subject: Types Of Vpns That Work With Windows Server 2003 [print this page] Windows Server 2003 can serve as an endpoint for two types of VPNs: remote access VPNs and site-to-site VPNs. The following sections describe these VPNs.
A Remote Access VPN
A remote access VPN consists of a MCSE 2003 server running Routing and Remote Access Services and configured as a VPN server and a compatible VPN client. The server is capable of supporting multiple VPN connections from clients. Client com?puters use VPN client software to connect to the VPN server. A client-to-server VPN can be created between two Windows Server 2003 computers. Most Microsoft Windows cli?ent computers can also be VPN clients. In addition, other operating system clients can have or obtain compatible client software. This type of VPN is also referred to as a cli?ent-to-server VPN.
Figure 7-2 shows a remote access VPN. In the drawing, several client computers have established connections to the VPN server. The server keeps these connections sepa-rate and routes each to its destination within the network.
When the client sends data to the server, the tunnel client adds the tunnel protocol header to the packet and sends the data over the network to the VPN server. The server accepts the packet, removes the header, and sends it to its destination on the internal network.
For a VPN connection to occur, both the client computer and the server computer must be using the same tunneling protocol. VPNs typically also add confidentiality (data encryption), authentication (endpoint-to-endpoint, user-to-central account database, or both), and integrity (protection from modification in transit). They can also add security microsoft exams features such as nonrepudiation (guaranteed to come from the identified source at a spe?cific time) and protection from replay (packets or portions of packets cannot be reused)
Remote access policies are a set of rules that define how connections are authorized. If a client meets the specification of the remote access policies, the connection request can he accepted. If not, the connectioneven one from an authenticated userwill be rejected. Remote access policies provide granular authorization. The following infor?mation should be considered when deciding whether to use remote access free Cisco IT certification test questions policies and in determining how to configure them.
