Components of virtual private networks
A VPN connection includes the following components:
- VPN server
A computer that accepts VPN connections from VPN clients.
- VPN client
A computer that initiates a VPN connection to a VPN server. A VPN client can be an individual computer or a router.
- Tunnel
The portion of the connection in which your data is encapsulated.
- VPN connection
The portion of the connection in which your data is encrypted. For typical secure VPN connections, the data is encrypted and encapsulated along the same portion of the connection.
Note:
It is possible to create a tunnel and send the data through the tunnel without encryption. This is not a VPN connection because the private data is sent across a shared or public network in an unencrypted and easily readable form.
- Tunneling protocols
Protocols that are used to manage tunnels and encapsulate private data. Data that is tunneled must also be encrypted to be a VPN connection. The Windows Server 2003 family includes the PPTP and L2TP tunneling protocols. For more information, see Point-to-Point Tunneling Protocol and Layer Two Tunneling Protocol.
- Tunneled data
Data that is usually sent across a private point-to-point link.
- Transit internetwork
The shared or public network crossed by the encapsulated data. For the Windows Server 2003 family, the transit internetwork is always an IP internetwork. The transit internetwork can be the Internet or a private IP-based intranet.
The following illustration shows the components of a virtual private network.
No comments:
Post a Comment