virtual private network remote access in windows 2000

Virtual Private Networking in Windows 2000: An Overview

... public internetwork in a manner that emulates the properties of a point-to-point private link.The act of configuring and creating a virtual private network is known as virtual private networking. ... authenticating server) and all VPN client computers. • PPTP can be used by computers running Windows XP, Windows 2000, Windows NT version 4.0, Windows Millennium Edition (ME), Windows 98, and Windows ... administrators set up a master account database at the directory server or primary domain controller, or on a RADIUS server.Support in Windows 2000 The Routing and Remote Access service in Windows...

Tài liệu Module 8: Configuring Virtual Private Network Access for Remote Clients and Networks doc

Danh mục: Quản trị mạng

Virtual Private Network (VPN)

Danh mục: Kỹ thuật lập trình

... SUMMARYVPNs do not make use of dedicated leased linesVPNs send data through a secure tunnel that leads from one endpoint to another VPNs keep critical business communications private and secureVPN componentsVPN serversVPN clientsProtocols39TUNNELING PROTOCOLSLayer 2 Tunneling Protocol (L2TP)Provides better security through IPSecIPSec enables L2TP to performAuthenticationEncapsulationEncryption18TUNNELING PROTOCOLSSecure Shell (SSH)Provides authentication and encryptionWorks with UNIXbased systemsVersions for Windows are also availableUses publickey cryptographySocks V. 5Provides proxy services for applications That do not usually support proxyingSocks version 5 adds encrypted authentication and support for UDP2016ENCRYPTION SCHEMES USED BY VPNS (CONTINUED)Secure Sockets Layer (SSL) (continued)StepsServer uses its private key to decode premaster codeGenerates a master secret keyClient and server use it to generate session keysServer and client exchange messages saying handshake is completedSSL session begins34SUMMARY (CONTINUED)VPN typesSitetositeClienttositeEncapsulation encloses one packet within another Conceals the original informationVPN protocolsSecure Shell (SSH)Socks version 5PointtoPoint Tunneling Protocol (PPTP)Layer 2 Tunneling Protocol (L2TP)40 Virtual Private Network (VPN) 29BIếN ĐổI ĐÓNG GÓI TRONG VPN (ENCAPSULATION)Các buớc trong tiến trình VPN Đóng gói (Encapsulation)Mã hoá (Encryption)Xác thực (Authentication)EncapsulationĐóng gói dữ liệu và các thông số khác nhauVí dụ như IP headerBảo vệ tính nguyên vẹn dữ liệu153127VPN CORE ACTIVITY 2: ENCRYPTIONEncryptionProcess of rendering information unreadable by all but the intended recipientComponentsKeyDigital certificateCertification Authority (CA)Key exchange methodsSymmetric cryptographyAsymmetric cryptographyInternet Key ExchangeFWZ2812SUMMARY (CONTINUED)IPSec/IKEEncryption makes the contents of the packet unreadableAuthentication ensures participating computers are authorized usersKerberos: strong authentication systemVPN advantagesHigh level of security at low costVPN disadvantagesCan introduce serious security risks412410255ENCRYPTION SCHEMES USED BY VPNSTriple Data Encryption Standard (3DES)Used by many VPN hardware and software3DES is a variation on Data Encryption Standard (DES)DES is not secure3DES is more secureThree separate 64bit keys to process data3DES requires more computer resources than DES30WHY ESTABLISH A VPN?VPN combinationsCombining VPN hardware with software adds layers of network securityOne useful combination is a VPN bundled with a firewallVPNs do not eliminate the need for firewallsProvide flexibility and versatility13FIREWALL CONFIGURATION FOR VPNS37Protocol ... SUMMARYVPNs do not make use of dedicated leased linesVPNs send data through a secure tunnel that leads from one endpoint to another VPNs keep critical business communications private and secureVPN componentsVPN serversVPN clientsProtocols39TUNNELING PROTOCOLSLayer 2 Tunneling Protocol (L2TP)Provides better security through IPSecIPSec enables L2TP to performAuthenticationEncapsulationEncryption18TUNNELING PROTOCOLSSecure Shell (SSH)Provides authentication and encryptionWorks with UNIXbased systemsVersions for Windows are also availableUses publickey cryptographySocks V. 5Provides proxy services for applications That do not usually support proxyingSocks version 5 adds encrypted authentication and support for UDP2016ENCRYPTION SCHEMES USED BY VPNS (CONTINUED)Secure Sockets Layer (SSL) (continued)StepsServer uses its private key to decode premaster codeGenerates a master secret keyClient and server use it to generate session keysServer and client exchange messages saying handshake is completedSSL session begins34SUMMARY (CONTINUED)VPN typesSitetositeClienttositeEncapsulation encloses one packet within another Conceals the original informationVPN protocolsSecure Shell (SSH)Socks version 5PointtoPoint Tunneling Protocol (PPTP)Layer 2 Tunneling Protocol (L2TP)40 Virtual Private Network (VPN) 29BIếN ĐổI ĐÓNG GÓI TRONG VPN (ENCAPSULATION)Các buớc trong tiến trình VPN Đóng gói (Encapsulation)Mã hoá (Encryption)Xác thực (Authentication)EncapsulationĐóng gói dữ liệu và các thông số khác nhauVí dụ như IP headerBảo vệ tính nguyên vẹn dữ liệu153127VPN CORE ACTIVITY 2: ENCRYPTIONEncryptionProcess of rendering information unreadable by all but the intended recipientComponentsKeyDigital certificateCertification Authority (CA)Key exchange methodsSymmetric cryptographyAsymmetric cryptographyInternet Key ExchangeFWZ2812SUMMARY (CONTINUED)IPSec/IKEEncryption makes the contents of the packet unreadableAuthentication ensures participating computers are authorized usersKerberos: strong authentication systemVPN advantagesHigh level of security at low costVPN disadvantagesCan introduce serious security risks412410255ENCRYPTION SCHEMES USED BY VPNSTriple Data Encryption Standard (3DES)Used by many VPN hardware and software3DES is a variation on Data Encryption Standard (DES)DES is not secure3DES is more secureThree separate 64bit keys to process data3DES requires more computer resources than DES30WHY ESTABLISH A VPN?VPN combinationsCombining VPN hardware with software adds layers of network securityOne useful combination is a VPN bundled with a firewallVPNs do not eliminate the need for firewallsProvide flexibility and versatility13FIREWALL CONFIGURATION FOR VPNS37Protocol ... IP 51L2TPPPTPIP 17IP 6UDPTCP1701GRE/PPTPDataIP 47 1723TUNNELING PROTOCOLSPointtoPoint Tunneling Protocol (PPTP)Used when you need to dial in to a server with a modem connectionOn a computer using an older OS versionEncapsulates TCP/IP packetsHeader contains only information needed to route data from the VPN client to the serverUses Microsoft PointtoPoint Encryption (MPPE)Encrypt data that passes between the remote computer and the remote access serverL2TP uses IPSec encryptionMore secure and widely supported17NỘI DUNGNguyên lý VPNCác biến đổi đóng gói trong VPNsMã hoá trong VPNsXác thực trong VPNsƯu nhược điểm của VPNs2VPN CORE ACTIVITY 3: AUTHENTICATIONAuthenticationIdentifying a user or computer as authorized to access and use network resourcesTypes of authentication methods used in VPNsIPSecMSCHAPBoth computers exchange authentication packets and authenticate one anotherVPNs use digital certificates to authenticate users35...

Virtual Private Network -mạng riêng ảo- VPN

Danh mục: Công nghệ thông tin

... trò• CLIENT1 chạy Windows XP Professional, bản SP2 : Máy khách• ROUTER1 chạy Windows Server 2003, bản SP1, Standard Edition: Máy chủ VPN & Router trả lời• INTERNET chạy Windows Server 2003, ... Edition: Router Internet• ROUTER2 chạy Windows Server 2003, bản SP1, Standard Edition: Máy chủ VPN- & Router gọi• CLIENT2 chạy Windows XP Professional, bản SP2: Máy kháchMô hình minh họa cho ... Chuyªn Photocopy - §¸nh m¸y - In LuËn v¨n, TiÓu luËn : 6.280.688Lý thuyết. I. Tổng quan về mạng riêng ảo VPN (Virtual Private Network) . II. VPN và bảo mật internet VPN. III. Thiết kế...

VIRTUAL PRIVATE NETWORK (VPN)

Danh mục: Công nghệ thông tin

... của L2F(Layer 2 Forwarding của Cisco System) và tínhkết nối nhanh Point - to Point của PPTP (Point to Point Tunnling Protocol củaMicrosoft). Trong môi trường Remote Access L2TP cho phép khởi ... hiện nay là VPN truy cập từ xa (Remote- Access )và VPN điểm-nối-điểm (site-to-site).1. VPN Remote Access - Remote Access VPNs cho phép truy cập bất cứ lúc nào bằng Remote, mobile, và các thiết ... (such as Remote Authentication Dial -In User Service [RADIUS], Terminal Access Controller Access Control System Plus [TACACS+]…).1.5 PPTP (Point to Point Tunneling Protocol)- Được sử dụng trên...

Configuring an IP Address and Default Gateway in Windows 2000

Danh mục: Hệ điều hành

... Inc. Step 1: Log in Log in as Administrator. On a typical system, only the administrator can configure an IP address. Step 2: Configure TCP/IP to use a static IP address Right-click My Network ... entered in the table in the Procedures step of this lab. 7. Click OK. 8. Click OK to close the Local Area Connection Properties dialog box. 9. Minimize the Network And Dial-Up Connections window. ... 2002, Cisco Systems, Inc. Step 4: As a test of the configuration, use Internet Control Messaging Protocol (ICMP), better known as ping. 1. At the command prompt type ping xxx.xxx.xxx.xxx...

Thí nghiệm TTDL & Mạng máy tính - Bài 3: VPN (VIRTUAL PRIVATE NETWORK)

Danh mục: Quản trị mạng

... Routing and Remote Access nhấn vào Remote Access Policies nhấn chuột phải vào Connections to Microsoft Routing and Remote Access server chọn Properties. Trên thẻ Setting chọn Grant remote access ... mới (Network Interface trong Routing and Remote Access) 9. Nhấn OK. Trên trang Address Range Assignment nhấn Next 10. Trên trang Managing Multiple Remote Access Servers chọn No, use Routing ... the Routing and Remote Access Server Setup nhấn Finish Tiếp theo ta cấu hình giao diện quay số yêu cầu 1. Trên Routing and Remote Access chọn SIM01 và nhấn chuột phải vào network Interface...

Adding Users in Windows 2000

Danh mục: Hệ điều hành

... following equipment is required for this exercise: • A system running Windows 2000 with Administrative Tools enabled Scenario The Air Guitar Company has just installed a new system running Windows ... Systems, Inc. Lab 8.3.1: Adding Users in Windows 2000 Estimated Time: 10 Minutes Objective • Describe the role and purpose of user accounts. • Plan and create local and domain user accounts. ... the user name, password and domain to log on as the Administrator. In this lab, the student will create two user accounts in Windows 2000. Log on as the Administrator and create the first...

Tài liệu Module 1: Introduction to Active Directory in Windows 2000 pptx

Danh mục: Hệ điều hành

... Methods for Administering a Windows 2000 Network 19 Review 24 Module 1: Introduction to Active Directory in Windows 2000 Module 1: Introduction to Active Directory in Windows 2000 9 ... the directory service in Windows 2000. Module 1: Introduction to Active Directory in Windows 2000 19 #### Methods for Administering a Windows 2000 Network !Using Active Directory ... structure. 10 Module 1: Introduction to Active Directory in Windows 2000 Domains !A Domain Is a Security Boundary$A domain administrator can administer only within the domain, unless explicitly...

Tài liệu Managing User Accounts in Windows 2000 docx

Danh mục: Hệ điều hành

... Systems, Inc. Step 2: Changing a Password 1. Right-click on the studentA1 account and click Set Password. Type in a new password and then type it again to confirm the password. Step 3: Resetting ... Type it in and then confirm it. Log in with the studentA1 account. 4. Log off as studentA1. Step 4: Deleting an Account 1. Open the Computer Management screen from administrative tools in the ... password on next login” box will display. Click OK to exit. 3. Log off as the administrator and log on with the studentA1 account. When logging back on, a message prompting will be displayed...

Tài liệu Assigning Permissions in Windows 2000 pptx

Danh mục: Hệ điều hành

... the chart in Step 1, begin adding user accounts and group accounts by selecting them in the name box and clicking the Add button. Again, do so according to the chart in Step 1, then click OK. ... v2.0 - Lab 8.4.3 Copyright  2002, Cisco Systems, Inc. Lab 8.4.3: Assigning Permissions in Windows 2000 Estimated Time: 30 Minutes Objective In this exercise, the student will learn how to ... on the scenario that is described in the following section. Equipment The following equipment is required for this exercise: • A computer running Windows 2000 formatted with NTFS Scenario...

Tài liệu Writing a Script in Windows 2000 doc

Danh mục: Hệ điều hành

... 8.5.6: Writing a Script in Windows 2000 Estimated Time: 30 Minutes Objective The objective of this lab is to learn how to write a script in Windows 2000. Equipment The following equipment ... equipment is required for this exercise: • A computer running Windows 2000 Professional Scenario The system administrator needs to create a script in the startup folder that will display on the users ... Greeting = Greeting & " I like the name Steve." End IF End IF MsgBox Greeting 3. Save the document as “Greeting.vbs” Note: If the student needs to edit changes after saving,...

Tài liệu Virtual Private Network (VPN) Implementation Options pptx

Danh mục: Quản trị mạng

... 255.255.255.252 ip access- group GeneralMining in ip access- group GeneralMining out!router rip network 155.13.0.0!router ospf 1 network 195.166.31.17 0.0.0.0 area 3!ip access- list FriedFoods ... deployed?mp900725.eps8705002107/15/00steve gifford Virtual Networks Virtual Private Networks Virtual Dial-up Networks Virtual LANsOverlay VPN Peer-to-Peer VPNLayer 2 VPN Layer 3 VPNX.25 F/R ATM GRE IPSec Access lists(Shared ... 155.13.254.5 255.255.255.252 ip access- group FriedFoods in ip access- group FriedFoods out!interface serial 0/1/3 description GeneralMining – Mountain View SiteService provider networkFried FoodsSan...

Tài liệu Assigning Permissions in Windows 2000 ppt

Danh mục: Hệ điều hành

... v2.0 - Lab 7.1.2 Copyright  2002, Cisco Systems, Inc. Lab 7.1.2: Assigning Permissions in Windows 2000 Estimated time: 30 Minutes Objective In this exercise, the student will learn how to ... manage folders and assign access rights is an important capability of operating systems. This capability helps ensure data integrity by defining the level of user access. Step 1 First, create ... assign NTFS permissions to folders. Equipment The following equipment is required for this exercise: • A computer running Windows 2000 formatted with NTFS Scenario The boss needs a folder...