Virtual Private Networks

Front Cover
"O'Reilly Media, Inc.", 1999 - Computers - 211 pages

Historically, only large companies could afford secure networks, which they created from expensive leased lines. Smaller folks had to make do with the relatively untrusted Internet. Nowadays, even large companies have to go outside their private nets, because so many people telecommute or log in while they're on the road. How do you provide a low-cost, secure electronic network for your organization?The solution is a virtual private network: a collection of technologies that creates secure connections or "tunnels" over regular Internet lines--connections that can be easily used by anybody logging in from anywhere. A number of products now exist to help you develop that solution.This book tells you how to plan and build a VPN. It starts with general concerns like costs, configuration, and how a VPN fits in with other networking technologies like firewalls. It continues with detailed descriptions of how to install and use VPN technologies that are available for Windows NT and Unix, such as PPTP and L2TP, Altavista Tunnel, Cisco PIX, and the secure shell (SSH).New features in the second edition include SSH, which is a popular VPN solution for Unix systems, and an expanded description of the IPSec standard, for which several vendors have announced support.Topics include:

  • How the VPN compares to other available networking technologies
  • Introduction to encryption, firewalls, the IPSec standard, and other technologies that let VPNs work
  • Point to Point Tunneling Protocol (PPTP) and L2TP
  • The Altavista Tunnel
  • The Cisco PIX Firewall
  • Secure Shell (SSH)
  • Maintenance and troubleshooting
 

Selected pages

Contents

Why Build a Virtual Private Network?
1
What Does a VPN Do?
2
Security Risks of the Internet
4
How VPNs Solve Internet Security Issues
5
VPN Solutions
8
A Note on IP Address and Domain Name Conventions Used in This Book
10
Basic VPN Technologies
11
Firewall Deployment
12
VPNs and AltaVista
108
Configuring and Testing the AltaVista Tunnel
119
Configuring the AltaVista Tunnel Extranet and Telecommuter Server
123
Configuring the AltaVista Telecommuter Client
131
Creating a VPN with the Unix Secure Shell
135
The SSH Software
136
Building and Installing SSH
138
SSH Components
139

Encryption and Authentication
22
VPN Protocols
32
Methodologies for Compromising VPNs
37
Patents and Legal Ramifications
43
Wide Area Remote Access and the VPN
45
VPN Versus WAN
47
VPN Versus RAS
55
Implementing Layer 2 Connections
62
Differences Between PPTP L2F and L2TP
63
How PPTP Works
64
Features of PPTP
74
Configuring and Testing Layer 2 Connections
76
Installing and Configuring PPTP on a Windows NT RAS Server
77
Configuring PPTP for Dialup Networking on a Windows NT Client
84
Configuring PPTP for Dialup Networking on a Windows 95 or 98 Client
87
Enabling PPTP on Remote Access Switches
90
Making the Calls
93
Using PPTP with Other Security Measures
97
Implementing the AltaVista Tunnel 98
99
Advantages of the AltaVista Tunnel System
100
AltaVista Tunnel Limitations
102
How the AltaVista Tunnel Works
103
Creating a VPN with PPP and SSH
144
Troubleshooting Problems
157
A Performance Evaluation
160
The Cisco PIX Firewall
162
The PIX in Action
163
Configuring the PIX as a Gateway
169
Configuring the Other VPN Capabilities
177
Managing and Maintaining Your VPN
180
Choosing an ISP
181
Delivering Quality of Service
186
Security Suggestions
187
Keeping Yourself UptoDate
190
A VPN Scenario
191
Central Office
192
Large Branch Office
193
Remote Access Users
194
A Network Diagram
195
Emerging Internet Technologies
197
Resources Online and Otherwise
201
Index
205
Copyright

Other editions - View all

Common terms and phrases