Virtual Private Network(VPN)
Overview
Network Access Infrastructure
Components of Network Access Infrastructure
Types of Network Access Clients
Network Access Authentication & Authorization
Configuring VPN
Controlling User Access
VPN Client-Connects to a network across a shared or public network-Emulates a point-to-point link on a private network
Dial-Up Client-Creates a physical connection to a port on a remote access serveron a private network-Uses a modem or ISDN adapter to dial in to the remote access server
Wireless Client-Connects to a network by infrared light or radio frequency technologies-Includes many different types of devices
Configuring VPN
How VPN Works
A VPN extends a private network across shared or publicnetworks, such as the Internet1.VPN client calls the VPN server2.VPN server answers the call3.VPN server authenticates and authorizes the client4.VPN server transfers data
Components of VPN
VPN ClientTransit NetworkVPN Tunnel Tunneling Protocols Tunneled DataVPN ServerAuthenticationAddress and Name Server Allocation
VPN Encryption Protocols
PPTP-Uses PPP user authentication and MPPE
L2TP/IPSec-Uses PPP user authentication over a connection that is encryptedwith IPSec
Requirement for VPN Sever
Identify which network interface connects to the Internet andwhich network interface connects to the private network
Identify whether clients receive IP address from DHCP server or the VPN server
Identify whether to authenticate by using RADIUS or by using VPN server
Controlling User Access
User Account Dial-In Permissions
Prior to access using VPN, user needs to be granted permissions to dial-in
Configure the following dial-in properties-Remote access permissions-Verify caller ID-Callback options-Assign a static IP address-Apply static routes
Remote Access Policy
Elements in the Remote Access PolicyConditions-One of more attributes used to determine if the policy applies to the connection attemptRemote access permission-The permission is either granted or deniedProfile-Settings that are applied to a connection when it is authorized
Remote Access Policy Profile
Remote Access Policy Process