confidentially over a public network. VPN traffic can be carried over a public networking infrastructure (e.g. the Internet) on top of standard protocols, or over a service provider’s private network. VPN Scenario There are a number of VPN scenarios you would use, these are as follows: 1. Server to server (encrypted tunnel only) 2. Client to Server (encrypted tunnel and authentication) 3. Client to Client As far as this document goes we will be considering scenarios one and two. We will be using IPSEC and L2TP. The following diagram provides an overview of the two scenarios:
IPSEC and L2TP IPSEC and L2TP are the two protocols discussed in this document. There are other methods of setting up a VPN but I have chosen to focus on the L2TP over IPSEC method. Openswan (openswan-2.4.7-1.i686.rpm ) can be downloaded from the Internet, and is used to install IPSEC. You will fine that alot of distributions include openswan. L2TP can also be downloaded from the Internet in the form of a tarball or RPM (the xl2tpd rpm or the older l2tpd rpm will work fine) IPSEC IPEC, which is installed when you install “Openswan”, allows you to create an encrypted tunnel between to servers that are connected via the Internet. This means that any traffic between the two servers will be encrypted and thus will be unreadable to anyone trying to “eavesdrop” on the data passing between the two servers. Users from either side of the connection can connect to each others network through the encrypted tunnel. To stop hackers from connecting to either of the servers, IPSEC is setup to use either “Preshared key”, “RSA key” or “PKI Certs”.
L2TP L2TP will be used in a client server scenario, allowing the users to “log on” to the VPN server. L2TP is used to manage things like IP address range and authentication type for the clients who connect. Once L2TP is installed, the connection will use PPP to administer the client log on. In order to install L2TP you will need to install the XL2TPD or the L2TPD package. In order for L2TP to work you need to install IPSEC as well, as L2TP runs over IPSEC.
