Networking
Virtual Private Network (VPN)

A virtual private network is a connection between two private networks through the public space of the Internet. By using a VPN a company can save the cost of buying dedicated circuits between two offices.

With all the private networks on the Internet, a way to get into the private network from the Internet is valuable. With VPN client software, most operating systems can be configured to connect to a VPN. This permits someone with a real IP address to "tunnel" into a private network.

Setting Up Windows 2000 as a VPN Server

Start the Routing and Remote Access Server

Start/Programs/Administrative Tools/Routing and Remote Access

Right-click the server and select Configure and Enable Routing and Remote Access.

Welcome to the Routing and Remote Access Server Setup Wizard. Click Next.

Select Virtual Private Network Server and click Next.

In order to provide VPN services, the host computer must have two NICs. One NIC must have an outside IP address and the other must have an inside IP address.

Select the NIC that will be the outside connection point for incoming VPN client computers.

Click Next.

You will need TCP/IP installed. Verify that TCP/IP is installed, and click Next.

As VPN clients enter the inside network, each client will need an IP address that is within the inside network subnet. If you have a DHCP server installed on your network, the VPN server will use that server to assign DHCP'ed IP addresses to incoming VPN clients. If you do now have a DHCP server, the VPN server will assign IP addresses to incoming VPN clients.

Select Automatically and click Next.

If you have users dialing into the VPN server, a Radius server can be used to authenticate them. Many ISP's use Radius to authenticate incoming users.

Select No and click Next.

Click Finish.

Your VPN server will now start.

In order for outside clients to connect to the VPN server, you must enable each user account to have DIAL-IN access. This is a user property on each user account.