Virtual Private Networks (VPNs) 5-23

5.Click the OK button in this window and the next two windows.

Windows XP Client Configuration

1.From your Windows XP desktop, click on Start ---> My Network Places and select View Network Connections from the Network Tasks area.

2.Click Create a New Connection in the Network Tasks area to start the New Connection Wizard. Click Next.

3.In the Network Connection Type box that appears, select the Connect to the network at my workplace radio button. Click Next.

4.In the Network Connection box that appears, select the Virtual Private Network connection radio button. Click Next.

5.In the Connection Name window's text box labeled Company Name, assign the name of the organization or connection to which you log in.

6.In the VPN Server Selection window's text box labeled Host Name or IP address, type the Local WAN IP address of the router to which you are connecting.

7.In the Connection Availability window, you can select the Anyone's Use radio button if you want to make this connection accessible to other users of your workstation. Otherwise, leave it set to the default My use only selection. Click Next.

8.Click Finish. This completes the VPN configuration. Also, you can click the Add a shortcut to this connection to my desktop checkbox to put an icon on the desktop.

Connecting using Dial-Up Networking

A Dial-Up Networking connection will be automatically launched whenever you run a TCP/IP application, such as a web browser or email client. When you first run the application a Connect To dialog box appears in which you enter your User name and Password. If you check the Save password checkbox, the system will remember your User name and Password, and you won’t be prompted for them again.

Allowing VPNs through a Firewall

An administrator interested in securing a network will usually combine the use of VPNs with the use of a firewall or some similar mechanism. This is because a VPN is not a complete security solution, but rather a component of overall security. Using a VPN will add security to transactions carried over a public network, but a VPN alone will not prevent a public network from infiltrating a private network. Therefore, you should combine use of a firewall with VPNs, where the firewall will secure the private network from infiltration from a public network, and the VPN will secure the transactions that must cross the public network.

A strict firewall may not be provisioned to allow VPN traffic to pass back and forth as needed. In order to ensure that a firewall will allow a VPN, certain attributes must be added to the firewall's provisioning. The provisions necessary vary slightly between ATMP and PPTP, but both protocols operate on the same basic premise: there are control and negotiation operations, and there is the tunnelled traffic that carries the payload of data between the VPN endpoints. The difference is that ATMP uses UDP to handle control and negotiation, while PPTP uses TCP. Then both ATMP and PPTP use GRE to carry the payload.

Page 165
Image 165
Motorola Enterprise Series Routers, 6161252-00-01 manual Allowing VPNs through a Firewall, Windows XP Client Configuration