[X]   Directory of
Guides & Reviews

Beginners Guides
Motherboards by Brand
Weekly Newsletter
Archived Newsletters

+70 MORE Beginner GUIDES....
Beginners Guides: VPNs and Internet Connection Security
Beginners Guides: VPNs and Internet Connection Security - PCSTATS
This article is intended to deal with creating Virtual Private Networks (VPNs) to connect a home network with the outside world.
 100% Rating:   
Filed under: Beginners Guides Published:  Author: 
External Mfg. Website: PCSTATS Nov 16 2005   M. Dowler  
Home > Reviews > Beginners Guides > PCSTATS

Types of VPN - PPTP

Since this guide deals with the creation of Virtual Private Networks within the various Windows operating systems, we will deal in detail only with the two VPN implementations that Microsoft supports, "Point to Point Tunneling Protocol "(PPTP) and "Layer Two Tunneling Protocol with IPSec" (L2TP/IPSec).

First, let's have a look at the aptly named Point to Point Tunneling Protocol

Currently the most common method of Virtual Private Network connection, and certainly the easiest to set up in a Windows environment is Point to Point Tunneling Protocol (PPTP). Microsoft's implementation of PPTP uses the Point-to-Point Protocol (PPP) to initially encapsulate the data, then encrypts this with Microsoft's Point-to-Point Encryption (MPPE). Authentication is provided by Windows' built in dial-up authentication protocols; MS-CHAP, MS-CHAP v2 (Microsoft Challenge Handshake Authentication Protocol) and EAP (Extensible Authentication Protocol).

These protocols provide a means of authenticating both the client and the VPN server by means of a user name and password, in the case of MS-CHAP, or a computer certificate or smart card in the case of EAP.

Once the data is encrypted, it is encapsulated again, this time inside a GRE (Generic Routing Encapsulation) packet, which provides the information necessary to transmit PPP information over the Internet. We now have the original data encrypted and enclosed within a Point-to point protocol data packet, then further encapsulated within a GRE packet for transmission across the Internet. To successfully transmit the data, two more layers must be added.

First, an IP header containing the source and destination IP addresses is constructed, then finally a data-link header and trailer appropriate to the type of network being used. In the case of the internet, an Ethernet header with the appropriate MAC addresses for the local network interface and the gateway. PPTP uses a separate, unencrypted command channel to carry the commands used to open, close and maintain the connection. This uses port 1723 on the server, and a dynamic port on the client.

A newer VPN technology, L2TP (Layer 2 Tunneling Protocol) combines some of the features of PPTP with Cisco's Layer 2 Forwarding (L2F) Protocol. In the Windows implementation, L2TP wraps the whole thing up in Microsoft's version of the IPSec (IP Security) encryption and authentication protocols.

IPSec is used both to encrypt the data securely and to authenticate both ends of the connection at the computer level via the exchange of a security certificate or pre-shared key. Standard PPP authentication (MS-CHAP, EAP) is still used to validate the user with a user name and password combination. As with PPTP virtual private networks, the IPSec authentication provides an extra level of security by assuring that the machines at both ends of the VPN are known and trusted.

L2TP can be used without IPSec, but this would not be a feasible option, as it uses no other form of encryption. L2TP VPNs do not use a separate, unencrypted connection to send control information as PPTP ones do. Rather, data needed to start, maintain and close a VPN tunnel through the Internet is sent and received through the same port, in the same form as the data from that tunnel, using L2TP control data instead of the PPP encapsulated data that would normally be the payload. L2TP uses IPSec to encrypt and unencrypt both the control and the data packets.

< Previous Page © 2023 PCSTATS.com
Please respect the time and effort that went into creating each PCSTATS Beginners Guide, do not illegally copy. Thank you.
Next Page >


Contents of Article: PCSTATS
 Pg 1.  Beginners Guides: VPNs and Internet Connection Security
 Pg 2.  Network Tunneling
 Pg 3.  — Types of VPN - PPTP
 Pg 4.  L2TP with IPSec
 Pg 5.  Creating a VPN in Windows XP
 Pg 6.  Setting up a VPN continued
 Pg 7.  VPN and Security Options

Hardware Sections 

PCSTATS Network Features Information About Us Contact
PCSTATS Newsletter
Tech Glossary
Technology WebSite Listings
News Archives
(Review RSS Feed)
Site Map
PCstats Wallpaper
About Us
Privacy Policy
Advertise on PCSTATS

How's Our Driving?
© Copyright 1999-2023 www.pcstats.com All rights reserved. Privacy policy and Terms of Use.