VPN is one of remote access that allows you to access public network and use it to integrate in the local network.
There are two types of remote access VPN :
1. Client Initiated
Client initiated is the common use of VPN. If user’s PC want to build a VPN connection, then the PC itself trying to build a tunnel and doing encryption until the data reach to the destination safely. But, this process is still using ISP’s network. Client Initiated VPN is often use by PC to PC rely on VPN Server or VPN concentrator to the destination network.
2. NAS (Network Access Server) Initiated
NAS Initiated is not constrain user to make the tunnel, encryption, and decryption himself. This type of VPN requires user to dial-in to NAS ISP. Then, this NAS will build the tunnel to private network’s destination. Therewith, VPN connection can be build by many client anywhere because the NAS ISP is commonly available for public.
How it works?
VPN operates at layer 2 or 3 OSI Model :
- Layer 2 Frame – Ethernet.
- Layer 3 Frame – IP.
VPN is using a tunneling technology. Tunneling is responsible to handle and provide Point-to-Point connection. Exactly, the Point-to-Point connection is form by across the public network. But, this connection does not care with data packets of other people, except only attend the maker of data transportation. Usually, this technology is develop on the network with IP addressing and IP routing setting. If the communication between source and destination is not going well, then the tunnel cannot be created, and VPN cannot be made. If the tunnel already created, the Point-to-Point connection can be directly used to pass the data. This tunnel also equip with encryption system to the passing data.
These are the tunneling technologies :
- PPTP – Point-to-Point Tunneling Protocol
It allows multiprotocol traffic to be encrypted and then encapsulated in an IP header to be sent across an organization’s IP internetwork or a public IP internetwrok sucha as the internet.
- L2TP - Layer 2 Tunneling Protocol
It allows multiprotocol traffic to be encrypted and then sent over any medium that supports Point-to-Point datagram delivery.
- IPSec TM – IP Security Tunnel Mode
It allows IP packets to be encrypted and then encapsulated in an IP header to be sent across an organization’s IP internetwork or a public IP internetwork such as the internet.
References
· www.csun.edu/~vcact00f/311/termProjects/700class/VPN.ppt
