![Page 1: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/1.jpg)
Virtual Private Networks
![Page 2: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/2.jpg)
Why VPN
• Fast, secure and reliable communication between remote locations– Use leased lines to maintain a WAN.– Disadvantages
• High Cost
• No flexibility
![Page 3: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/3.jpg)
What is VPN
• Virtual Private Network is a private network that uses a public network (usually the Internet) to connect remote sites or users together. Instead of using a dedicated connection such as leased line, a VPN uses “virtual” connections routed though the internet.
![Page 4: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/4.jpg)
VPN Types
• Remote-access– single remote network device to intranet
• Site-to-site
connect multiple fixed sites over a public network – Intranet -based – Extranet-based
![Page 5: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/5.jpg)
VPN Technologies
• Tunneling
• Authentication
– Identity verification of network system.
• Access Control
– When an access request is presented, resource makes a decision to allow the access request to proceed or not.
– Performed at tunnel endpoints.
![Page 6: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/6.jpg)
Tunneling• Tunneling is the transmission of data intended for use only
within a private, usually corporate network through a public network in such a way that the routing nodes in the public network are unaware that the transmission is part of a private network.
A
C
D
E
F
GH I
B
Tunnel
![Page 7: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/7.jpg)
Payload
Payload
Original IP Header
New IP Header
Original IP Header
![Page 8: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/8.jpg)
VPN Tunneling Protocols
• Layer 2 tunneling protocols
– A link layer frame is placed into the payload of a protocol data unit(PDU) from some other layer, including another layer 2 frame.
– Tunnel PPP frames through an IP network.
– Point-to-Point Tunneling Protocol (PPTP),Layer 2 Forwarding protocol (L2F), Layer 2 Tunneling Protocol (L2TP).
![Page 9: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/9.jpg)
VPN Tunneling Protocols
• Layer 3 tunneling protocols– A layer 3 frame is placed into the payload of a protocol
data unit(PDU) from some other layer,or another layer 3 packet.
– VPNs within an IP network– IPsec
• Label switching protocol– Label is placed between layer 2 and layer 3 header.– MPLS
![Page 10: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/10.jpg)
Layer 2 tunneling protocol• Tunnel PPP frames through the internet to the home
network.
• Tunneling protocol
– Access concentrator(Client part)
– Network Server(server part)
![Page 11: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/11.jpg)
PPTP
• PPP access by remote computers to a private network through the Internet
1. Remote user dials in to the local ISP network access server using PPP.
![Page 12: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/12.jpg)
PPTP
2. The PAC establishes a control channel (TCP) across the PPP connection and through the internet to the PNS attached to the home network.
![Page 13: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/13.jpg)
PPTP
3. Parameters for the PPTP channel are negotiated over the control channel, and the PPTP tunnel is established.
![Page 14: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/14.jpg)
PPTP
4. A second PPP connection is made from the remote user, through the PPTP tunnel between the PAC and the PNS, and into the private networks NAS.
![Page 15: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/15.jpg)
PPTP
5. IP datagrams or any other protocol’s datagrams are sent inside the PPP frames
![Page 16: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/16.jpg)
L2F
Tunnel is constructed from the service provider.
1. Remote user dials in to the local ISP network access server using PPP/SLIP.
![Page 17: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/17.jpg)
L2F
2. L2F builds a tunnel from the NAS to the private network.
Uses packet-oriented protocol that provides end-to-end connectivity, such as UDP, frame relay, etc. as the encapsulating protocol.
![Page 18: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/18.jpg)
L2F
3. L2F establishes PPP connection between NAS and home gateway.
![Page 19: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/19.jpg)
L2F
4. IP packets are sent over the PPP.
![Page 20: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/20.jpg)
L2TP
![Page 21: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/21.jpg)
Comparison
• Performance
• ISP dependence.
• End-to-end security
![Page 22: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/22.jpg)
IPsec
Payload
Payload
Original IP Header
New IP Header
Original IP Header
Security Header
• Protocol suite
• AH and ESP protocol
• Tunnel mode of operation
• Headers added to original packet.
![Page 23: Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages](https://reader035.vdocuments.us/reader035/viewer/2022062500/56649d055503460f949d8ebd/html5/thumbnails/23.jpg)
MPLS
Payload
Payload
IP Header
Link Layer Header
IP Header MPLS
Shim