Virtual Private Networks (VPN / PPTP)

Johannes Helmig Posted On July 26, 1998

1 Views

The Internet has evolved in the last year to one of the main issues in networking:

Most people use it to "surf": to view WWW-webpages in HTML-format.
But the Internet has also its security problems, because any information transmitted from your system (like: your credit-card number , you enter on making an online purchase), is transmitted via several stages to the destination server, and somebody could listen in to that transmission:

That problem was solved by introducing SHTTP (Secure Hyper Text ) in addition to the standard HTTP-protocol.
Now the worldwide availability of the Internet becomes more and more interesting for companies for internal use:

-	have the "road warriors" (salesmen, service technician,..) connect to the home office via Internet (instead of making expensive long distance, sometimes intercontinental, phone calls)
-	connect branch offices in different locations (countries, continents) via Internet (instead via expensive leased lines, like: Frame-relay)

It is very easy to setup a Windows system (95 / 98 / NT4) to share a drive via the Internet, but again, it leaves a security problem:

unauthorized people (usually called hackers) try to break in (not everybody has such top secret information like the US Department of Defense, which have several hundred such attacks a day, but hackers can do some damage to any data).
For that reason, companies connecting their network to the Internet usually try to protect their system by installing a "Firewall": a filter between the Internet and the company network.
To allow secure connection via the Internet, several companies (including Microsoft) agreed on a new protocol:
Point-to-Point TunnelingProtocol (PPTP).
PPTP allows to establish via an IP-network (which is usually the Internet, but can also be a company Intranet) a secure connection by encapsulating inside the IP-packet an encrypted private protocol, which can be NetBEUI, IPX or TCP/IP (with a private IP-address range):

There are several companies offering now devices/support for PPTP.
Microsoft has implemented PPTP on Windows 95 / 98 / NT4 as:
Virtual Private Network (VPN):

Using NetBEUI as example, the above animation shows:
- the network client passes a request to the protocol layer
- the request is wrapped in a protocol envelope (in this example: NetBEUI)
- the protocol envelope is passed on to the VPN-adapter
- the protocol envelope is wrapped again inside a TCP/IP envelope
- the TCP/IP envelope is transmitted via the Internet
on the receiving system:
- the VPN-adapter opens the TCP/IP envelope.
- the protocol envelope is then opened again.
- the data (the "letter inside 2 envelopes") is passed on to its final destination.

You can download detailed information via a link from:
http://www.microsoft.com/communications/PPTPdownload0.htm on:

Microsoft
Virtual Private Networking
Installation, Configuration, and Using PPTP with
Microsoft Clients and Servers
User and Administration Guide

it downloads as MSPPTP.EXE (143 Kbyte), which is self-extracting to a word-file: PPTPInstall5-22.doc (1.378 KByte) with 34 pages.

Support for Virtual Private Networking:
	available as Client as FREE download from Microsoft as part of the Dialup-Networking 1.2 Upgrade
	included as Client
NT4	included in NT4 Workstation and Server as Client and Server
	Included in Windows 2000 Professional and Server
	Included in Windows XP Home and Professional

While Windows NT4 Server can handle MULTIPLE incoming VPN-connections and while Windows NT4 workstation can handle ONE incoming VPN-connection, Windows95 and Windows98 can only be VPN-Clients:
able to establish the connection to an NT4 VPN-server, but not beeing
able to act as a VPN-server, accepting incoming VPN-connections.
Windows95/98 cannot act as VPN-server
(but Windows95/98 is able to provide simple disk sharing via the Internet)