connection requires a VPN client and a VPN server. A secured connection is created between the client and server through encryption that establishes a tunnel, as shown in Figure 26.3.

Figure 26.3. Establishing a VPN tunnel between a client and server.


The VPN Client

A VPN client is a computer that initiates a VPN connection to a VPN server. It can be a remote computer that establishes a VPN connection or a router that establishes a router-to-router VPN connection. Microsoft clients including Windows NT 4.0, Windows 9x, Windows 2000, and Windows XP can create a remote access VPN connection to a Windows Server 2003 system.

Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003based computers running RRAS can create router-to-router VPN connections to a Windows Server 2003 VPN server. VPN clients can also be any non-Microsoft PPTP client or L2TP client using IPSec.

The VPN Server

A VPN server is a computer that accepts VPN connections from VPN clients. It can provide a remote access VPN connection or a router-to-router VPN connection. The VPN server name or IP address must be resolvable as well as accessible through corporate firewalls.

Tunnel/VPN Connection

The tunnel is the portion of the connection in which data is encapsulated. The VPN connection is the portion of the connection where the data is encrypted. The data encapsulation, along with the encryption, provides a secure VPN connection.

Note

A tunnel that is created without the encryption is not a VPN connection because the private data is sent across the Internet unencrypted and can be easily read.


Internet/Intranet Infrastructure

A shared or public internetwork is required to establish a VPN connection. For Windows Server 2003, the transit internetwork is always an IP-based network that includes the Internet as well as a corporation's private IP-based intranet.




Microsoft Windows Server 2003 Unleashed(c) R2 Edition
Microsoft Windows Server 2003 Unleashed (R2 Edition)
ISBN: 0672328984
EAN: 2147483647
Year: 2006
Pages: 499

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net