home
NEWS       BLOGS       FORUMS       NEWSLETTERS       RESEARCH       EVENTS       DIGITAL LIBRARY       CAREERS  
Network Computing Network Computing Powered by InformationWeek Business Technology Network

IMMERSE YOURSELF:

SOA

  |

Data Center

  |

802.11n

  |

Data Privacy

  |		 APO  |

Virtualization

  |

NAC

  |

Security

  |

Network Mgmt

  |

Enterprise Apps

  |

Storage & Servers











Internet-Based Multiprotocol Remote Access

Since the user is authenticated at the home gateway--and not at the NAS--you don't have to maintain multiple user databases.

Any special enhancements that you would use with PPP, such as encryption or token authorization, can be performed without modification because the VDPN is transparent outside of the tunnel. VDPN lets you locate your modem pool or POP and the home gateway, allowing for the distinct separation of management of dial-up usage and user access to the network. The POP doesn't need to know anything about the connection other than the home gateway and user name for billing; the home gateway needs to know only to authenticate the user regardless of his or her POP. You can lo cate your POPs and home gateways in a scheme that makes sense to your organization.

Tunneling Without Seams PPTP provides seamless connectivity between the user and the network in two ways: from NAS to home gateway, or from the client to the home gateway using a PPTP-enabled client supported in Windows NT Server and Workstation.

To establish a PPTP tunnel, the NAS must create two connections over IP. The first connection is a TCP control channel that provides out-of-band management for the tunnel, including connection and break requests, packet sequencing and flow control. The second connection passes encapsulated PPP packets using the Generic Routing Encapsulation (GRE) 2 protocol.

When the NAS detects a call on a remote-access port, modem or ISDN channel, it attempts to contact the home gateway from which the remote-access port is associated. The NAS won't answer the call until the home gateway responds with positive acknowledgment that it is accepting calls.

Once the home gateway indicates that it is accepting connections, the NAS answers the call. If a tunnel has already been established to the home gateway, the NAS assigns a tunnel ID (which associates an ID to a specific user in a tu nnel) to the user and passes the PPP packets to the home gateway. At this point, the NAS wraps all the PPP packets with GRE 2, and passes them to the home gateway. The home gateway unwraps the GRE 2 packets and treats the enclosed PPP packets normally.

Setting up the routing tables on the NAS is generally a straightforward process of associating a home gateway to a specific port. The NAS doesn't need to know anything more about the connection until the home gateway responds to the connection request. Setting up PPTP tunnels from an NT Server or Workstation is as simple as creating a remote-access connection. In place of the telephone number, enter the IP address of your home gateway.

Security is handled through authen tication by the NT user database. Initial authentication can be performed through standard PPP methods, such as the Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP), as well as RSA RC4 and Data Encryption Standard (DES) technologies. Encryption also can be provided via NT 4.0's 40-bit RC4 (128-bit in the United States and Canada). Additionally, you can configure the home gateway to reject all IP connection attempts except PPTP. This feature is known as PPTP filtering. It hides the home gateway from others on the network and adds a level of security through obscurity.

If you have or are planning to install Windows NT 4.0, then you'll have VDPN capabilities in place without having to install additional hardware for the home gateway. Configuring NT to accept PPTP connections is as simple as installing the PPTP service and configuring the tunnels in NT's Remote Access Service. Vendors are adding value options to PPTP such as Multilink PPP to suit the needs of a rang e of installations. Since PPTP is relatively new, look for features in the coming months that provide more robust solutions.

Currently, the PPTP draft states that tunnels are established according to the called number, the calling number or subaddressing. You'll have to determine how many VDPN-enabled modems you'll need and arrange for hunt groups.

A few products, such as U.S. Robotics' Enterprise Network Hub can leverage the Remote Authentication Dial-In User Service (RADIUS) to determine if a PPTP tunnel must be created. This offers a more flexible method of tunnel management than static assignment.


Updated April 8, 1997







Ready to take that job and shove it?

Function:

Keyword(s):

State:
SPONSOR
RECENT JOB POSTINGS
CAREER NEWS
10 Search Engines You Don't Know About
Go beyond Google and get vertical. These specialized search sites will help you find the business information you need -- fast.

Yahoo Profits Fall 23%, Cuts 1,000 Jobs
Ari Balogh was named to the post of chief technology officer as the companys for a "realignment" of employees.

More articles from our career center










InformationWeek U.S. IT Salary Survey 2008
Salaries for business technology professionals are falling. Here's what you need to know in order to make good hiring decisions and personal career choices. Download Today
 
ROLLING RIGHT ALONG
Follow key Network Computing Reviews from conception to completion. This Week: Holistic APM.



Network Computing Reports Emerging Enterprise Podcast Series: Secrets to Success








TechSearch
Microsite of the Week


Powerful Information at Your Fingertips



InformationWeek Business Technology Network
InformationWeekInformationWeek 500InformationWeek 500 ConferenceInformationWeek AnalyticsInformationWeek CIO
InformationWeek EventsInformationWeek ReportsInformationWeek MagazinebMightyByte and SwitchDark Reading
Digital LibraryIntelligent EnterpriseInternet EvolutionNetwork ComputingNo JitterPlug Into The Cloud
space
Techweb Events Network
InteropVoiceConWeb 2.0 ExpoWeb 2.0 SummitEnterprise 2.0 ConferenceMobile Business ExpoSoftware ConferenceCSI - Computer Security Institute
Black HatGTECEnergy CampMashup CampStartup Camp
space
Light Reading Communications Network
Light ReadingLight Reading EuropeUnstrungLight Reading's Cable Digital NewsConstantinopleInternet EvolutionPyramid Research
Heavy ReadingLight Reading Live!Light Reading InsiderEthernet ExpoOptical ExpoTeleco TVTower Technology Summit
space
Financial Technology Network
Advanced TradingBank Systems & TechnologyInsurance & TechnologyWall Street & TechnologyAccelerating Wall StreetBank Systems & Technology Executive SummitBuyside Trading SummitInsurance & Technology Executive Summit
space
Microsoft Technology Network
MSDN MagazineTechNetThe Architecture Journal
space


App Infrastructure   |   Messaging & Collaboration   |   Network & Systems Mgmt   |   Network Infrastructure   |   Security  |   Storage & Servers   |   Wireless   |   Enterprise Apps
About Us  |  Contact Us  |  Site Map  |  Technology Marketing Solutions  |  Advertising Contacts  |   Briefing Centers
Copyright © 2008  United Business Media LLC  |  Privacy Statement  |  Terms of Service  |  Your California Privacy Rights