Operating System

Virtual Private Networking: An Overview

White Paper
Abstract
This white paper provides an overview of virtual private networks (VPNs), describes their basic
reuire!ents, and discusses so!e of the ke" technologies that per!it private networking over public
internetworks#
1999 Microsoft Corporation. All rights reserved.
The information contained in this document represents the current view of Microsoft
Corporation on the issues discussed as of the date of pulication. !ecause
Microsoft must respond to changing mar"et conditions# it should not e interpreted
to e a commitment on the part of Microsoft# and Microsoft cannot guarantee the
accuracy of any information presented after the date of pulication.
This $hite %aper is for informational purposes only. M&C'OSO(T MA)*S +O
$A''A+T&*S# *,%'*SS O' &M%-&*.# &+ T/&S .OC0M*+T.
The !ac"Office logo# Microsoft# $indows# and $indows +T are registered
trademar"s of Microsoft Corporation.
Other product or company names mentioned herein may e the trademar"s of their
respective owners.
Microsoft Corporation 1 One Microsoft $ay 1 'edmond# $A 9234567899 1 0SA
3999
WHITE PAPER............................................................................1
INTRODUCTION.........................................................................1
$o!!on %ses of VPNs####################################################################################&
'asic VPN (euire!ents#################################################################################)
TUNNELING BASICS..................................................................5
Tunneling Protocols##########################################################################################*
Point+to+Point Protocol (PPP)###########################################################################,
Point+to+Point Tunneling Protocol (PPTP)#####################################################--
.a"er & /orwarding (.&/)###############################################################################-&
.a"er & Tunneling Protocol (.&TP)################################################################-&
0nternet Protocol 1ecurit" (0P1ec) Tunnel 2ode###########################################-3
Tunnel T"pes##################################################################################################-3
ADVANCED SECURITY FEATURES..........................................17
1"!!etric 4ncr"ption vs# As"!!etric 4ncr"ption
(Private 5e" vs# Public 5e")###########################################################################-,
$ertificates######################################################################################################-,
46tensible Authentication Protocol (4AP)######################################################-7
0P 1ecurit" (0P1ec)#########################################################################################-7
USER ADMINISTRATION ........................................................21
1upport in (A1###############################################################################################&-
1calabilit"########################################################################################################&-
(A80%1##########################################################################################################&&
ACCOUNTING, AUDITING, AND ALARMING............................22
CONCLUSION...........................................................................23
/or 2ore 0nfor!ation######################################################################################&9
CONTENTS
A Virtual Private Network (VPN) connects the co!ponents of one network over
another network# VPNs acco!plish this b" allowing the user to tunnel through the
0nternet or another public network in a !anner that provides the sa!e securit" and
features for!erl" available onl" in private networks (see /igure -)#
Transit 0nternetwork
.ogical
4uivalent
Virtual Private Network
(igure 1: ;irtual %rivate +etwor"
VPNs allow users working at ho!e or on the road to connect in a secure fashion to
a re!ote corporate server using the routing infrastructure provided b" a public
internetwork (such as the 0nternet)# /ro! the user:s perspective, the VPN is a point+
to+point connection between the user:s co!puter and a corporate server# The
nature of the inter!ediate internetwork is irrelevant to the user because it appears
as if the data is being sent over a dedicated private link#
VPN technolog" also allows a corporation to connect to branch offices or to other
co!panies over a public internetwork (such as the 0nternet), while !aintaining
secure co!!unications# The VPN connection across the 0nternet logicall" operates
as a ;ide Area Network (;AN) link between the sites#
0n both of these cases, the secure connection across the internetwork appears to
the user as a private network co!!unication<despite the fact that this
co!!unication occurs over a public internetwork<hence the na!e ;irtual %rivate
+etwor"#
2icrosoft VPN Overview ;hite Paper
-
INTRODUCTION
VPN technolog" is designed to address issues surrounding the current business
trend toward increased teleco!!uting and widel" distributed global operations,
where workers !ust be able to connect to central resources and !ust be able to
co!!unicate with each other#
To provide e!plo"ees with the abilit" to connect to corporate co!puting resources,
regardless of their location, a corporation !ust deplo" a scalable re!ote access
solution# T"picall", corporations choose either an 201 depart!ent solution, where
an internal infor!ation s"ste!s depart!ent is charged with bu"ing, installing, and
!aintaining corporate !ode! pools and a private network infrastructure= or the"
choose a value+added network (VAN) solution, where the" pa" an outsourced
co!pan" to bu", install, and !aintain !ode! pools and a teleco!!unication
infrastructure#
Neither of these solutions provides the necessar" scalabilit", in ter!s of cost,
fle6ible ad!inistration, and de!and for connections# Therefore, it !akes sense to
replace the !ode! pools and private network infrastructure with a less e6pensive
solution based on 0nternet technolog" so that the business can focus on its core
co!petencies# ;ith an 0nternet solution, a few 0nternet connections through
independent service providers (01Ps) and VPN server co!puters can serve the
re!ote networking needs of hundreds or thousands of re!ote clients and branch
offices, as describe below#
Commo U!"! o# VPN!
The ne6t few subsections describe the !ore co!!on VPN situations in !ore detail#
R"mo$" U!"% A&&"!! O'"% $(" I$"%"$
VPNs provide re!ote access to corporate resources over the public 0nternet, while
!aintaining privac" of infor!ation# /igure & shows a VPN used to connect a re!ote
user to a corporate intranet#
ISP
Internet
$orporate
>ub
Virtual Private Network
8edicated .ink to 01P 8edicated .ink to 01P
(igure 5: 0sing a ;%+ to connect a remote client to a private -A+
(ather than !aking a long distance (or -+,??) call to a corporate or outsourced
Network Access 1erver (NA1), the user calls a local 01P# %sing the connection to
2icrosoft VPN Overview ;hite Paper &
the local 01P, the VPN software creates a virtual private network between the dial+
up user and the corporate VPN server across the 0nternet#
Co"&$)* N"$+o%,! O'"% $(" I$"%"$
There are two !ethods for using VPNs to connect local area networks at re!ote
sites:
Using dedicated lines to connect a branch office to a corporate LAN. (ather
than using an e6pensive long+haul dedicated circuit between the branch office
and the corporate hub, both the branch office and the corporate hub routers
can use a local dedicated circuit and local 01P to connect to the 0nternet# The
VPN software uses the local 01P connections and the 0nternet to create a
virtual private network between the branch office router and corporate hub
router#
Using a dial-up line to connect a branch office to a corporate LAN# (ather
than having a router at the branch office !ake a long distance (or -+,??) call to
a corporate or outsourced NA1, the router at the branch office can call the local
01P# The VPN software uses the connection to the local 01P to create a VPN
between the branch office router and the corporate hub router across the
0nternet#
'ranch
Office
Corporate
Hub
Internet
Virtual Private Network
8edicated or
8ial+%p .ink to 01P
8edicated .ink to 01P
(igure 8: 0sing a ;%+ to connect two remote sites
0n both cases, the facilities that connect the branch office and corporate offices to
the 0nternet are local# The corporate hub router that acts as a VPN server !ust be
connected to a local 01P with a dedicated line# This VPN server !ust be listening &)
hours a da" for inco!ing VPN traffic#
Co"&$)* Com-.$"%! o'"% / I$%/"$
0n so!e corporate internetworks, the depart!ental data is so sensitive that the
depart!ent:s .AN is ph"sicall" disconnected fro! the rest of the corporate
internetwork# Although this protects the depart!ent:s confidential infor!ation, it
creates infor!ation accessibilit" proble!s for those users not ph"sicall" connected
to the separate .AN#
2icrosoft VPN Overview ;hite Paper
9
Corporate Internetwork
Virtual Private Network
1ecured
or
>idden Network
PN
Ser!er
(igure 9: 0sing a ;%+ to connect two computers on the same -A+
VPNs allow the depart!ent:s .AN to be ph"sicall" connected to the corporate
internetwork but separated b" a VPN server# The VPN server is not acting as a
router between the corporate internetwork and the depart!ent .AN# A router would
connect the two networks, allowing ever"one access to the sensitive .AN# '" using
a VPN, the network ad!inistrator can ensure that onl" those users on the corporate
internetwork who have appropriate credentials (based on a need+to+know polic"
within the co!pan") can establish a VPN with the VPN server and gain access to
the protected resources of the depart!ent# Additionall", all co!!unication across
the VPN can be encr"pted for data confidentialit"# Those users who do not have the
proper credentials cannot view the depart!ent .AN#
B/!)& VPN R"0.)%"m"$!
T"picall", when deplo"ing a re!ote networking solution, an enterprise needs to
facilitate controlled access to corporate resources and infor!ation# The solution
!ust allow roa!ing or re!ote clients to connect to .AN resources, and the solution
!ust allow re!ote offices to connect to each other to share resources and
infor!ation (.AN+to+.AN connections)# 0n addition, the solution !ust ensure the
privac" and integrit" of data as it traverses the 0nternet# The sa!e concerns appl" in
the case of sensitive data traversing a corporate internetwork#
Therefore, a VPN solution should provide at least all of the following:
User Authentication# The solution !ust verif" the user:s identit" and restrict VPN
access to authori@ed users onl"# 0t !ust also provide audit and accounting
records to show who accessed what infor!ation and when#
Address "anage#ent# The solution !ust assign a client:s address on the private
net and ensure that private addresses are kept private#
$ata %ncr&ption# 8ata carried on the public network !ust be rendered
unreadable to unauthori@ed clients on the network#
'e& "anage#ent# The solution !ust generate and refresh encr"ption ke"s for
the client and the server#
"ultiprotocol Support# The solution !ust handle co!!on protocols used in the
public network# These include 0P, 0nternet Packet 46change (0PA), and so on#
An 0nternet VPN solution based on the Point+to+Point Tunneling Protocol (PPTP) or
2icrosoft VPN Overview ;hite Paper )
.a"er & Tunneling Protocol (.&TP) !eets all of these basic reuire!ents and takes
advantage of the broad availabilit" of the 0nternet# Other solutions, including the new
0P 1ecurit" Protocol (0P1ec), !eet onl" so!e of these reuire!ents, but re!ain
useful for specific situations#
The re!ainder of this paper discusses VPN concepts, protocols, and co!ponents in
greater detail#
Tunneling is a !ethod of using an internetwork infrastructure to transfer data for
one network over another network# The data to be transferred (or payload) can be
the fra!es (or packets) of another protocol# 0nstead of sending a fra!e as it is
produced b" the originating node, the tunneling protocol encapsulates the fra!e in
an additional header# The additional header provides routing infor!ation so that the
encapsulated pa"load can traverse the inter!ediate internetwork#
The encapsulated packets are then routed between tunnel endpoints over the
internetwork# The logical path through which the encapsulated packets travel
through the internetwork is called a tunnel# Once the encapsulated fra!es reach
their destination on the internetwork, the fra!e is unencapsulated and forwarded to
its final destination# Tunneling includes this entire process (encapsulation,
trans!ission, and unencapsulation of packets)#
Transit 0nternetwork
Tunnel 4ndpoints
Pa"load Pa"load
Tunneled
Pa"load
Transit
0nternetwork
>eader
(unnel
(igure 4: Tunneling
The transit internetwork can be an" internetwork<the 0nternet is a public
internetwork and is the !ost widel" known real world e6a!ple# There are !an"
e6a!ples of tunnels that are carried over corporate internetworks# And while the
0nternet provides one of the !ost pervasive and cost+effective internetworks,
references to the 0nternet in this paper can be replaced b" an" other public or
private internetwork that acts as a transit internetwork#
Tunneling technologies have been in e6istence for so!e ti!e# 1o!e e6a!ples of
!ature technologies include:
2icrosoft VPN Overview ;hite Paper
3
TUNNELING BASICS
SNA tunneling o!er IP internetworks# ;hen 1"ste! Network Architecture
(1NA) traffic is sent across a corporate 0P internetwork, the 1NA fra!e is
encapsulated in a %8P and 0P header#
IP) tunneling for No!ell NetWare o!er IP internetworks# ;hen an 0PA packet
is sent to a Net;are server or 0PA router, the server or the router wraps the
0PA packet in a %8P and 0P header, and then sends it across an 0P
internetwork# The destination 0P+to+0PA router re!oves the %8P and 0P header
and forwards the packet to the 0PA destination#
New tunneling technologies have been introduced in recent "ears# These newer
technologies<which are the pri!ar" focus of this paper<include:
Point-to-Point (unneling Protocol *PP(P)# PPTP allows 0P, 0PA, or Net'4%0
traffic to be encr"pted, and then encapsulated in an 0P header to be sent
across a corporate 0P internetwork or a public 0P internetwork such as the
0nternet#
La&er + (unneling Protocol *L+(P,# .&TP allows 0P, 0PA, or Net'4%0 traffic to
be encr"pted, and then sent over an" !ediu! that supports point+to+point
datagra! deliver", such as 0P, A#&3, /ra!e (ela", or AT2#
IP Securit& *IPSec, (unnel "ode# 0P1ec Tunnel 2ode allows 0P pa"loads to be
encr"pted, and then encapsulated in an 0P header to be sent across a
corporate 0P internetwork or a public 0P internetwork such as the 0nternet#
T."1)* P%o$o&o1!
/or a tunnel to be established, both the tunnel client and the tunnel server !ust be
using the sa!e tunneling protocol.
Tunneling technolog" can be based on either a .a"er & or a .a"er 9 tunneling
protocol# These la"ers correspond to the Open 1"ste!s 0nterconnection (O10)
(eference 2odel# .a"er & protocols correspond to the data+link la"er and use
frames as their unit of e6change# PPTP and .&TP and .a"er & /orwarding (.&/)
are .a"er & tunneling protocols= both encapsulate the pa"load in a PPP fra!e to be
sent across an internetwork# .a"er 9 protocols correspond to the Network la"er, and
use pac"ets# 0P+over+0P and 0P 1ecurit" (0P1ec) Tunnel 2ode are e6a!ples of
.a"er 9 tunneling protocols# These protocols encapsulate 0P packets in an
additional 0P header before sending the! across an 0P internetwork#
Ho+ T."1)* Wo%,!
/or .a"er & tunneling technologies, such as PPTP and .&TP, a tunnel is si!ilar to a
session= both of the tunnel endpoints !ust agree to the tunnel and !ust negotiate
configuration variables, such as address assign!ent or encr"ption or co!pression
para!eters# 0n !ost cases, data transferred across the tunnel is sent using a
datagra!+based protocol# A tunnel !aintenance protocol is used as the !echanis!
to !anage the tunnel#
.a"er 9 tunneling technologies generall" assu!e that all of the configuration issues
2icrosoft VPN Overview ;hite Paper *
have been handled out of band, often b" !anual processes# /or these protocols,
there !a" be no tunnel !aintenance phase# /or .a"er & protocols (PPTP and
.&TP), however, a tunnel !ust be created, !aintained, and then ter!inated#
Once the tunnel is established, tunneled data can be sent# The tunnel client or
server uses a tunnel data transfer protocol to prepare the data for transfer# /or
e6a!ple, when the tunnel client sends a pa"load to the tunnel server, the tunnel
client first appends a tunnel data transfer protocol header to the pa"load# The client
then sends the resulting encapsulated pa"load across the internetwork, which
routes it to the tunnel server# The tunnel server accepts the packets, re!oves the
tunnel data transfer protocol header, and forwards the pa"load to the target
network# 0nfor!ation sent between the tunnel server and the tunnel client behaves
si!ilarl"#
T."1)* P%o$o&o1! /2 $(" B/!)& T."1)* R"0.)%"m"$!
'ecause the" are based on the well+defined PPP protocol, .a"er & protocols (such
as PPTP and .&TP) inherit a suite of useful features# These features, and their
.a"er 9 counterparts address the basic VPN reuire!ents, as outlined below#
User Authentication# .a"er & tunneling protocols inherit the user authentication
sche!es of PPP, including the 4AP !ethods discussed below# 2an" .a"er 9
tunneling sche!es assu!e that the endpoints were well known (and
authenticated) before the tunnel was established# An e6ception to this is 0P1ec
01A52P negotiation, which provides !utual authentication of the tunnel
endpoints# (2ost 0P1ec i!ple!entations support co!puter+based certificates
onl", rather than user certificates# As a result, an" user with access to one of
the endpoint co!puters can use the tunnel# This potential securit" weakness
can be eli!inated when 0P1ec is paired with a .a"er & protocol such as .&TP#)
(oken card support# %sing the 46tensible Authentication Protocol (4AP, .a"er &
tunneling protocols can support a wide variet" of authentication !ethods,
including one+ti!e passwords, cr"ptographic calculators, and s!art cards#
.a"er 9 tunneling protocols can use si!ilar !ethods= for e6a!ple, 0P1ec
defines public ke" certificate authentication in its 01A52PBOakle" negotiation#
$&na#ic address assign#ent. .a"er & tunneling supports d"na!ic assign!ent
of client addresses based on the Network $ontrol Protocol (N$P) negotiation
!echanis!# Cenerall", .a"er 9 tunneling sche!es assu!e that an address
has alread" been assigned prior to initiation of the tunnel# 1che!es for
assign!ent of addresses in 0P1ec tunnel !ode are currentl" under
develop!ent and are not "et available#
$ata co#pression# .a"er & tunneling protocols support PPP+based co!pression
sche!es# /or e6a!ple, the 2icrosoft i!ple!entations of both PPTP and .&TP
use 2icrosoft Point+to+Point $o!pression (2PP$)# The 04T/ is investigating
si!ilar !echanis!s (such as 0P $o!pression) for the .a"er 9 tunneling
protocols#
2icrosoft VPN Overview ;hite Paper
D
$ata encr&ption# .a"er & tunneling protocols support PPP+based data encr"ption
!echanis!s# The 2icrosoft i!ple!entation of PPTP supports optional use of
2icrosoft Point+to+Point 4ncr"ption (2PP4), based on the (1AB($) algorith!#
.a"er 9 tunneling protocols can use si!ilar !ethods= for e6a!ple, 0P1ec
defines several optional data encr"ption !ethods, which are negotiated during
the 01A52PBOakle" e6change# The 2icrosoft i!ple!entation of the .&TP
protocol uses 0P1ec encr"ption to protect the data strea! fro! the client to the
tunnel server#
'e& "anage#ent# 2PP4, a .a"er & protocol, relies on the initial ke" generated
during user authentication, and then refreshes it periodicall"# 0P1ec e6plicitl"
negotiates a co!!on ke" during the 01A52P e6change, and also refreshes it
periodicall"#
"ultiprotocol support. .a"er & tunneling supports !ultiple pa"load protocols,
which !akes it eas" for tunneling clients to access their corporate networks
using 0P, 0PA, Net'4%0, and so on# 0n contrast, .a"er 9 tunneling protocols,
such as 0P1ec tunnel !ode, t"picall" support onl" target networks that use the
0P protocol#
Po)$3$o3Po)$ P%o$o&o1 4PPP5
'ecause the .a"er & protocols depend heavil" on the features originall" specified
for PPP, it is worth e6a!ining this protocol !ore closel"# PPP was designed to send
data across dial+up or dedicated point+to+point connections# PPP encapsulates 0P,
0PA, and Net'4%0 packets within PPP fra!es, and then trans!its the PPP+
encapsulated packets across a point+to+point link# PPP is used between a dial+up
client and an NA1#
There are four distinct phases of negotiation in a PPP dial+up session# 4ach of
these four phases !ust co!plete successfull" before the PPP connection is read"
to transfer user data#
P(/!" 16 PPP L), E!$/71)!(m"$
PPP uses .ink $ontrol Protocol (.$P) to establish, !aintain, and end the ph"sical
connection# 8uring the initial .$P phase, basic co!!unication options are selected#
8uring the link establish!ent phase (Phase -), authentication protocols are
selected, but the" are not actuall" i!ple!ented until the connection authentication
phase (Phase &)# 1i!ilarl", during .$P a decision is !ade as to whether the two
peers will negotiate the use of co!pression andBor encr"ption# The actual choice of
co!pression and encr"ption algorith!s and other details occurs during Phase )#
P(/!" 26 U!"% A.$("$)&/$)o
0n the second phase, the client P$ presents the user:s credentials to the re!ote
access server# A secure authentication sche!e provides protection against repla"
attacks and re!ote client i!personation# A replay attac" occurs when a third part"
!onitors a successful connection and uses captured packets to pla" back the
2icrosoft VPN Overview ;hite Paper ,
re!ote client:s response so that it can gain an authenticated connection# 'emote
client impersonation occurs when a third part" takes over an authenticated
connection# The intruder waits until the connection has been authenticated, and
then traps the conversation para!eters, disconnects the authenticated user, and
takes control of the authenticated connection#
2ost i!ple!entations of PPP provide li!ited authentication !ethods, t"picall"
Password Authentication Protocol (PAP), $hallenge >andshake Authentication
Protocol ($>AP), and 2icrosoft $hallenge >andshake Authentication Protocol
(21$>AP)#
Password Authentication Protocol *PAP,# PAP is a si!ple, clear+te6t
authentication sche!e# The NA1 reuests the user na!e and password, and
PAP returns the! in clear te6t (unencr"pted)# Obviousl", this authentication
sche!e is not secure because a third part" could capture the user:s na!e and
password and use it to get subseuent access to the NA1 and all of the
resources provided b" the NA1# PAP provides no protection against repla"
attacks or re!ote client i!personation once the user:s password is
co!pro!ised#
Challenge-Handshake Authentication Protocol *CHAP,# $>AP is an encr"pted
authentication !echanis! that avoids trans!ission of the actual password on
the connection# The NA1 sends a challenge, which consists of a session 08
and an arbitrar" challenge string, to the re!ote client# The re!ote client !ust
use the 283 one+wa" hashing algorith! to return the user na!e and an
encr"ption of the challenge, session 08, and the client:s password# The user
na!e is sent unhashed#
$hallenge E 1ession 08, $hallenge 1tring
(esponse E 283 >ash(1ession 08, $hallenge 1tring, %ser Password), %ser Na!e
$hallenge
(esponse
Client
Authenticating
$e!ice
(igure 7: The C/A% %rocess
$>AP is an i!prove!ent over PAP because the clear+te6t password is not sent
over the link# 0nstead, the password is used to create an encr"pted hash fro!
the original challenge# The server knows the client:s clear+te6t password and
can, therefore, replicate the operation and co!pare the result to the password
sent in the client:s response# $>AP protects against repla" attacks b" using an
arbitrar" challenge string for each authentication atte!pt# $>AP protects
2icrosoft VPN Overview ;hite Paper
7
against re!ote client i!personation b" unpredictabl" sending repeated
challenges to the re!ote client throughout the duration of the connection#
"icrosoft Challenge-Handshake Authentication Protocol *"S-CHAP,#
21+$>AP is an encr"pted authentication !echanis! ver" si!ilar to $>AP# As
in $>AP, the NA1 sends a challenge, which consists of a session 08 and an
arbitrar" challenge string, to the re!ote client# The re!ote client !ust return
the user na!e and an 28) hash of the challenge string, the session 08, and
the 28)+hashed password# This design, which !anipulates a hash of the 28)
hash of the password, provides an additional level of securit" because it allows
the server to store hashed passwords instead of clear+te6t passwords# 21+
$>AP also provides additional error codes, including a password e6pired code,
and additional encr"pted client+server !essages that per!it users to change
their passwords# 0n 21+$>AP, both the $lient and the NA1 independentl"
generate an initial ke" for subseuent data encr"ption b" 2PP4# Therefore,
21+$>AP authentication is reuired to enable 2PP4+based data encr"ption#
8uring phase & of PPP link configuration, the NA1 collects the authentication data,
and then validates the data against its own user database or against a central
authentication database server, such as one !aintained b" a 2icrosoftF
;indows NTF pri!ar" do!ain controller (P8$) or a (e!ote Authentication 8ial+in
%ser 1ervice ((A80%1) server#
P(/!" 36 PPP C/117/&, Co$%o1
The 2icrosoft i!ple!entation of PPP includes an optional callback control phase#
This phase uses the $allback $ontrol Protocol ($'$P) i!!ediatel" after the
authentication phase# 0f configured for callback, both the re!ote client and NA1
disconnect after authentication# The NA1 then calls the re!ote client back at a
specified phone nu!ber# This provides an additional level of securit" to dial+up
networking# The NA1 allows connections fro! re!ote clients ph"sicall" residing at
specific phone nu!bers onl"#
P(/!" 86 I'o,)* N"$+o%, L/9"% P%o$o&o14!5
Once the previous phases have been co!pleted, PPP invokes the various network
control protocols (N$Ps) that were selected during the link establish!ent phase
(Phase -) to configure protocols used b" the re!ote client# /or e6a!ple, during this
phase the 0P control protocol (0P$P) can assign a d"na!ic address to the dial+in
user# 0n the 2icrosoft i!ple!entation of PPP, the co!pression control protocol is
used to negotiate both data co!pression (using 2PP$) and data encr"ption (using
2PP4) for because both are i!ple!ented in the sa!e routine#
D/$/3T%/!#"% P(/!"
Once the four phases of negotiation have been co!pleted, PPP begins to forward
data to and fro! the two peers# 4ach trans!itted data packet is wrapped in a PPP
header which is re!oved b" the receiving s"ste!# 0f data co!pression was selected
in phase - and negotiated in phase ), data is co!pressed before trans!ission# 0f
2icrosoft VPN Overview ;hite Paper -?
data encr"ption is selected and negotiated, data is encr"pted before trans!ission#
Po)$3$o3Po)$ T."1)* P%o$o&o1 4PPTP5
PPTP is a .a"er & protocol that encapsulates PPP fra!es in 0P datagra!s for
trans!ission over an 0P internetwork, such as the 0nternet# PPTP can also be used
in private .AN+to+.AN networking#
PPTP is docu!ented in the draft (/$, GPoint+to+Point Tunneling ProtocolH (pptp+
draft+ietf + ppe6t + pptp + ?&#t6t) # This draft was sub!itted to the 04T/ in Iune -77*
b" the !e!ber co!panies of the PPTP /oru!, including 2icrosoft, Ascend
$o!!unications, 9$o!BPri!ar" Access, 4$0 Tele!atics, and %1 (obotics (now
9$o!)#
Note: &nternet draft documents should e considered wor"s in progress. See
www.ietf.org for copies of &nternet drafts.
The Point+to+Point Tunneling Protocol (PPTP) uses a T$P connection for tunnel
!aintenance and generic routing encapsulation (C(4) encapsulated PPP fra!es
for tunneled data# The pa"loads of the encapsulated PPP fra!es can be encr"pted
andBor co!pressed# /igure D shows how a PPTP packet is asse!bled prior to
trans!ission# The drawing shows a dial+up client creating a tunnel across an
internetwork# The final fra!e la"out shows the encapsulation for a dial+up client
(PPP 8evice 8river)#
2icrosoft VPN Overview ;hite Paper
--
( e ! o t e $ l i e n t
N e t w o r k A c c e s s 1 e r v e r
A p p l i c a t i o n % s e r 8 a t a
% s e r 8 a t a 0 P
T $ P
% 8 P
T $ P B 0 P
1 t a c k
P P T P
1 o f t w a r e
C ( 4 P P P % s e r 8 a t a 0 P
T $ P
% 8 P
O p t i o n a l l y c o m p r e s s e d a n d e n c r y p t e d
T $ P B 0 P
1 t a c k
0 P % 8 P P P P % s e r 8 a t a 0 P
T $ P
% 8 P
O p t i o n a l l y c o m p r e s s e d a n d e n c r y p t e d
T u n n e l 1 e r v e r
T u n n e l 0 n t e r n e t w o r k
P P P
8 e v i c e
8 r i v e r
0 P % 8 P P P P % s e r 8 a t a 0 P
T $ P
% 8 P
O p t i o n a l l y c o m p r e s s e d a n d e n c r y p t e d
P P P
T a r g e t N e t w o r k
(igure <. Construction of a %%T% %ac"et
L/9"% 2 Fo%+/%2)* 4L2F5
.&/, a technolog" proposed b" $isco, is a trans!ission protocol that allows dial+up
access servers to fra!e dial+up traffic in PPP and trans!it it over ;AN links to an
.&/ server (a router)# The .&/ server then unwraps the packets and inJects the!
into the network# %nlike PPTP and .&TP, .&/ has no defined client# .&/ functions
in co!pulsor" tunnels onl"# (/or a detailed discussion of voluntar" and co!pulsor"
tunnels, see the section, Tunnel T"pes below#)
L/9"% 2 T."1)* P%o$o&o1 4L2TP5
.&TP is a co!bination of PPTP and .&/# 0ts designers hope that .&TP will
represent the best features of PPTP and .&/#
2icrosoft VPN Overview ;hite Paper -&
.&TP is a network protocol that encapsulates PPP fra!es to be sent over 0P, A#&3,
/ra!e (ela", or As"nchronous Transfer 2ode (AT2) networks# ;hen configured to
use 0P as its datagra! transport, .&TP can be used as a tunneling protocol over the
0nternet# .&TP can also be used directl" over various ;AN !edia (such as /ra!e
(ela") without an 0P transport la"er#
.&TP is docu!ented in the draft (/$, -ayer 5 Tunneling %rotocol =-5T%> (draft+
ietf+pppe6t+l&tp+?7#t6t)# This docu!ent was sub!itted to the 04T/ in Ianuar" -77,#
.&TP over 0P internetworks uses %8P and a series of .&TP !essages for tunnel
!aintenance# .&TP also uses %8P to send .&TP+encapsulated PPP fra!es as the
tunneled data# The pa"loads of encapsulated PPP fra!es can be encr"pted andBor
co!pressed# /igure , shows how an .&TP packet is asse!bled prior to
trans!ission# The drawing shows a dial+up client creating a tunnel across an
internetwork# The final fra!e la"out shows the encapsulation for a dial+up client
(PPP 8evice 8river)# The encapsulation assu!es .&TP over 0P#
2icrosoft VPN Overview ;hite Paper
-9
( e ! o t e $ l i e n t
N e t w o r k A c c e s s 1 e r v e r
A p p l i c a t i o n % s e r 8 a t a
% s e r 8 a t a 0 P
T $ P
% 8 P
T $ P B 0 P
1 t a c k
. & T P
1 o f t w a r e
% 8 P P P P % s e r 8 a t a 0 P
T $ P
% 8 P
O p t i o n a l l y c o m p r e s s e d a n d e n c r y p t e d
T $ P B 0 P
1 t a c k
0 P % 8 P P P P % s e r 8 a t a 0 P
T $ P
% 8 P
O p t i o n a l l y c o m p r e s s e d a n d e n c r y p t e d
T u n n e l 1 e r v e r
T u n n e l 0 n t e r n e t w o r k
P P P
8 e v i c e
8 r i v e r
0 P % 8 P P P P % s e r 8 a t a 0 P
T $ P
% 8 P
O p t i o n a l l y c o m p r e s s e d a n d e n c r y p t e d
P P P
T a r g e t N e t w o r k
(igure 2. Construction of an -5T% pac"et
PPTP Com-/%"2 $o L2TP
'oth PPTP and .&TP use PPP to provide an initial envelope for the data, and then
append additional headers for transport through the internetwork# The two protocols
are ver" si!ilar# >owever, there are differences between PPTP and .&TP:
PPTP reuires that the internetwork be an 0P internetwork# .&TP reuires onl"
that the tunnel !edia provide packet+oriented point+to+point connectivit"# .&TP
can be used over 0P (using %8P), /ra!e (ela" per!anent virtual circuits
(PV$s), A#&3 virtual circuits (V$s), or AT2 V$s#
PPTP can support onl" a single tunnel between end points# .&TP allows for the
use of !ultiple tunnels between end points# ;ith .&TP, "ou can create different
tunnels for different ualities of service#
2icrosoft VPN Overview ;hite Paper -)
.&TP provides for header co!pression# ;hen header co!pression is enabled,
.&TP operates with ) b"tes of overhead, as co!pared to * b"tes for PPTP#
.&TP provides for tunnel authentication, while PPTP does not# >owever, when
either protocol is used over 0P1ec, tunnel authentication is provided b" 0P1ec
so that .a"er & tunnel authentication is not necessar"#
I$"%"$ P%o$o&o1 S"&.%)$9 4IPS"&5 T."1 Mo2"
0P1ec is a .a"er 9 protocol standard that supports the secured transfer of
infor!ation across an 0P internetwork# 0P1ec is !ore full" described in the
Advanced 1ecurit" section below# >owever, one aspect of 0P1ec should be
discussed in the conte6t of tunneling protocols# 0n addition to its definition of
encr"ption !echanis!s for 0P traffic, 0P1ec defines the packet for!at for an 0P over
0P tunnel !ode, generall" referred to as &%Sec Tunnel Mode# An 0P1ec tunnel
consists of a tunnel client and a tunnel server, which are both configured to use
0P1ec tunneling and a negotiated encr"ption !echanis!#
0P1ec Tunnel 2ode uses the negotiated securit" !ethod (if an") to encapsulate and
encr"pt entire 0P packets for secure transfer across a private or public 0P
internetwork# The encr"pted pa"load is then encapsulated again with a plain+te6t 0P
header and sent on the internetwork for deliver" to the tunnel server# %pon receipt
of this datagra!, the tunnel server processes and discards the plain+te6t 0P header,
and then decr"pts its contents to retrieve the original pa"load 0P packet# The
pa"load 0P packet is then processed nor!all" and routed to its destination on the
target network#
0P1ec Tunnel 2ode has the following features and li!itations:
0t supports 0P traffic onl"#
0t functions at the botto! of the 0P stack= therefore, applications and higher+level
protocols inherit its behavior#
0t is controlled b" a security policy<a set of filter+!atching rules# This securit"
polic" establishes the encr"ption and tunneling !echanis!s available, in order
of preference, and the authentication !ethods available, also in order of
preference# As soon as there is traffic, the two co!puters perfor! !utual
authentication, and then negotiate the encr"ption !ethods to be used#
Thereafter, all traffic is encr"pted using the negotiated encr"ption !echanis!,
and then wrapped in a tunnel header#
/or !ore infor!ation about 0P1ec, see Advanced 1ecurit" below#
T."1 T9-"!
Tunnels can be created in various wa"s#
oluntar& tunnels: A user or client co!puter can issue a VPN reuest to
configure and create a voluntar" tunnel# 0n this case, the user:s co!puter is a
tunnel endpoint and acts as the tunnel client#
2icrosoft VPN Overview ;hite Paper
-3
Co#pulsor& tunnels: A VPN+capable dial+up access server configures and
creates a co!pulsor" tunnel# ;ith a co!pulsor" tunnel, the user:s co!puter is
not a tunnel endpoint# Another device, the re!ote access server, between the
user:s co!puter and the tunnel server is the tunnel endpoint and acts as the
tunnel client#
To date, voluntar" tunnels are proving to be the !ore popular t"pe of tunnel# The
following sections describe each of these tunnel t"pes in greater detail#
Vo1.$/%9 T."1)*
Voluntar" tunneling occurs when a workstation or routing server uses tunneling
client software to create a virtual connection to the target tunnel server# To
acco!plish this, the appropriate tunneling protocol !ust be installed on the client
co!puter# /or the protocols discussed in this paper, voluntar" tunnels reuire an 0P
connection (either .AN or dial+up)#
0n a dial+up situation, the client !ust establish a dial+up connection to the
internetwork before the client can set up a tunnel# This is the !ost co!!on
case# The best e6a!ple of this is the dial+up 0nternet user, who !ust dial an
01P and obtain an 0nternet connection before a tunnel over the 0nternet can be
created#
/or a .AN+attached co!puter, the client alread" has a connection to the
internetwork that can provide routing of encapsulated pa"loads to the chosen
.AN tunnel server# This would be the case for a client on a corporate .AN that
initiates a tunnel to reach a private or hidden subnet on that .AN (such as the
>u!an (esources network discussed previousl")#
0t is a co!!on !isconception that VPNs reuire a dial+up connection# The"
reuire onl" 0P networking# 1o!e clients (such as ho!e co!puters) use dial+up
connections to the 0nternet to establish 0P transport# This is a preli!inar" step
in preparation for creating a tunnel and is not part of the tunnel protocol itself#
Com-.1!o%9 T."1)*
A nu!ber of vendors that sell dial+up access servers have i!ple!ented the abilit"
to create a tunnel on behalf of a dial+up client# The co!puter or network device
providing the tunnel for the client co!puter is variousl" known as a /ront 4nd
Processor (/4P) in PPTP, an .&TP Access $oncentrator (.A$) in .&TP, or an 0P
1ecurit" Catewa" in 0P1ec# /or the purposes of this white paper, the ter! /4P is
used to describe this functionalit", regardless of the tunneling protocol# To carr" out
its function, the /4P !ust have the appropriate tunneling protocol installed and
!ust be capable of establishing the tunnel when the client co!puter connects#
2icrosoft VPN Overview ;hite Paper -*
ISP
-%P
$ial-Up
Client
(unnel
Ser!er
PPP Connection
(unnel
Internet
intranet
(unnel
Client
(igure 9: Compulsory tunneling
0n the 0nternet e6a!ple, the client co!puter places a dial+up call to a tunneling+
enabled NA1 at the 01P# /or e6a!ple, a corporation !a" have contracted with an
01P to deplo" a nationwide set of /4Ps# These /4Ps can establish tunnels across
the 0nternet to a tunnel server connected to the corporation:s private network, thus
consolidating calls fro! geographicall" diverse locations into a single 0nternet
connection at the corporate network#
This configuration is known as co!pulsor" tunneling because the client is
co!pelled to use the tunnel created b" the /4P# Once the initial connection is
!ade, all network traffic to and fro! the client is auto!aticall" sent through the
tunnel# ;ith co!pulsor" tunneling, the client co!puter !akes a single PPP
connection# ;hen a client dials into the NA1, a tunnel is created and all traffic is
auto!aticall" routed through the tunnel# An /4P can be configured to tunnel all dial+
up clients to a specific tunnel server# The /4P could also tunnel individual clients,
based on the user na!e or destination#
%nlike the separate tunnels created for each voluntar" client, a tunnel between the
/4P and the tunnel server can be shared b" !ultiple dial+up clients# ;hen a second
client dials into the access server (/4P) to reach a destination for which a tunnel
alread" e6ists, there is no need to create a new instance of the tunnel between the
/4P and tunnel server# 0nstead, the data traffic for the new client is carried over the
e6isting tunnel# 1ince there can be !ultiple clients in a single tunnel, the tunnel is
not ter!inated until the last user of the tunnel disconnects#
'ecause the 0nternet facilitates the creation of VPNs fro! an"where, networks need
strong securit" features to prevent unwelco!e access to private networks and to
protect private data as it traverses the public network# %ser authentication and data
encr"ption have alread" been discussed# This section provides a brief look ahead to
the stronger authentication and encr"ption capabilities that are available with 4AP
and 0P1ec#
2icrosoft VPN Overview ;hite Paper
-D
ADVANCED SECURITY
FEATURES
S9mm"$%)& E&%9-$)o '!. A!9mm"$%)& E&%9-$)o
4P%)'/$" :"9 '!. P.71)& :"95
1"!!etric, or private+ke", encr"ption (also known as conventional encr"ption) is
based on a secret ke" that is shared b" both co!!unicating parties# The sending
part" uses the secret ke" as part of the !athe!atical operation to encr"pt (or
encipher) plain te6t to cipher te6t# The receiving part" uses the sa!e secret ke" to
decr"pt (or decipher) the cipher te6t to plain te6t# 46a!ples of s"!!etric encr"ption
sche!es are the (1A ($) algorith! (which provides the basis for 2icrosoft Point+
to+Point 4ncr"ption (2PP4), 8ata 4ncr"ption 1tandard (841), the 0nternational
8ata 4ncr"ption Algorith! (084A), and the 1kipJack encr"ption technolog"
proposed b" the %nited 1tates govern!ent (and i!ple!ented in the $lipper chip)#
As"!!etric, or public+ke", encr"ption uses two different ke"s for each user: one is
a private ke" known onl" to this one user= the other is a corresponding public ke",
which is accessible to an"one# The private and public ke"s are !athe!aticall"
related b" the encr"ption algorith!# One ke" is used for encr"ption and the other for
decr"ption, depending on the nature of the co!!unication service being
i!ple!ented#
0n addition, public ke" encr"ption technologies allow digital signatures to be placed
on !essages# A digital signature uses the sender:s private ke" to encr"pt so!e
portion of the !essage# ;hen the !essage is received, the receiver uses the
sender:s public ke" to decipher the digital signature to verif" the sender:s identit"#
C"%$)#)&/$"!
;ith s"!!etric encr"ption, both sender and receiver have a shared secret ke"# The
distribution of the secret ke" !ust occur (with adeuate protection) prior to an"
encr"pted co!!unication# >owever, with as"!!etric encr"ption, the sender uses a
private ke" to encr"pt or digitall" sign !essages, while the receiver uses a public
ke" to decipher these !essages# The public ke" can be freel" distributed to an"one
who needs to receive the encr"pted or digitall" signed !essages# The sender
needs to carefull" protect the private ke" onl"#
To secure the integrit" of the public ke", the public ke" is published with a
certificate# A certificate (or public ke" certificate) is a data structure that is digitall"
signed b" a certificate authorit" ($A)<an authorit" that users of the certificate can
trust# The certificate contains a series of values, such as the certificate na!e and
usage, infor!ation identif"ing the owner of the public ke", the public ke" itself, an
e6piration date, and the na!e of the certificate authorit"# The $A uses its private
ke" to sign the certificate# 0f the receiver knows the public ke" of the certificate
authorit", the receiver can verif" that the certificate is indeed fro! the trusted $A
and, therefore, contains reliable infor!ation and a valid public ke"# $ertificates can
be distributed electronicall" (through ;eb access or e!ail), on s!art cards, or on
flopp" disks#
0n su!!ar", public ke" certificates provide a convenient, reliable !ethod for
verif"ing the identit" of a sender# 0P1ec can optionall" use this !ethod for end+to+
2icrosoft VPN Overview ;hite Paper -,
end authentication# (e!ote access servers can use public ke" certificates for user
authentication, as described in the section, Transaction+level 1ecurit" (4AP+T.1),
below#
E;$"!)71" A.$("$)&/$)o P%o$o&o1 4EAP5
As stated previousl", !ost i!ple!entations of PPP provide ver" li!ited
authentication !ethods# 4AP is an 04T/+proposed e6tension to PPP that allows for
arbitrar" authentication !echanis!s for the validation of a PPP connection# 4AP
was designed to allow the d"na!ic addition of authentication plug+in !odules at
both the client and server ends of a connection# This allows vendors to suppl" a
new authentication sche!e at an" ti!e# 4AP provides the highest fle6ibilit" in
authentication uniueness and variation#
4AP is i!ple!ented in 2icrosoft ;indowsF &???#
T%/!/&$)o31"'"1 S"&.%)$9 4EAP3TLS5
4AP+T.1 has been sub!itted to the 04T/ as a draft proposal for a strong
authentication !ethod based on public+ke" certificates# ;ith 4AP+T.1, a client
presents a user certificate to the dial+in server, and the server presents a server
certificate to the client# The first provides strong user authentication to the server=
the second provides assurance that the user has reached the server that he or she
e6pected# 'oth s"ste!s rel" on a chain of trusted authorities to verif" the validit" of
the offered certificate#
The user:s certificate could be stored on the dial+up client co!puter or stored in an
e6ternal s!art card# 0n either case, the certificate cannot be accessed without so!e
for! of user identification (P0N nu!ber or na!e+and+password e6change) between
the user and the client co!puter# This approach !eets the so!ething+"ou+know+
plus+so!ething+"ou+have criteria reco!!ended b" !ost securit" e6perts#
4AP+T.1 is the specific 4AP !ethod i!ple!ented in 2icrosoft ;indows &???# .ike
21+$>AP, 4AP+T.1 returns an encr"ption ke" to enable subseuent data
encr"ption b" 2PP4#
IP S"&.%)$9 4IPS"&5
0P 1ecurit" (0P1ec) was designed b" the 04T/ as an end+to+end !echanis! for
ensuring data securit" in 0P+based co!!unications# 0P1ec has been defined in a
series of (/$s, notabl" (/$s -,&3, -,&*, and -,&D, which define the overall
architecture, an authentication header to verif" data integrit", and an encapsulation
securit" pa"load for both data integrit" and data encr"ption#
0P1ec defines two functions that ensure confidentialit": data encr"ption and data
integrit"# As defined b" the 04T/, 0P1ec uses an authentication header (A>) to
provide source authentication and integrit" without encr"ption, and the
encapsulated securit" pa"load (41P) to provide authentication and integrit" along
with encr"ption# ;ith 0P1ec, onl" the sender and recipient know the securit" ke"# 0f
2icrosoft VPN Overview ;hite Paper
-7
the authentication data is valid, the recipient knows that the co!!unication ca!e
fro! the sender and that it was not changed in transit#
0P1ec can be envisioned as a la"er below the T$PB0P stack# This la"er is controlled
b" a securit" polic" on each co!puter and a negotiated securit" association
between the sender and receiver# The polic" consists of a set of filters and
associated securit" behaviors# 0f a packet:s 0P address, protocol, and port nu!ber
!atch a filter, the packet is subJect to the associated securit" behavior#
N"*o$)/$"2 S"&.%)$9 A!!o&)/$)o
The first such packet triggers a negotiation of a securit" association between the
sender and receiver# 01A52PBOakle" is the standard protocol for this negotiation#
8uring an 01A52PBOakle" e6change, the two co!puters agree on authentication
and data+securit" !ethods, perfor! !utual authentication, and then generate a
shared ke" for subseuent data encr"ption#
After the securit" association has been established, data trans!ission can proceed
for each co!puter, appl"ing data securit" treat!ent to the packets that it trans!its
to the re!ote receiver# The treat!ent can si!pl" ensure the integrit" of the
trans!itted data, or it can encr"pt it as well#
A.$("$)&/$)o H"/2"%
8ata integrit" and data authentication for 0P pa"loads can be provided b" an
authentication header located between the 0P header and the transport header# The
authentication header includes authentication data and a seuence nu!ber, which
together are used to verif" the sender, ensure that the !essage has not been
!odified in transit, and prevent a repla" attack#
The 0P1ec authentication header provides no data encr"ption= clear+te6t !essages
can be sent, and the authentication header ensures that the" originated fro! a
specific user and were not !odified in transit#
2icrosoft VPN Overview ;hite Paper &?
E&/-!.1/$)o S"&.%)$9 H"/2"%
/or both data confidentialit" and protection fro! third+part" capture, the
encapsulation securit" pa"load (41P) provides a !echanis! to encr"pt the 0P
pa"load# 41P also provides data authentication and data integrit" services=
therefore, 41P headers are an alternative to A> headers in 0P1ec packets#
0n selecting a VPN technolog", it is i!portant to consider ad!inistrative issues#
.arge networks need to store per+user director" infor!ation in a centrali@ed data
store, or directory service, so that ad!inistrators and applications can add to,
!odif", or uer" this infor!ation# 4ach access or tunnel server could !aintain its
own internal data base of per+user properties, such as na!es, passwords, and dial+
in per!ission attributes# >owever, because it is ad!inistrativel" prohibitive to
!aintain !ultiple user accounts on !ultiple servers and keep the! si!ultaneousl"
current, !ost ad!inistrators set up a !aster account database at the director"
server or pri!ar" do!ain controller, or on a (A80%1 server#
S.--o%$ ) RAS
2icrosoft (e!ote Access 1ervice ((A1) is designed to work with per+user
infor!ation stored in the do!ain controller or on a (A80%1 server# %sing a do!ain
controller si!plifies s"ste! ad!inistration because dial+up per!issions are a subset
of the per+user infor!ation that the ad!inistrator is alread" !anaging in a single
database#
2icrosoft (A1 was originall" designed as an access server for dial+up users# (A1
is also a tunnel server for PPTP and .&TP connections# $onseuentl", these .a"er
& VPN solutions inherit all of the !anage!ent infrastructure alread" in place for
dial+up networking#
0n ;indows &???, (A1 takes advantage of the new Active 8irector", an enterprise+
wide, replicated database based on the .ightweight 8irector" Access Protocol
(.8AP)# .8AP is an industr"+standard protocol for accessing director" services and
was developed as a si!pler alternative to the A#3?? 8AP protocol## .8AP is
e6tensible, vendor+independent, and standards+based# This integration with the
Active 8irector" allows an ad!inistrator to assign a variet" of connection properties
for dial+up or VPN sessions to individual users or groups# These properties can
define per+user filters, reuired authentication or encr"ption !ethods, ti!e+of+da"
li!itations, and so on#
S&/1/7)1)$9
(edundanc" and load balancing is acco!plished using round+robin 8N1 to split
reuests a!ong a nu!ber of VPN tunnel servers that share a co!!on securit"
peri!eter# A securit" peri!eter has one e6ternal 8N1 na!e<for e6a!ple,
vpn6#support#bigco!pan"#co!<but several 0P addresses, and loads are rando!l"
distributed across all of the 0P addresses# All servers can authenticate access
2icrosoft VPN Overview ;hite Paper
&-
USER ADMINISTRATION
reuests against a shared database, such as a ;indows NT 8o!ain $ontroller#
;indows NT do!ain databases are replicated b" design#
RADIUS
The (e!ote Authentication 8ial+in %ser 1ervice ((A80%1) protocol is a popular
!ethod for !anaging re!ote user authentication and authori@ation# (A80%1 is a
ver" light+weight, %8P+based protocol# (A80%1 servers can be located an"where
on the 0nternet and provide authentication (including PPP PAP, $>AP, 21$>AP,
and 4AP) to their client NA1#
0n addition, (A80%1 servers can provide a pro6" service to forward authentication
reuests to distant (A80%1 servers# /or e6a!ple, !an" 01Ps have Joined
consortia to allow roa!ing subscribers to use local services fro! the nearest 01P for
dial+up access to the 0nternet# These roa!ing alliances take advantage of the
(A80%1 pro6" service# 0f an 01P recogni@es a user na!e as being a subscriber to a
re!ote network, the 01P uses a (A80%1 pro6" to forward the access reuest to the
appropriate network#
To properl" ad!inister a VPN s"ste!, network ad!inistrators should be able to
track who uses the s"ste!, how !an" connections are !ade, unusual activit", error
conditions, and situations that !a" indicate euip!ent failure# This infor!ation can
be used for billing, auditing, and alar! or error+notification purposes#
/or e6a!ple, an ad!inistrator !a" need to know who connected to the s"ste! and
for how long in order to construct billing data# %nusual activit" !a" indicate a
!isuse of the s"ste! or inadeuate s"ste! resources# (eal+ti!e !onitoring of
euip!ent (for e6a!ple, unusuall" high activit" on one !ode! and inactivit" on
another) !a" generate alerts to notif" the ad!inistrator of a !ode! failure# The
tunnel server should provide all of this infor!ation, and the s"ste! should provide
event logs, reports, and a data storage facilit" to handle the data appropriatel"#
2icrosoft ;indows NT ) provides accounting, auditing, and error notification
support in (A1#
The (A80%1 protocol defines a suite of call+accounting reuests that are
independent fro! the authentication reuests discussed above# These !essages
fro! the (A1 to the (A80%1 server reuest the latter to generate accounting
records at the start of a call, the end of a call, and at predeter!ined intervals during
a call# ;indows &??? generates these (A80%1 accounting reuests separatel"
fro! access+authentication reuests (which could go to the do!ain controller or to a
(A80%1 server)# This allows an ad!inistrator to configure an accounting (A80%1
server, whether (A80%1 is used for authentication or not# An accounting server can
then collect records for ever" VPN connection for later anal"sis# A nu!ber of third+
2icrosoft VPN Overview ;hite Paper &&
ACCOUNTING,
AUDITING, AND
ALARMING
parties have alread" written billing and audit packages that read these (A80%1
accounting records and produce various useful reports#
VPNs allow users or corporations to connect to re!ote servers, branch offices, or to
other co!panies over a public internetwork, while !aintaining secure
co!!unications# 0n all of these cases, the secure connection appears to the user as
a private network co!!unication<despite the fact that this co!!unication occurs
over a public internetwork# VPN technolog" is designed to address issues
surrounding the current business trend toward increased teleco!!uting and widel"
distributed global operations, where workers !ust be able to connect to central
resources and co!!unicate with each other#
This paper provides an overview of VPN and describes the basic reuire!ents of
useful VPN technologies: user authentication, address !anage!ent, data
encr"ption, ke" !anage!ent, and !ultiprotocol support# 0t discusses how .a"er &
protocols, specificall" PPTP and .&TP, !eet these reuire!ents, and how 0P1ec (a
.a"er 9 protocol) will !eet these reuire!ents in the future#
Fo% Mo%" I#o%m/$)o
/or the latest infor!ation on ;indows NT 1erver, visit the ;eb site at
http:BBwww#!icrosoft#co!Bntserver and the ;indows NT 1erver /oru! on the
2icrosoft Network (CO ;O(8: 21NT1)#
2icrosoft VPN Overview ;hite Paper
&9
CONCLUSION