Your clients make use of whatever Internet connection they can get to
and connect over the Internet to get to your VPN servers and gain access to the corporate
private network, as shown in Figure 11-26. Since all the client needs is an Internet connection,
they can connect from virtually anywhere Internet service is provided (as long
as it isn??™t blocked by the provider). This includes their homes, hotels, airports, and even
wirelessly through wireless hotspots or even via wireless broadband cards.
Encapsulation and Tunneling
VPNs work by encapsulating regular data that you may want to send to the remote host
into another protocol so that it can be safely and securely transmitted over the Internet.
The best part is that your application won??™t require any changes to make it work. All
that??™s needed is a VPN client and server that can encrypt and encapsulate a ???regular???
packet and then reverse this process on the other side so that the application can proceed
to work as normal on the unencrypted data. Windows Server 2008 supports three different
types of tunneling protocols: Point-to-Point Tunnel Protocol (PPTP), Layer 2 Tunneling
Protocol (L2TP), and Secure Socket Tunneling Protocol (SSTP). Tunneling refers
Figure 11-26. Typical VPN
Internet
Client Firewall
Corporate Private
Network
VPN server
384 Microsoft Windows Server 2008 Administration
to creating a virtual connection between two networks over another network or set of
networks, where the data being transmitted between the two networks participating in
the tunnel cannot be deciphered by the intermediary network (such as the Internet).
Pages:
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421