8.6.4   Virtual private networks

With a Virtual Private Network, connections across the public network can transfer data using the routing infrastructure of the Internet, but to the user it appears as though the data were being sent over a dedicated private link. VPNs accomplish this by "tunneling" through the Internet or another public network in a manner that provides the same security and features as a private network.   WebAccess supports VPNs and Intranets.

This section describes how to install virtual private networking (VPN) and how to create a new VPN connection in Windows 2000.

Components of a VPN

A VPN in Windows 2000 consists of a VPN server, a VPN client, a VPN connection (the portion of the connection in which the data is encrypted), and the tunnel (the portion of the connection in which the data is encapsulated). The tunneling is done through one of the tunneling protocols included with Windows 2000, both of which are installed with Routing and Remote Access. The two tunneling protocols included with Windows 2000 are:

·         Point-to-Point Tunneling Protocol (PPTP) Provides data encryption using Microsoft Point-to-Point Encryption

·         Layer Two Tunneling Protocol (L2TP) provides data encryption, authentication, and integrity using IPSec.

Your connection to the Internet should use a dedicated line such as T1, Fractional T1, or Frame Relay. The WAN adapter must be configured with the IP address and subnet mask assigned for your domain or supplied by an Internet service provider (ISP), as well as the default gateway of the ISP router.

NOTE: To enable VPN, you must be logged on using an account that has administrative rights.