Take a look at Vpn,vpn (virtual private network, VPN) is a secure, point-to-point connection through a private network or a public network. The VPN client uses a specific tunneling protocol to establish a virtual connection with the VPN server.
The best example of a VPN is a VPN client that uses a VPN connection to a VPN server connected to the Intenet. It works by the VPN server to answer the identity of the VPN client, and if authenticated, the internal network transmits data to the VPN client. Since VPN is a virtual private network, then the VPN server and the client to establish a logical, indirect connection, can be compared with dial-up network to understand. VPN is generally to ensure the security of data, the connection must be encrypted.
To sum up: currently common VPN applications include site to site (sites to site) VPN and remote access VPN two kinds. The former is primarily used for connections between the headquarters network of an organization and the network of branch offices, or between an organization's network and other trusted partners ' networks. The latter is primarily used for remote access connections to remote or mobile users.
Let's look at the composition of the Remote access VPN:
Let's take a look at the functions of each role:
(1) VPN server: This of course is used to receive and respond to VPN client connection requests and establish a connection. It can be a dedicated VPN server device, or it can be a host running the VPN service. Here, of course, belong to the latter kind.
(2) VPN client: A VPN client is used to initiate a request to connect to a VPN server, typically a host of components of a VPN connection, which is, of course, a dial-up component that supports the VPN protocol.
(3) Tunnel agreement. The VPN has its own special protocol, and its implementation must depend on the tunneling protocol. Through the tunnel protocol for special encapsulation, but also to provide encryption, authentication and so on security services. Of course, both the server and the client must support the same protocol. Currently the most common is PPTP, L2TP, and IPSec.
PPTP: (Point-to-Point Tunneling Protocol Point-to-Point Tunneling Protocol) is an extension of PPP. Coordinate the use of PPP authentication, compression, and encryption mechanisms, which support the establishment of Multi-Protocol VPN connections on IP networks and provide VPN support for users using the PSTN and ISDN. PPTP typically encrypts information by using a key generated during the Ms-chap,ms-chapv2 or EAP-TLS identity authentication process. Encryption uses the MPPE (Microsoft Point-to-Point encryption,microsoft point-to-point encryption) algorithm, the key length can be selected with a weak 40-bit or strong 128-bit strength.
L2TP: (Layet 2 Tunneling Protocol, second-tier tunneling Protocol) is a standard, RFC-based tunneling protocol. Unlike PPTP, however, L2TP does not use MPPE for encryption, but relies on IPSec. The combination of L2TP and IPSec is l2tp/ipsec. Encryption keys generated by IPSec in the IKE negotiation process, L2TP can use DES or 3DES to encrypt information.
IPSEC: (IP security,ip Security) protocol is the IP network security standard developed by the IETF. It includes protocols such as IKE, Ah, ESP, and so on.
(4) Intenet connection: Both the VPN server and the client must be connected to the Internet and can communicate properly over the Internet.
Well, after looking at the principle, deploy an instance:
The server on which to configure the VPN service on the login.
Playing in the Routing and Remote Access window
Point Host right button. Select "Configure and Enable Routing and Remote Access"
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
