Windows 2000 Virtual Private Networking (VPN)

Series
Sams
Author
Thaddeus Fortenberry  
Publisher
Sams Publishing
Cover
Softcover
Edition
1
Language
English
Total pages
362
Pub.-date
January 2001
ISBN13
9781578702466
ISBN
1578702461
Related Titles


Product detail

Product Price CHF Available  
9781578702466
Windows 2000 Virtual Private Networking (VPN)
61.30 approx. 7-9 days

Description

For courses in Windows NT/Windows 2000 Networking and Network Security.

Focus on VPNs and security has been created by concerns for privacy and data protection. Learning to configure and maintain VPNs is a necessary skill for CS students. Windows 2000 Virtual Private networking takes into account the emerging distributed workforce that networkers must support, including laptop users, home LAN environments, complex branch offices, and more-all within a secure and effective network design. The way a VPN is implemented in Windows 2000 is different that any other operating system. This book will cover all aspects of both the tunnel server and the tunnel client, covering PPTP, L2TP and IPSec, and the configuration of both tunnel and transport configuration. In addition to specific discussions about Windows 2000 tunneling, the book will show students what a network designer can do with this capability. New VPN features that can affect Active Directory replication, network address translation, Proxy and more will be covered in depth.

Table of Contents

(NOTE: Each chapter concludes with a Summary.)

Preface.


Introduction.


1. What Is a Virtual Private Network?

History of Virtual Private Networks. How a Virtual Private Network Works. Alternative Services. Common Uses of Virtual Private Networks. Other Benefits of Virtual Private Networks.



2. Basic Virtual Private Network Deployment.

Terminology. Design Considerations. Virtual Private Network Deployment. Network Design Concepts with Tunneling.



3. VPN Features in Windows 2000.

Active Directory. PPTP. L2TP. IPSec. Internet Key Exchange (IKE). NAT. Connection Manager. Certificate Server. Dynamic DNS. Highly Configurable Network Traffic. Easier Router Configuration.



4. Point-to-Point Tunneling Protocol (PPTP).

How PPTP Works. PPTP Security. Performance Gains.



5. Certificates.

What Is a Certificate Server? Digital Signatures. Certificate Authority. Certificate Enrollment. Certificate Verification. Certificate Revocation. Certificate Storage Model. Implementing Certificate Server for Virtual Private Networks.



6. Internet Protocol Security (IPSec).

IPSec Communication. Choosing an IPSec Environment. Bringing the Whole IPSec Picture Together.



7. Layer 2 Tunneling Protocol (L2TP).

Goals for Windows 2000 L2TP/IPSec. L2TP versus PPTP. L2TP Implementation Details. L2TP Communications in Detail. Internet Key Exchange Settings. Key Exchange Methods (H3). Power Management. L2TP/IPSec Procedures.



8. NAT and Proxy Servers.

Proxy Server. Proxy Server Functions: Speed and Security. Network Address Translation. Firewalls. Edge Servers. Windows 2000 Network Address Translation. Various Server-Side Network Designs. Various Client-Side Network Designs. Summary of Distributed Network Designs. NAT and Proxy Server Configuration. Setting Up NAT with RRAS. Sharing a VPN Link.



9. Connection Manager, Remote Access Policy, and IAS.

Connection Manager. Remote Access Policies. Windows 2000 Remote Access Policy. Internet Authentication Service (IAS).



10. Routing and Filtering.

Windows 2000 Routing. Client-Side Routing. Automatic Private IP Addressing (APIPA). Tunnels and Routing.



11. Name Resolution in Windows 2000.

Name Resolution for Tunnel Clients. Name Resolution for Home LAN/Branch Office. Name Resolution for a VPN-Based Active Directory Environment. Relationship Between the Branch Office Name Servers.



12. Active Directory Design in VPNs.

Replication. Single Master Replication and VPNs. Optimization. Site Design. Deploying the AD. The HappyVPN Model.



Appendix A. History and Context of Virtual Private Networking.

The Early Years. ISPs. Private Networks. OSI Reference Model. VPN-Related RFCs.



Appendix B. Troubleshooting.

Troubleshooting Factors. Common Issues and Troubleshooting Tips.



Appendix C. Windows 2000 to Cisco IOS IPSec Connectivity.

Network Setup. Windows 2000 Security Policy Configuration. Cisco IPSec Configuration. Testing. Summary.



Appendix D. VPN and Network Futures.

Predicting VPN and Windows Trends.



Index.

Back Cover

Substantial interest in VPN has been created by concerns for privacy and data protection. You, the administrator must be aware of security concepts and network designs, and yet, customers require flexible network environments that will satisfy the needs of today's computer users. You must support laptop users, home LAN environments, complex branch offices, and more--all within a secure and effective network design. The way you implement VPNs in Windows 2000 is different than any other operating system. Windows 2000 Virtual Private Networking will cover all aspects of both the tunnel client. Microsoft is using PPTP, L2TP and IPSec all in this one product and the configuration of both tunnel and transport configuration can be very complex. This book covers what you, the network designer can do with this capability; new VPN features that can affect Active Directory replication; network address translation; Proxy and more will be covered in depth.

Author

Thaddeus Fortenberry, MCSE, MCT is a leading expert in Virtual Private Networking and the Windows platform. As Compaq's Program Manager of Virtual Private Networks, he designs the global specifications for tunneling and deploying tunnel servers. He has been working with Windows NT since its initial release, and he worked in a support role specializing in VPNs and networking for the Windows 2000 Rapid Deployment Program participants at Microsoft. Thaddeus also assisted in administering and deploying Compaq's Qtest Active Directory┬┐the second largest pre-release deployment of Windows 2000 Active Directory. In addition, he was the key architect of the HappyVPN test network┬┐a deployment of Active Directory over a distributed network based entirely on VPN links using Windows 2000 tunneling technologies.