The virtual private network (VPN) technology allows users working outside the office premises connect to their private network in a cost-effective and secure way. Creating this type of internetwork is call virtual private networking. VPN uses ordinary internet as a medium to reach end point i.e. private network or inside corporate network.
In a VPN connection, data is encapsulated or wrapped up and encrypted with a header that provides routing information allowing it to traverse the shared or public transit internetwork to reach its destination. The portion of the connection in which the private data is encapsulated is known as the tunnel. VPN connections use either Point-to-Point Tunnelling Protocol (PPTP) or Layer Two Tunnelling Protocol/Internet Protocol security (L2TP/IPSec) over internet as medium.
![clip_image001[4]](http://araihan.files.wordpress.com/2009/10/clip_image0014.gif "clip_image001[4]")
Figure: A typical VPN connection, source Microsoft Corp.
So what is required to deploy VPN in an organisation. A systems administrator can accomplish VPN if he/she has the following components in place.
VPN Server (Windows 2008/2003)
Internet infrastructure with Public IP
VPN Clients (Windows 7, Windows XP or Mac OSX 10.5.x)
Intranet infrastructure (Microsoft networks, AD, DNS and DHCP with enough IP available)
Certificate infrastructure (Microsoft AD CS)
Authentication, authorization and accounting (AAA) infrastructure (Windows/Radius)
Deployment: you can install Windows server 2008 in a standard hardware with two NICs. In my situation, I used three NICs as my VPN server is also wireless authentication server. So, it works both for me (VPN+Wireless). One NIC for internal network, another for public IP (VPN) and another for wireless networks (ignore third NIC if you are not in same situation). All NICs must have static IP. You have to pipe through public IP to your VPN server. VPN server must be a domain member and computer/machine certificate installed in VPN server. I configure DHCP in VPN server. So that VPN client can obtain IP from this server not from internal DHCP server. It makes my life easy and got enough IP. You can mention existing DHCP server also while configuring VPN if you choose not to configure DHCP in VPN server. Here, I will explain about L2TP IPSec deployment. L2TP IPSec is secure and preferred VPN for me. The following screen shots will do the rest for you.
Here, you can select VPN+NAT, that will do.
Here, you have to select tunnel type, Encryption method, NASPortType. It’s highly important.
I used Microsoft server 2008 R2 as VPN server using L2TP IPSec. I used windows authentication not Radius. In this case, the secure connection appears to the user as a private network communication, however this VPN connects over a public networks. An user and a machine certificate are required to connect to VPN server. Also user must be a domain user. In your situation would certainly be different. Do as appropriate in your situation. I hope this would help you to configure VPN server.
Good to know about this information on configuring vpn server for windows. Searched online for top vpn for windows and got to know about some good and reputed ones. Looking forward to get services from ExpressVPN as 30 days money back guarantee is available there.
ReplyDeletePlease continue this great work and I look forward to more of your awesome blog posts. surfshark free trial
ReplyDeleteI was surfing net and fortunately came across this site and found very interesting stuff here. Its really fun to read. I enjoyed a lot. Thanks for sharing this wonderful information. vpn for torrenting
ReplyDelete