[X]   Directory of
Guides & Reviews

Beginners Guides
Motherboards by Brand
Weekly Newsletter
Archived Newsletters

+70 MORE Beginner GUIDES....
Beginners Guides: VPNs and Internet Connection Security
Beginners Guides: VPNs and Internet Connection Security - PCSTATS
This article is intended to deal with creating Virtual Private Networks (VPNs) to connect a home network with the outside world.
 100% Rating:   
Filed under: Beginners Guides Published:  Author: 
External Mfg. Website: PCSTATS Nov 16 2005   M. Dowler  
Home > Reviews > Beginners Guides > PCSTATS

L2TP with IPSec

In form, L2TP/IPSec differs considerably from PPTP. Data is first encapsulated in a PPP packet similarly to the former method, and a PPP header added. An L2TP header containing the necessary information to convey the data through the Internet is next, followed by a UDP header. UDP, part of the TCP/IP suite of protocols, is the protocol L2TP VPNs use to transmit and receive data through ports.

Assuming IPSec is used, L2TP will then encapsulate and encrypt the above contents, adding an authentication trailer which will allow the receiving computer to verify the sender. The encrypted payload is then provided with an IP header for source and destination addresses, and a data-link header and trailer specific to the form of network the VPN will traverse, just as is done with PPTP encapsulation.

IPSec combined with L2TP is considerably more secure than the PPTP method of creating a VPN, but it has some notable drawbacks, especially for home users. The biggest being that that Microsoft designed their implementation to be used primarily with security certificates.

Obtaining these certificates for a home Virtual Private Network requires a copy of Windows 2000 or 2003 Server in order to use certificate services to create them. Another option is to go the route of an open source CA (certificate authority) software, or purchase a certificate from a vendor such as www.Verisign.com. This is a bit beyond the scope of this article however.

L2TP/IPSec can use preshared keys to authenticate, which involves assigning an identical key value (words and/or numbers) to each computer that wish to connect. This key is used by IPSec to validate the computer as a trusted machine. Setup is still rather complicated with this method however. More on this later.

The major issue with L2TP/IPSec as it stands is that it can be intimidating to set up for the casual user. While Windows XP supports the hosting of L2TP/IPSec connections according to the product docs, and there are plenty of instructions available to set up your XP system as an L2TP client, just try to find instructions for setting up XP as a VPN server with a preshared key!

The Microsoft article which purports to contain this information, at least in the introduction; "The following sections describe how to configure the preshared keys on both the L2TP client and the server." seems to have the relevant information rather clumsily removed. See for yourself. https://support.microsoft.com/default.aspx?scid=kb;en-us;281555

the lack of relevant help documents means that the user is going to have to wade through the local security policy ipsec section to enable support for ipsec vpns. this is neither fun nor easy. better to go to the dentist and have a root canal, it's much less painful.

< Previous Page © 2023 PCSTATS.com
Please respect the time and effort that went into creating each PCSTATS Beginners Guide, do not illegally copy. Thank you.
Next Page >


Contents of Article: PCSTATS
 Pg 1.  Beginners Guides: VPNs and Internet Connection Security
 Pg 2.  Network Tunneling
 Pg 3.  Types of VPN - PPTP
 Pg 4.  — L2TP with IPSec
 Pg 5.  Creating a VPN in Windows XP
 Pg 6.  Setting up a VPN continued
 Pg 7.  VPN and Security Options

Hardware Sections 

PCSTATS Network Features Information About Us Contact
PCSTATS Newsletter
Tech Glossary
Technology WebSite Listings
News Archives
(Review RSS Feed)
Site Map
PCstats Wallpaper
About Us
Privacy Policy
Advertise on PCSTATS

How's Our Driving?
© Copyright 1999-2023 www.pcstats.com All rights reserved. Privacy policy and Terms of Use.