quoted from
http://www.ChicagoTech.net
Summary
Virtual Private Networks (VPN) allow users working at home, on the road or
at a branch office to connect in a secure manner to a remote corporate
server using the public Internet. VPN server or host is a computer that
accepts VPN connections from VPN clients. A VPN server or host can be a
NT/W2K server or W2K/XP Pro. VPN client is a computer that initiates a VPN
connection to a VPN server or host. A VPN client can be an individual
computer running MS Windows NT version 4.0, Windows 2000, 9x. VPN clients
can also be any non-Microsoft Point-to-Point Tunneling Protocol (PPTP)
client or Layer Two Tunneling Protocol (L2TP) client using IPSec.
Basic VPN Requirement
a.. User Permission. Enable a user to access the VPN. To do this, go to AD
Users and Computers, select the user who need to access the VPN, click
Dial-in. Check Allow access on the Remote Access Permission (Dial-in or
VPN).
b.. IP Configuration. The VPN server should have a static IP address and
assign the arrange IP addresses to VPN clients. The VPN server must also be
configured with DNS and WINS server addresses to assign to the VPN client
during the connection.
c.. Data Encryption. Data carried on the public network should be rendered
unreadable to unauthorized clients on the network.
d.. Protocol Support. The TCP/IP is common protocols used in the public
network. The VPN also include IP, Internetwork Packet Exchange (IPX),
NetBEUI and so on.
e.. Firewall Ports. When you place a VPN server behind your firewall, be
sure to enable IP protocol 47 (GRE) and TCP port 1723.
f.. Interface(s) for VPN server. If your network doesn't have a router or
the VPN is also a gateway, your computer must have at least two interfaces,
one connecting to the Internet and another connecting to the LAN. If it
behind a router, you just need one NIC.
g.. One interface for VPN client. The interface can be a dial-in modem, or
a dedicated connection to the Internet.
--
For more and other information, go to
http://www.ChicagoTech.net
Don't send e-mail or reply to me except you need consulting services.
Posting on MS newsgroup will benefit all readers and you may get more help.
Robert Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on
http://www.ChicagoTech.net
This posting is provided "AS IS" with no warranties.
