p


 


  is a vertual private network used by organization & companies to interact with
their company server from a distance location other than their home network. It is a way to connect
to home network securely over internet. It encapsulates data transfers using a secure cryptographic
method between two or more networked devices which are not on the same private network so as to
keep the transferred data private from other devices on one or more intervening local or wide area
networks.

Figure 1.1General View of VPN Server

It aims to avoid an expensive system of owned or leased lines that can be used by only one
organization. VPN Server performs four critical functions which are as follows:
1. uthentication ± validates that the data was sent from the sender.
2. ccess control ± limiting unauthorized users from accessing the network.
3. Confidentiality ± preventing the data to be read or copied as the data is being transported.
4. Data Integrity ± ensuring that the data has not been altered.

c


 
0 til t
 t   
t 

 t
 

 
t

t 

i

l


 li
 

il- 
 li

  t
 
  ii  li
 t i t

t t t
i 


t


t
l ti 



i
l

t 
t
t
l

itlit

t



t t!

t
i


 l



li
tt
i
ii
ll 
t
t
 i
"
t
 
#tit
$ t
t"i t
 l
t# 0

 
  
it

t

l i t


i
l


li



  t
 li
 
  i
  t l  t
i li
 
 
ti  i l

 tt

i

t

l
 t
 li
  
i
i :
© -
t lt

tt
lt
ti 
© -
t
l't
i ti i t i
  t




ti





© 
t
t

it
-t-it

t

 
tiit
© -
l

l
iti



© -
 %$ l
 t
 

t t t
 
ti 
t    &
  i it  &
 '

t 
tiit
 

c
 
-here are -hree -ypes of connection method used by VPN Server to connect to remote user which
are as follows:

© p p



© p



 

© p



 p 

 

c


 


 

 

If you are searching to create your personal vpn server, then you have many different alternatives
accessible. -his actually is not a a valuable thing as it will make creating your VPN very hard,
especially if you¶re only starting out. In order to save you some time I¶ll recommend what I feel may
be the absolute best software remedy regarding establishing any VPN host on any kind of operating
system. Open VPN is you need simply because not only is a very secure but it¶s free of charge and
incredibly an easy task to setup when you are aware how. Keep reading to find out why you should
seriously consider this particular computer software if you considering setting up your own personal
VPN machine, particularly if it is your first time wanting to do that.

Web -elevision has become a very popular alternative to satellite tv methods. By using a VPN
service, you may make your personal computer seem to be positioned in virtually any region in the
world including the Us all and also the UK. By doing this you can efficiently avoid virtually any
constraints based on watching -V on board whether it be via world wide web obstructing in some
countries or via televison broadcasting restrictions coming from United kingdom tv shows. It is a
simple procedure to utilize VPNs to gain access to -elevision applications all over the world which
is authorized. -hus take into account getting a VPN these days so that you can view any plan you
need through around the globe.

Having a vpn server, you are getting use of a quick host that won¶t slow down your online
connection like the majority of some other World Wide Web providers or companies. Having a VPN
machine, additionally you have the added good thing about total level of privacy when you use the
web. You can watch whatever plans you want, in a nation, whenever you want sufficient reason for
complete level of privacy.

It is possible to guard the identity online utilizing a personal VPN consideration. With the rising
number of cyber offences, on the internet privacy has become a real problem. Furthermore, the actual
emergence associated with social media sites and also weblogs makes this extremely difficult for
anyone to stay anonymous on the internet. On the web privacy is nearly not possible to maintain.
Most people have no idea which cyber crooks will get use of your own credit card information just
by sniffing your web targeted traffic (as with wifi hot spots).

mazingly, governing bodies at the center Far east as well as China are using Internet protocol
address to locate laptop computer using their very own individuals. -he fact is you don¶t would like

c


everybody in the planet to know who you are and what you are doing on the internet. -his is how a
Virtual Exclusive System (VPN) accounts can assist you out there.

By using a VPN support, it hides your online activity. It can this particular by encrypting everything
proceeding from the pc towards the vpn server. If you enter an internet site deal with, your personal
computer transmits an email for the VPN host to get the web page you¶ve requested. -his way the
browsing background will be concealed from the ISP or even business as well as your level of
privacy is actually protected. In fact, without the VPN, these details would be easy to get at for your
ISP in order to cyber terrorist smelling your computer data, as your traffic would not be protected.


 

c


 p

   
 literature review is part of a research project where a researcher researches on similar work to his
or hers. -his very important part of the research helps the researcher to find out how other
researchers have tackled the problem heshe is attempting to solve. It gives insight on how to go
about solving the problem at hand and provides information on available technologies and tools for
solving the problem.
-his literature review provides an overview of various areas of research in VPN Server like Security,
anti Hacking, Firewall, Networking, Protocol to be used, data rate, speed of transmission etc.
dditional literature is considered which provides a general overview of the topic. Some case study
literature is included with an emphasis on library science studies. -his literature review is then
applied to a case study migration project at the University of North Carolina at Chapel Hill in order
to determine where the literature was helpful and where not, as well as where more research may be
needed. Conclusions are drawn that the theoretical literature is quite comprehensive, but that
literature having more practical application could certainly be strengthened.
-he primary areas of discussion on VPN Server encompass the following categories: a general
overview of VPN Server with basic technical guidelines like how to install Server, general problem
occur during installation, firewall, connectivity in network, safety transmission, protect from
hacker¶s attack, etc VPN Server provides a way to connect our system from a remote place to our
home or corporate server, so this are the basic areas where literature Survey is helpful.

c
 

 p
  ! 
" #$
 VPN server itself is simply a server that is connected to a virtual private network.  virtual private
network, or VPN, is a network that is able to channel through the Internet in order to connect a
multitude of users, servers, and devices together. VPNs can also include other networks, such as
local area networks, and are encrypted to ensure that only users who have the proper authorization
are able to access them. VPN networks are dependent on both a server and a client, with a server
being the device that hosts the main files and a client being all other devices that connect to the
server.
p!
 

 
 VPN server is a piece of hardware or software that can acts as a gateway into a whole network or a
single computer. It is generally µalways on¶ and listening for VPN clients to connect to it.

 VPN Client is most often a piece of software but can be hardware too.  client initiates a µcall¶ to
the server and logs on. -hen the client computer can server network can communicate. -hey are on
the same µvirtual¶ network. Many broadband routers can pass one or more VPN sessions from your
LN to the Internet. Each router handles this differently.





-here are two major languages or protocols that VPN s speak. Microsoft uses PP-P or Point to
Point -unneling Protocol and most everyone else uses IPSec Internet Protocol Security. Most
broadband routers can pass PP-P traffic by forwarding port 1723 but IPSec is more complex. If your
router does not explicitly support IPSEC pass through, then even placing your computer in the DMZ
might not work.

PP-P has good encryption and also features authentication for verifying a user ID and password.
IPSec is pureley an encryption model and is mutch safer but does not include authentication
routines.  third standard, L2-P is IPSec with authentication built in.



c



!% & 
© General IPsec

IPSec provides confidentiality and integrity protection for transmitted information,

authentication and destinations, and anti replay protection. -wo main network protocols,
Encapsulating Security payload (ESP) and uthentication header (H), are used to achieve
this goals. ll other parts of the IPSec standard merely implement these protocols and
configure the required technical parameters. pplying H or ESP to an IP packet may
modify the data payload (not always) and may insert an H pr ESP header between the IP
header and the packet contents.

© § c       

ESP and H together to get confidentiality ‘
 authentication. Since ESP can also perform
most of the H functions, there is no reason to use H. Because ESP works on encapsulation
principles, it has a different format: ll data is encrypted and then placed between a header
and a trailer.-his differentiates it from H, where only a header is created. Key exchange
(ISKMP, IKE, and others)

© p
  


-he art of protecting information by transforming it (encrypting it) into an unreadable format,
called cipher text. Only those who possess a secret {
can decipher (or decrypt) the message
into plain text. Encrypted messages can sometimes be broken by cryptanalysis, also called

 ‘{ , although modern cryptography techniques are virtually unbreakable.

© àc  

n IPSec policy is nothing more than a set of rules that govern when and how Server uses the
IPSec protocol. -he IPSec policy interacts directly with the IPSec driver. -he policy tells
Windows such things as which data to secure and which security method to use.

© ·emote access
You can configure a server that allows remote users to access resources on your private
network over dial up or virtual private network (VPN) connections. -his type of server is
called a remote accessVPN server. ·emote accessVPN servers can also provide network
address translation (N-). With N-, the computers on your private network can share a
single connection to the Internet. With VPN and N-, your VPN clients can determine the IP
addresses of the computers on your private network, but other computers on the Internet
cannot.

c


 ©
  



 
   () and its predecessor,   $  
 (), are
cryptographic protocols that provide communications security over the Internet. -LS and
SSL encrypt the segments of network connections above the -ransport Layer, using
symmetric cryptography for privacy and a keyed message authentication code for message
reliability.

 

c


 p
' 
"

!!

 



"
" ((
-o install and turn on a VPN server, follow these steps:
1. Click 
, point to )
 
! , and then click * 


*) .
2. Click the server icon that matches the local server name in the left pane of the console. If the
icon has a red circle in the lower left corner, the ·outing and ·emote ccess service has not
been turned on. If the icon has a green arrow pointing up in the lower left corner, the ·outing
and ·emote ccess service has been turned on. If the ·outing and ·emote ccess service
was previously turn on, you may want to reconfigure the server. -o reconfigure the server:
a. ·ight click the server object, and then click 
+! * 


 *)  .
Click , to continue when you are prompted with an informational message.
b. ·ight click the server icon, and then click p

 

 -

+! * 



*)  to start the ·outing and ·emote ccess Server Setup Wizard. Click
 to continue.
c. Click *)
  .
!/   0 to turn on remote computers to dial in or
connect to this network through the Internet. Click  to continue.
 Click to select  or 
!/  depending on the role that you intend to assign to this server.
 In the VPN Connection window, click the network interface which is connected to the
Internet, and then click .
 In the   
)
 window, click  )

!! if a DHCP server will be used
to assign addresses to remote clients, or click 1)
 




  if remote clients
must only be given an address from a pre defined pool. In most cases, the DHCP option is simpler to
administer. However, if DHCP is not available, you must specify a range of static addresses. Click
 to continue.
 If you clicked 1)
 




  , the  *

 
)
 dialog
box opens. Click ". -ype the first IP address in the range of addresses that you want to use in the

 
 box. -ype the last IP address in the range in the -
 
 box. Windows
calculates the number of addresses automatically. Click  to return to the   *


 
)
 window. Click  to continue.
 ccept the default setting of 2  * 


 *)   
 





 3   , and then click  to continue. Click 1
 to turn on the ·outing and
·emote ccess service and to configure the server as a ·emote ccess server.

c
 

"p

 
p



)
p!
p)  

-o set up a connection to a VPN, follow these steps. -o set up a client for virtual private network
ccess, follow these steps on the client workstation:
 -: You must be logged on as a member of the dministrators group to follow these steps.
 -: Because there are several versions of Microsoft Windows, the following steps may be
different on your computer. If they are, see your product documentation to complete these steps.

1. On the client computer, confirm that the connection to the Internet is correctly configured.
2. Click 
, click p
!

!, and then click "$p


. Click p


"



under "$
$ , and then click .
3. Click p

 
"$
) "$!
 to create the dial up connection. Click 
to continue.
4. Click 
!
"$


, and then click .
5. -ype a descriptive name for this connection in the p)



) dialog box, and then
click .
6. Click 
 
!   

! 


if the computer is permanently connected to the
Internet. If the computer connects to the Internet through an Internet Service Provider (ISP),
click  )

!!  
!   

! 


, and then click the name of the connection
to the ISP. Click .
7. -ype the IP address or the host name of the VPN server computer (for example,
VPNServer.SampleDomain.com).
8. Click 

4   if you want to permit any user who logs on to the workstation to have
access to this dial up connection. Click   
! if you want this connection to be
available only to the currently logged on user. Click .
9. Click 1
 to save the connection.
10.Click 
, click p
!

!, and then click "$p


.
11.Double click the new connection.
12.Click  to continue to configure options for the connection. -o continue to
configure options for the connection, follow these steps:
a If you are connecting to a domain, click the 
tab, and then click to select the

!  #
"  !
 )

check box to specify whether to request Windows
Server 2003 logon domain information before trying to connect.

c


 a If you want the connection to be redialed if the line is dropped, click the 
tab,
and then click to select the *
!
!
  check box.

-o use the connection, follow these steps:

1. Click 
, point to p

, and then click the new connection.

2. If you do not currently have a connection to the Internet, Windows offers to connect to the
Internet.
3. When the connection to the Internet is made, the VPN server prompts you for your user name
and password. -ype your user name and password, and then click p

.
Your network resources must be available to you in the same way they are when you connect
directly to the network. -: -o disconnect from the VPN, right click the connection icon,
and then click  

.

c


 p
! 


VPN Server are an effective way to create secure communication channels across the Internet
or between sensitive systems within a company¶s internal network. With the inclusion of VPN
support in Microsoft 2000, Cisco routers, Checkpoint 2000, and a host of other systems, the
deployment of VPN¶s is going to become more commonplace. Without proper security design, these
VPN¶s could add many more unwanted entrances to corporate networks. Use VPN¶s where
appropriate but ensure security issues including machine configuration, policy and user security
awareness have been considered

c


 
1  #$


-he success of VPN Server in the future depends mainly on industry dynamics. Most of the
value in VPN Server lies in the potential for businesses to save money. Should the cost of long
distance telephone calls and leased lines continue to drop, fewer companies may feel the need
to switch to VPNs for remote access. Conversely, if VPN standards solidify and vendor
products interoperate fully with other, the appeal of VPNs should increase.
-he success of VPNs also depends on the ability of intranets and extranets to deliver on their
promises. Companies have had difficulty measuring the cost savings of their private networks,
but if it can be demonstrated that these provide significant value, the use of VPN technology
internally may also increase. So there is a future work in the area of security, encryption,
virtual network connectivity etc.

c


 *-1-*-p-

ndrew S. -anenbaum, ³Computer Networks³, Fourth Edition, pp.37 48.

ventail corporation, ³Now an SSL VPN can replace IPSec for ·emote ccess,  vendor white
paper.

VPN

http:compnetworking.about.comodvpnawhat_is_a_vpn.htm

http:www.consumer research guide.comvpn.htm?gclid=CM7ewZyW7IcCFSG-Yodx3· fQ

http:www.infosec.gov.hkenglishitprosectipsVPN_eng.pdf

http:www.pcnetworkadvisor.com

VPN forums

http:www.tek tips.comthreadminder.cfm?pid=463

http:www.vpnc.orgvpn technologies.html

Configuration of VPN connections

http:kb.iu.edudataakko.html

-cpIp guide

http:www.tcpipguide.comfreet_toc.htm

IPSec

http:send2press.comnewswire2006 11 1130 004.shtml

http:www.vpnlabs.com

SSL  -LS

http:info.ssl.com

http:www.cse.wustl.edu(jaincse473 05ftpi_isecsld008.htm

http:www.PacktPub.combookssl_vpn

http:www.ietf.orghtml.charterstls charter.html

Security Issues

http:e docs.bea.comwlesecurityconcepts.htm

c


http:searchsecurity.techtarget.comsDefinition0,,sid14_gci343029,00.html

http:www.openssl.orgdocssslssl.html

Client Server communications

http:www.codeproject.comcsinternetsyncSocketServerandClien.asp

c