Bookmark
Page

VPN, Not Just Another Acronym

Today’s tech tip is about VPNs. VPN stands for Virtual Private Network, which uses public lines, such as the Internet or public phone lines, to create a secure connection between computers, or between a remote computer and a local area network. Encryption, authentication and other security techniques are uses to create a ‘tunnel’ through which data can be transmitted without interception.

It is easier to create this tunnel using the phone lines, because there is a wired connection between the two points. The data transmission itself does not need any routing information, and the message can go from one end to the other completely encrypted. Over the Internet, the data packets need to have routing information that is not encrypted. This is usually done by enclosing the encrypted data packet inside another packet that has the routing header.

There are a few common scenarios where a VPN comes in handy. For instance:

• Mobile Users – Many companies have outside salespeople or field technicians who carry laptops and need to connect to the network in the home office. While it is possible for these outside people to dial in over the long-distance lines, which are relatively secure, this requires large banks of modems and creates hefty phone bills. The Internet is much more convenient, and the larger ISPs have local numbers available in most major cities. Many hotels and other facilities for travelers also now have broadband connections for their guests. The drawback is the lack of security, and this is taken care of with a VPN.
  
  
• Remote Office – An organization with satellite offices will want to create a WAN that ties these offices into the central network. A dedicated line will provide the maximum security, but can be prohibitively expensive. Providing each office with an Internet connection and VPN software is much more practical in most cases. If traffic between sites is only occasional, a VPN using a dial-up connection is an option.
  
  
• Cable Modem or xDSL – Telecommuting is a growing trend that allows employees to work at home, using a high-speed Internet connection via cable or xDSL to access the home office. The connection is always on and much faster than a dial-up, but much less secure. Again, a VPN provides security along with the convenience.
  
  
• Configuring a VPN – The remote user will require a PPTP client on their system, PPTP stands for Point-to-Point Tunneling Protocol. With Windows 98 and above, the PPTP client is built in and needs only to be enabled. Windows 95 users must upgrade to Dial-Up Networking 1.2 and configure the VPN client. It may also require upgrading the operating system.
  

On a LAN that has a number of remote users, a server is set up to handle the traffic. This is called a Remote Access Server, or RAS. The server handles the encryption/decryption as well as authenticating incoming users. It may use PPTP or another protocol called L2TP/IPSec. The name refers to the fact that it uses Level 2 (the Transport layer) of TCP/IP, and the IPSec protocol for Internet security. In either case, the RAS server is configured with two network cards, one facing the Internet and the other connecting to the internal LAN. These connections should be installed and tested before continuing.

On the client (user) end, the VPN is configured as a network and dial-up connection. From the server, RAS is used to configure it as a VPN server. This all takes just a little bit of extra effort (especially on the server end), but once the VPN is set up, connecting up and logging is almost like being in the main office.

Disclaimer - The Micro 2000 Tech Tip is a free service providing information only. While we use reasonable care to see that this information is correct, we do not guarantee it for accuracy, completeness or fitness for a particular purpose. Micro 2000, Inc. shall not be liable for damages of any kind in connection with the use or misuse of this information.