You are sitting on a train and trying to work as you walk through tunnels, forests, and uneven terrain. You are sitting on the ground and using a bad network in the cafe to connect. At the airport, the only available seat is at the edge of the internet signal.
In the above cases, you will have the same experience: the previous minute you are still working online in the office, and your connection will be interrupted in the next minute. And it always seems to happen at the worst time, such as the last few seconds of file transfer or when you are preparing to send an emergency email.
Disconnection is the norm of life for people who often travel and work-airports, hotel halls, and coffee shops may all be the cause. However, even worse, it may take several steps to re-establish a connection to a traditional Virtual Private Network VPN: restart the dial, select the correct connection, pull out the key card from the briefcase, and re-verify the identity. Then pray that the connection will not be disconnected again in a few minutes.
VPN Reconnect in Windows Server 2008 R2 and Windows 7 accelerates this process. The built-in functions of this route and remote access service RRAS are combined with the new functions in Windows 7 to restore the interrupted VPN connection. In addition, VPN Reconnect can also maintain connections when mobile users or devices moving between access ports change their geographic locations frequently.
Restore connection
According to the Traditional VPN protocol, when the network connection is disconnected, the VPN tunnel on it will also be lost. To reconnect, you must first relocate the available network connection before you can rebuild the VPN tunnel. To meet the security requirements of enterprises, this process may require multiple steps and multiple authentication.
VPN Reconnect uses the mobility and multi-host protocol MOBIKE in the second version of the Internet Key Exchange Protocol IKEv2) to solve this problem. VPN Reconnect allows the VPN tunnel to be retained for a period of time after the network is interrupted. The time length can be configured. If you re-establish a network connection within this time period, the VPN tunnel is automatically rebuilt.
This protocol can be enabled on the Server. you can install the Routing and Remote Access Control Service RRAS on the Windows Server 2008 R2 Server. However, its client components are only available in Windows 7. This means that for VPN Recconnect to work, you need Windows 7, the Routing and Remote Access Control Service RRAS in Windows Server 2008 R2) or another Ipsec tunnel Mode Server compatible with IKEv2.
The Routing and Remote Access Control Service of R2 has built-in IKEv2, which supports Identity Authentication through the computer certificate and Extended Authentication Protocol Extensible Authentication Protocol, EAP. EAP-based authentication requires the installation of Network Policy Server, NPS), but Identity Authentication Based on Computer certificates does not.
MOBIKE can seamlessly connect to the following scenarios:
- Switch from IPv4 to IPv6. Users with both IPv4 and IPv6 connections can switch between the two networks at will.
- Switch from Internet to intranet. Users in the office can seamlessly connect to the Internet when they leave the office. On the contrary, switching is also feasible: users with Internet connections can automatically switch to the company's internal network when they enter the office.
- Automatically switch when the IP address is changed. When the IP address of an access device changes, the VPN connection may be seamlessly transferred to the new address.
- Automatic Switch during network disconnection and reconnection. VPN connections can be kept online during the "impaired" WAN connection. The VPN connection is rebuilt seamlessly, and the data stream download is automatically restored.
VPN Reconnect is easy to install, and most configurations are on Windows 7 clients. Microsoft's RRAS blog has more advanced information about this new feature. In addition, Microsoft has released a guide to guide the Basic installation steps of server and client components step by step.