Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Features

Introduction

Updated 6/19/2007: Corrected PPTP information

The Park City Marriott, one day before the opening of The Sundance Film Festival:

Sheila was tall, pretty, and expensive-looking. "So what do YOU do for a living?" she asked.

"Nothing interesting," I replied.

Scoff if you will my brethren, but on a scale from "One" to "Boring," our noble profession ranks just above "Collectible Stamp Salesman" to these strange denizens of the Film Circuit. To prove my theory, I present an alternate line of dialogue:

"Well, I had three weeks to create a mixed-environment network of around 200 machines connected to what I have been told was an unreasonable amount of very expensive switches which linked to each other using STP..." I said.

"Stone Temple Pilots?" she asked.

"No. Spanning Tree Protocol," I replied.

To Sheila, this would not have gone over well; nor would my purgatorial debate over whether to use PPTP or IPsec.

I had pretty much hit the home stretch in the days leading up to the festival opening. The network was in place, with both the Media editors and the Office personnel functioning at acceptable levels. Productivity was up, and there were few complaints. All that remained was to implement the rest of the wireless network, and to create a VPN tunnel to their corporate headquarters, so that the massive amounts of information that were now being generated in ever-increasing volumes could be shared and archived back in California.

By this point, I knew that I would never be entirely satisfied with the network; no true network engineer ever should. Standards are approved, and new methods and protocols invented, on an almost-daily basis. Failing that, there are always about six thousand ways to do any one thing. You'll never have a network that's the end-all and be-all, because network development is a never-ending story. The best you can do is adapt your techniques to the situation at hand while keeping a sharp eye on the available technology

The VPN network had been in the back of my mind since the day I accepted the job. I made every decision regarding the construction of the network with the established protocols and policies of their home network in mind, so that my job would be much easier when it came time to establish the VPN tunnel.

VPN

An Elementary explanation of VPN.

Figure 1: An Elementary explanation of VPN.

A Virtual Private Network is basically a means of sharing data between a private network and a client over public space. Typical methods of connecting a VPN include using a modem to dial-in to the VPN server (Dial-Up VPN), where the phone line represents the vulnerable public space, and connecting to the VPN Server through the Internet. Once connected to the VPN, the client has access to all of the network resources they would if they were physically connected to the LAN.

There are many... many different types of VPN (and more are invented daily), but we shall focus on the two most-often used: PPTP and IPsec.

A PPTP Client is included on all current Windows releases.

Figure 2: A PPTP Client is included on all current Windows releases.

PPTP (Point-to-Point Tunneling Protocol) is by far the most popular and widely used implementation of VPN. Chances are, if you own a Windows-based machine that's less than twelve years old, YOU have a PPTP client built in—they've been featured in every release since Windows 95.

PPTP is run with two connections: a Point-to-Point Protocol (PPP) session using the Generic Routing Encapsulation (GRE) protocol to connect the client, and another connection to initiate and manage that session. The advantage of using PPTP is obvious: everyone has it and it is easy to configure. This also plays into its disadvantage: it's very common, and therefore easy to hack. (Not to mention the fact that PPTP authentication methods such as MS-CHAP are a potential weak link.)

IPsec is a set of protocols used for authentication and encryption. Basic IPsec doesn't bother to emulate a point-to-point private connection and therefore only supports routable protocols such as TCP/IP. However, many IPSEC implementations (especially for PC client remote access) implement some kind of layer-2 emulation via encapsulation for maximum flexibility and compatibility.

For our present application of connecting one network to another (using IPsec "Tunnel" mode as opposed to its "Transport" mode), IPsec would be more secure. However, the complexity of that security will come at the cost of processing power and bandwidth.

More LAN & WAN

Wi-Fi System Tools
Check out the new Wi-Fi System Charts, Ranker and Finder!

Featured Sponsors



Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Hi everyone,I'm looking to set up a LAN at my parents house using the following gear:-Netgear D200 ADSL Modem RouterASUS RT-AC66U_B1 Router running la...
Since the last couple of versions (now on 384.5) my 5G wireless clients don't show as 5G clients in the "view list" windowIn fact the "view list" seem...
Hi guys, I don't know if is a bug or I do not understand something...(Im using RT-AC56u with 384.5)I was trying to set all outgoing TTL packets (with ...
I have two DIR-655 routers, one is my main router with wireless disabled and the other is setup as a wireless AP only. Been working great for years.Re...
Hi. My usb3 flash drive is not working on the usb 3.0 port.I read on this forum that disabling this parameter can solve my issue :https://www.snbforum...

Don't Miss These

  • 1
  • 2
  • 3