Virtual Private Networks

From
Jump to navigation Jump to search

Preface

This Page is also available in German.

Diese Seite ist auch auf deutsch verfügbar.

Definition

A regular phyiscally existing network consisting of cables and routers/switches/etc is called a network. You run the various known internet protocols layer 1-4 on it. You can also use those protocols to emulate a virtual network. This is mostly done in layer 2 (IP). You tunnel the data of the virtual network encapsulated in IP-Packets for example. If you secure your tunnel as well with various encryption methods one might call the tunneled data a virtual private network. This is used in various scenarios, mostly for tunneling sensitive information over an inherently insecure architecture - for example to connect two corporate LANs over the internet.

Theory

Implementation

OpenVPN

PPTP (Microsoft)

Preface

How does it work?

Authentication

Encryption

Servers

Implementation Windows

Implementation Linux

Poptop - The PPTP Server for Linux

mppe-patch pptpd

Openswan & l2tpd

Clients

Windows

Linux

MacOS

Mac OS X supports VPN-Connections out the box since 10.3. Included are Clients for PPTP and L2TP over IPSec. Unfortunately, not all of the major open source clients seems to have been ported to this platform. But the 10.3+ Clients are well integrated into the OS and provide a basic level functionality that should be sufficient. The onboard-Clients are available via "Internet Connect.app" where you can setup new VPN-Connections.

IPSec

isakmpd (originally OpenBSD)

Freeswan

Openswan