Virtual Private Networks

Virtual Private Networks (VPN / PPTP)

The Internet has evolved in the last year to one of the main issues in networking:

Most people use it to "surf": to view WWW-webpages in HTML-format.
But the Internet has also its security problems, because any information transmitted from your system (like: your credit-card number , you enter on making an online purchase), is transmitted via several stages to the destination server, and somebody could listen in to that transmission:

That problem was solved by introducing SHTTP (Secure Hyper Text ) in addition to the standard HTTP-protocol.

Now the worldwide availability of the Internet becomes more and more interesting for companies for internal use:

-	have the "road warriors" (salesmen, service technician,..) connect to the home office via Internet (instead of making expensive long distance, sometimes intercontinental, phone calls)
-	connect branch offices in different locations (countries, continents) via Internet (instead via expensive leased lines, like: Frame-relay)

It is very easy to setup a Windows system (95 / 98 / NT4) to share a drive via the Internet, but again, it leaves a security problem:

unauthorized people (usually called hackers) try to break in (not everybody has such top secret information like the US Department of Defense, which have several hundred such attacks a day, but hackers can do some damage to any data).
For that reason, companies connecting their network to the Internet usually try to protect their system by installing a "Firewall": a filter between the Internet and the company network.

To allow secure connection via the Internet, several companies (including Microsoft) agreed on a new protocol:
Point-to-Point Tunneling Protocol (PPTP).

PPTP allows to establish via an IP-network (which is usually the Internet, but can also be a company Intranet) a secure connection by encapsulating inside the IP-packet an encrypted private protocol, which can be NetBEUI, IPX or TCP/IP (with a private IP-address range):

There are several companies offering now devices/support for PPTP.

Microsoft has implemented PPTP on Windows 95 / 98 / NT4 as:
Virtual Private Network (VPN):

Using NetBEUI as example, the above animation shows:
- the network client passes a request to the protocol layer
- the request is wrapped in a protocol envelope (in this example: NetBEUI)
- the protocol envelope is passed on to the VPN-adapter
- the protocol envelope is wrapped again inside a TCP/IP envelope
- the TCP/IP envelope is transmitted via the Internet
on the receiving system:
- the VPN-adapter opens the TCP/IP envelope.
- the protocol envelope is then opened again.
- the data (the "letter inside 2 envelopes") is passed on to its final destination.

You can download detailed information via a link from:
http://www.microsoft.com/communications/PPTPdownload0.htm on:

Microsoft
Virtual Private Networking
Installation, Configuration, and Using PPTP with
Microsoft Clients and Servers

User and Administration Guide

it downloads as MSPPTP.EXE (143 Kbyte), which is self-extracting to a word-file: PPTPInstall5-22.doc (1.378 KByte) with 34 pages.

	Support for Virtual Private Networking:
	available as Client as FREE download from Microsoft as part of the Dialup-Networking 1.2 Upgrade
	included as Client
NT4	included in NT4 Workstation and Server as Client and Server

While Windows NT4 Server can handle MULTIPLE incoming VPN-connections and while Windows NT4 workstation can handle ONE incoming VPN-connection, Windows95 and Windows98 can only be VPN-Clients:
able to establish the connection to an NT4 VPN-server, but not beeing
able to act as a VPN-server, accepting incoming VPN-connections.
Windows95/98 cannot act as VPN-server
(but Windows95/98 is able to provide simple disk sharing via the Internet)

Using a Windows NT4 workstation as a VPN-dialin to a Server network:

Using a Windows NT4 workstation as a TCP/IP-dialin to a Mainframe: