There are two types of VPN connections:
* Remote access VPN connection
* Site-to-site VPN connection
Remote Access VPN Connection
A remote access client makes a remote access VPN connection to a VPN server that connects the remote access client to a private network. ISA Server provides access to the entire network to which the VPN server is attached.By using the ISA Server computer as the VPN server, you can manage VPN client access to the corporate network. VPN clients can be quarantined by ISA Server in the Quarantined VPN Clients network, until their compliance with corporate security requirements is verified, and can then be moved to the VPN Clients network. Both of these VPN client networks are subject to your ISA Server firewall access policy, so that you can control VPN client access to network resources.
Site-to-Site VPN Connection
A site-to-site VPN connection connects two separate private networks. ISA Server provides a connection to the network to which the ISA Server array is attached.
There are three VPN protocols for site-to-site connections:
* PPTP
* L2TP over IPsec
* IPsec tunnel mode
PPTP
Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables the secure transfer of data from a remote client to a private enterprise server by creating a VPN across TCP/IP-based data networks. PPTP supports on-demand, multiple protocol, virtual private networking over public networks such as the Internet. PPTP allows IP traffic to be encrypted, and then encapsulated in an IP header to be sent across a corporate IP network or a public IP network such as the Internet.
L2TP over IPsec
Layer Two Tunneling Protocol (L2TP) is an industry standard tunneling protocol that provides encapsulation for sending Point-to-Point Protocol (PPP) frames across packet-oriented media. L2TP allows IP traffic to be encrypted, and then sent over any medium that supports point-to-point datagram delivery, such as IP. The Microsoft implementation of the L2TP protocol uses Internet Protocol security (IPsec) encryption to protect the data stream from one VPN server to the other VPN server. IPsec tunnel mode allows IP packets to be encrypted, and then encapsulated in an IP header to be sent across a corporate IP network or a public IP network such as the Internet.
PPTP connections require only user-level authentication through a PPP-based authentication protocol. L2TP over IPsec connections require the same user-level authentication and, in addition, computer-level authentication using computer certificates or a preshared key.
IPsec tunnel mode
When Internet Protocol security (IPsec) is used in tunnel mode, IPsec itself provides encapsulation for IP traffic only. The primary reason for using IPsec tunnel mode is interoperability with other routers, gateways, or end systems that do not support L2TP over IPsec or PPTP VPN tunneling
Saturday, January 3, 2009
Subscribe to:
Post Comments (Atom)
1 comments:
I used logmein for quite a while and am very impressed with it's over all performance. But if you want the most bang for your buck (and that buck being free) try TeamViewer. the client can be installed or just ran. tt also runs at start up and lets you reboot. It does just about everything log me in does but with more features and for private use you don't have to pay for it. Unlike log me in who you have to pay for things like file transfer and such. It also lets you reverse control and do presentations with it as well. Also you can set up a VPN with it (this feature requires the client to be installed not just ran) of coarse all traffic is encrypted as well. recording the sessions is also an option and you can disable control at the machine that you remoted into so someone doesn't mess with your session. It also has a version for U3 flash drives. I would highly recommend that you check this program out.
Post a Comment