Virtual Private Network(VPN)

Configuring VPN

How VPN Works

A VPN extends a private network across shared or publicnetworks, such as the Internet1.VPN client calls the VPN server2.VPN server answers the call3.VPN server authenticates and authorizes the client4.VPN server transfers data

Components of VPN

VPN ClientTransit NetworkVPN Tunnel Tunneling Protocols Tunneled DataVPN ServerAuthenticationAddress and Name Server Allocation

VPN Encryption Protocols

PPTP-Uses PPP user authentication and MPPE

L2TP/IPSec-Uses PPP user authentication over a connection that is encryptedwith IPSec

Requirement for VPN Sever

Identify which network interface connects to the Internet andwhich network interface connects to the private network

Identify whether clients receive IP address from DHCP server or the VPN server

Identify whether to authenticate by using RADIUS or by using VPN server

Overview

Network Access Infrastructure

Components of Network Access Infrastructure

Types of Network Access Clients

VPN Client-Connects to a network across a shared or public network-Emulates a point-to-point link on a private network

Dial-Up Client-Creates a physical connection to a port on a remote access serveron a private network-Uses a modem or ISDN adapter to dial in to the remote access server

Wireless Client-Connects to a network by infrared light or radio frequency technologies-Includes many different types of devices

Network Access Authentication & Authorization

Domain Controller:Authentication Validates-a user’s credentials during a connection attemptNetwork Access Server:Authorization-Verifies that the authenticated user is allowed to access the resource

Controlling User Access

User Account Dial-In Permissions

Prior to access using VPN, user needs to be granted permissions to dial-in

Configure the following dial-in properties-Remote access permissions-Verify caller ID-Callback options-Assign a static IP address-Apply static routes

Remote Access Policy

Elements in the Remote Access PolicyConditions-One of more attributes used to determine if the policy applies to the connection attemptRemote access permission-The permission is either granted or deniedProfile-Settings that are applied to a connection when it is authorized

Remote Access Policy Profile

Remote Access Policy Process