Solved

VPN basics

Posted on 2011-09-20
2
234 Views
Last Modified: 2012-06-11
Excuse my ignornace, but in management speak, how does the VPN process actually work?

Say users A sat at home wants to connect to corporate network A, what does he have on his machine, and how does he "connect". I have some experience with citriix whereby we need the citrix client installed on home machines, and then we just visit a specific web page authenticate via domain credentials, and it logs us in.

Is that the same with VPN? client software, visiit a website, authenticate with domain creds, then you are in? Or is it more complex.

Please keep answers in management speak where poss?

And what security issues/concerns are there with VPN ?
0
Comment
Question by:pma111
2 Comments
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 250 total points
ID: 36566303
It depends on solution. If you are using Windows Server as VPN server, then you need to have an access from the Internet to that server. Then you need to specify connection rule on a VPN. Mostly domain user's credentials or group membership is used for that. Then user provides IP address and domain user with password to connect to the company. After that, browsing network resources is available. No special software is necessary, because Windows supports it natively (you need to only configure VPN connection similarly to WiFi connection).

More about VPN on Windows at

for 2003 http://www.techrepublic.com/article/configure-a-windows-server-2003-vpn-on-the-server-side/5805260
for 2008 http://www.windowsecurity.com/articles/Configuring-Windows-Server-2008-Remote-Access-SSL-VPN-Server-Part1.html

Using hardware based solution, you need to define some ACLs on a device and provide 3rd party software to connect to the company (by default included from device manufacturer).

Regards,
Krzysztof
0
 
LVL 26

Assisted Solution

by:Fred Marshall
Fred Marshall earned 250 total points
ID: 36571204
I find it easier to describe a site-to-site VPN first.  
And, for simplicity (?) let's assume that you have public IP addresses available for this purpose at each end.

Assume your internet gateway/router is something like a Linksys/Cisco RV042.  It will have the public IP address assigned to the site.  It will be the internet gateway for the site.  It will also be the VPN box for the site and will support up to 50 VPNs.

You set up a VPN tunnel between the two sites.
This gives users at each end the ability to address hosts on the other side.
The subnets at each end have to be different.  Otherwise things wouldn't be routed to the tunnel.

The VPN is an encrypted tunnel through the internet.  You can select the best possible encryption or not depending on your needs for efficiency, etc.  

OK.

Now how about a client to site VPN?

Assume there's an RV042 gateway at the main site.
Then you use software on the remote client(s) to access the main site through client VPNs that are set up on the RV042.
I've not gotten this to work but others certainly have.  I've just not tried very hard.

There are a number of client programs for this purpose.  Just Google "RV042 VPN Client"


As far as I'm concerned, Citrix provides you with the same technology but keeps you out of the details.
If you roll your own as above then you eliminate that 3rd party (Citrix)  .. if that matters to you.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question