Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Features

Introduction

Updated 6/19/2007: Corrected PPTP information

The Park City Marriott, one day before the opening of The Sundance Film Festival:

Sheila was tall, pretty, and expensive-looking. "So what do YOU do for a living?" she asked.

"Nothing interesting," I replied.

Scoff if you will my brethren, but on a scale from "One" to "Boring," our noble profession ranks just above "Collectible Stamp Salesman" to these strange denizens of the Film Circuit. To prove my theory, I present an alternate line of dialogue:

"Well, I had three weeks to create a mixed-environment network of around 200 machines connected to what I have been told was an unreasonable amount of very expensive switches which linked to each other using STP..." I said.

"Stone Temple Pilots?" she asked.

"No. Spanning Tree Protocol," I replied.

To Sheila, this would not have gone over well; nor would my purgatorial debate over whether to use PPTP or IPsec.

I had pretty much hit the home stretch in the days leading up to the festival opening. The network was in place, with both the Media editors and the Office personnel functioning at acceptable levels. Productivity was up, and there were few complaints. All that remained was to implement the rest of the wireless network, and to create a VPN tunnel to their corporate headquarters, so that the massive amounts of information that were now being generated in ever-increasing volumes could be shared and archived back in California.

By this point, I knew that I would never be entirely satisfied with the network; no true network engineer ever should. Standards are approved, and new methods and protocols invented, on an almost-daily basis. Failing that, there are always about six thousand ways to do any one thing. You'll never have a network that's the end-all and be-all, because network development is a never-ending story. The best you can do is adapt your techniques to the situation at hand while keeping a sharp eye on the available technology

The VPN network had been in the back of my mind since the day I accepted the job. I made every decision regarding the construction of the network with the established protocols and policies of their home network in mind, so that my job would be much easier when it came time to establish the VPN tunnel.

VPN

An Elementary explanation of VPN.

Figure 1: An Elementary explanation of VPN.

A Virtual Private Network is basically a means of sharing data between a private network and a client over public space. Typical methods of connecting a VPN include using a modem to dial-in to the VPN server (Dial-Up VPN), where the phone line represents the vulnerable public space, and connecting to the VPN Server through the Internet. Once connected to the VPN, the client has access to all of the network resources they would if they were physically connected to the LAN.

There are many... many different types of VPN (and more are invented daily), but we shall focus on the two most-often used: PPTP and IPsec.

A PPTP Client is included on all current Windows releases.

Figure 2: A PPTP Client is included on all current Windows releases.

PPTP (Point-to-Point Tunneling Protocol) is by far the most popular and widely used implementation of VPN. Chances are, if you own a Windows-based machine that's less than twelve years old, YOU have a PPTP client built in—they've been featured in every release since Windows 95.

PPTP is run with two connections: a Point-to-Point Protocol (PPP) session using the Generic Routing Encapsulation (GRE) protocol to connect the client, and another connection to initiate and manage that session. The advantage of using PPTP is obvious: everyone has it and it is easy to configure. This also plays into its disadvantage: it's very common, and therefore easy to hack. (Not to mention the fact that PPTP authentication methods such as MS-CHAP are a potential weak link.)

IPsec is a set of protocols used for authentication and encryption. Basic IPsec doesn't bother to emulate a point-to-point private connection and therefore only supports routable protocols such as TCP/IP. However, many IPSEC implementations (especially for PC client remote access) implement some kind of layer-2 emulation via encapsulation for maximum flexibility and compatibility.

For our present application of connecting one network to another (using IPsec "Tunnel" mode as opposed to its "Transport" mode), IPsec would be more secure. However, the complexity of that security will come at the cost of processing power and bandwidth.

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Featured Sponsors



Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

I am trying to calculate the run time of a UPS for a mini aquarium. If the power fails the pump stops, which supplies water to the rear wall that is c...
Hi,I received a script to run with Merlin where I don't know how to load it. What do I need to do?I've had a look around but I can't find a user guide...
Currently i'm running Voxels latest build ( V1.0.2.54SF) which overall seems to work just fine. I know I can set a client device to low,medium,high,hi...
My routers traffic analyzer shows Wistron Infocomm (Zhongshan) Co as a client.Mostly no activity, but some days 3GB download.Any thoughts as to what t...
I enable stateful vs stateless in order to have routable IPV6 addresses.After doing that, and a quick restart of the router, I checked that the target...

Don't Miss These

  • 1
  • 2
  • 3