Virtual Private Network - the Netgroup at Politecnico di Torino

More documents

Recommendations

Info

Provider Provisioned Deployment Mode 1. Remote user initiates PPP connection with NAS that accepts the call 2. NAS identifies remote user 3. NAS initiates L2TP or PPTP tunnel to desired corporate gateway (access server) 4. Corporare gateway authenticates remote user according to corporate security policy 5. Corporate gateway confirms acceptance of tunnel 6. NAS logs acceptance and/or traffic (optional) 7. Corporate gateway performs PPP negotiations with remote users (e.g., IPaddress assignment) 8. End-to-end data tunneled between user and corporate gateway VPN - 44 © M. Baldi & L. Ciminiera: see page 2
Highlights of Virtual Dial-Up • Authentication/Security • Performed by VPN Gateway • Policies and information of the corporate network • Authorization • Performed by the VPN Gateway • Policies and information of the corporate network • Address allocation • Corporate addresses are dynamically allocated • Same access as when directly connected VPN - 45 © M. Baldi & L. Ciminiera: see page 2
Page 1 and 2: VPN Virtual Private Network Mario B
Page 3 and 4: A Definition Virtual Private Networ
Page 5 and 6: Why VPN? VPNs enable cutting costs
Page 7 and 8: Why VPN? VPN enable selective and f
Page 9 and 10: Example VPN - 9 © M. Baldi & L. Ci
Page 11 and 12: VPN Deployment Scenarios • Intran
Page 13 and 14: Intranet characteristics • Secure
Page 15 and 16: Extranet VPN • Restricted access
Page 17 and 18: Remote User Access • Shared infra
Page 19 and 20: Example of intranet VPN VPN - 19 ©
Page 21 and 22: Internet Access • Centralized (co
Page 23 and 24: Distributed Internet Access INTERNE
Page 25 and 26: VPN Models • Peer Model • MPLS
Page 27 and 28: Provider provisioned and customer p
Page 29 and 30: Layer 2 VPNs • Virtual Private LA
Page 31 and 32: A Tassonomy of VPN Technologies VPN
Page 33 and 34: VPN Components VPN - 33 © M. Baldi
Page 35 and 36: Tunneling • A and B are enterpris
Page 37 and 38: GRE • Generic Routing Encapsulati
Page 39 and 40: IPv4 Encapsulation and Routing Info
Page 41 and 42: New fields • Key (high 16 bit)
Page 43: Access VPN: Two Deployment Modes VP
Page 47 and 48: Layer 2 Tunneling Protocol Original
Page 49 and 50: L2TP Header • Control Message •
Page 51 and 52: Other header fields • Ns • Nr
Page 53 and 54: Tunnels and sessions • Multiple s
Page 55 and 56: Establishing sessions • A session
Page 57 and 58: Security issues • Tunnel endpoint
Page 59 and 60: Point-to-Point Tunneling Protocol (
Page 61 and 62: PPTP Header Length Magic cookie Dat
Page 63 and 64: Authentication Header Protocol (AH)
Page 65 and 66: IPsec VPNs IPsec tunnel between VPN
Page 67 and 68: IPSec modes of operation • Tunnel
Page 69 and 70: Internet Key Exchange (IKE) protoco
Page 71 and 72: VPN Gateway Positioning VPN - 71 ©
Page 73 and 74: IPsec, VPN Gateways and NATs • Au
Page 75 and 76: Peer VPN and MPLS-based Solutions V
Page 77 and 78: MPLS-based Layer 2 VPNs: PWE3 • P
Page 79 and 80: MPLS-based Layer 3 VPNs • Provide
Page 81 and 82: MPLS VPN Components • CE router c
Page 83 and 84: Control Plane • Establishment of
Page 85 and 86: Packet Routing • PE2 looks-up VRF
Page 87 and 88: Benefits • No constraints on addr
Page 89 and 90: MPLS/Virtual Router VPNs • PEs ex
Page 91 and 92: References • E. Rosen and Y. Rekh

Virtual Private Network - the Netgroup at Politecnico di Torino

Create successful ePaper yourself

Delete template?

Save as template?