Virtual Private Network - the Netgroup at Politecnico di Torino
Virtual Private Network - the Netgroup at Politecnico di Torino Virtual Private Network - the Netgroup at Politecnico di Torino
Access VPN: Two Protocols • L2TP (Layer 2 Tunneling Protocol) • Not widely implemented in terminals • Idependent of layer 2 protocol • Security through IPsec • Strong • But complicated • PPTP (Point-to-Point Tunneling Protocol) • Originally proposed by Microsoft, Apple, … • Integrated in the dial-up networking • Multiprotocol • Weak encryption and authentication • Proprietary key management VPN - 46 © M. Baldi & L. Ciminiera: see page 2
Layer 2 Tunneling Protocol Original Reference Scenario Corporate Network PPP LAC L2TP Tunnel Control Connection LNS INTERNET L2TP Session Provider provisioned deployment mode VPN - 47 © M. Baldi & L. Ciminiera: see page 2
- Page 1 and 2: VPN Virtual Private Network Mario B
- Page 3 and 4: A Definition Virtual Private Networ
- Page 5 and 6: Why VPN? VPNs enable cutting costs
- Page 7 and 8: Why VPN? VPN enable selective and f
- Page 9 and 10: Example VPN - 9 © M. Baldi & L. Ci
- Page 11 and 12: VPN Deployment Scenarios • Intran
- Page 13 and 14: Intranet characteristics • Secure
- Page 15 and 16: Extranet VPN • Restricted access
- Page 17 and 18: Remote User Access • Shared infra
- Page 19 and 20: Example of intranet VPN VPN - 19 ©
- Page 21 and 22: Internet Access • Centralized (co
- Page 23 and 24: Distributed Internet Access INTERNE
- Page 25 and 26: VPN Models • Peer Model • MPLS
- Page 27 and 28: Provider provisioned and customer p
- Page 29 and 30: Layer 2 VPNs • Virtual Private LA
- Page 31 and 32: A Tassonomy of VPN Technologies VPN
- Page 33 and 34: VPN Components VPN - 33 © M. Baldi
- Page 35 and 36: Tunneling • A and B are enterpris
- Page 37 and 38: GRE • Generic Routing Encapsulati
- Page 39 and 40: IPv4 Encapsulation and Routing Info
- Page 41 and 42: New fields • Key (high 16 bit)
- Page 43 and 44: Access VPN: Two Deployment Modes VP
- Page 45: Highlights of Virtual Dial-Up • A
- Page 49 and 50: L2TP Header • Control Message •
- Page 51 and 52: Other header fields • Ns • Nr
- Page 53 and 54: Tunnels and sessions • Multiple s
- Page 55 and 56: Establishing sessions • A session
- Page 57 and 58: Security issues • Tunnel endpoint
- Page 59 and 60: Point-to-Point Tunneling Protocol (
- Page 61 and 62: PPTP Header Length Magic cookie Dat
- Page 63 and 64: Authentication Header Protocol (AH)
- Page 65 and 66: IPsec VPNs IPsec tunnel between VPN
- Page 67 and 68: IPSec modes of operation • Tunnel
- Page 69 and 70: Internet Key Exchange (IKE) protoco
- Page 71 and 72: VPN Gateway Positioning VPN - 71 ©
- Page 73 and 74: IPsec, VPN Gateways and NATs • Au
- Page 75 and 76: Peer VPN and MPLS-based Solutions V
- Page 77 and 78: MPLS-based Layer 2 VPNs: PWE3 • P
- Page 79 and 80: MPLS-based Layer 3 VPNs • Provide
- Page 81 and 82: MPLS VPN Components • CE router c
- Page 83 and 84: Control Plane • Establishment of
- Page 85 and 86: Packet Routing • PE2 looks-up VRF
- Page 87 and 88: Benefits • No constraints on addr
- Page 89 and 90: MPLS/Virtual Router VPNs • PEs ex
- Page 91 and 92: References • E. Rosen and Y. Rekh
Access VPN: Two Protocols<br />
• L2TP (Layer 2 Tunneling Protocol)<br />
• Not widely implemented in terminals<br />
• Idependent of layer 2 protocol<br />
• Security through IPsec<br />
• Strong<br />
• But complic<strong>at</strong>ed<br />
• PPTP (Point-to-Point Tunneling Protocol)<br />
• Originally proposed by Microsoft, Apple, …<br />
• Integr<strong>at</strong>ed in <strong>the</strong> <strong>di</strong>al-up networking<br />
• Multiprotocol<br />
• Weak encryption and au<strong>the</strong>ntic<strong>at</strong>ion<br />
• Proprietary key management<br />
VPN - 46 © M. Bal<strong>di</strong> & L. Ciminiera: see page 2