What are types of protocols of VPN?
in this articcle we want to read about What are types of protocols of VPN? We talk about 5 types of protocols of VPN.
PPTP VPN service
One of types of protocols of VPN is PPTP, PPTP VPN service – Point to Point Tunneling Protocol is a method for implementing virtual private networks. PPTP service uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.
PPTP assumes the availability of an IP internetwork between a PPTP client and a PPTP server, The PPTP client might already be attached to an IP internetwork that can reach the PPTP server, or the PPTP client might have to dial into a network access server (NAS) to establish IP connectivity as in the case of dial-up Internet users.
The PPTP service specification does not describe encryption or authentication features and relies on the Point-to-Point Protocol being tunneled to implement security functionality. However the most common PPTP implementation, shipping with the Microsoft Windows product families, implements various levels of authentication and encryption natively as standard features of the Windows PPTP stack. The intended use of this protocol is to provide security levels and remote access levels comparable with typical VPN products.
By using PPTP, a large organization with distributed offices can create a large local area network (LAN ) – essentially a VPN – by using the infrastructure of a wide area network (WAN), like the network of a public Internet service provider (ISP) or telecom. This is more cost effective than laying out a network infrastructure over such distances.
L2TP VPN Service
In computer networking, Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs) or as part of the delivery of services by ISPs. It does not provide any encryption or confidentiality by itself; it relies on an encryption protocol that it passes within the tunnel to provide privacy.
Published in 1999 as proposed standard RFC 2661, L2TP has its origins primarily in two older tunneling protocols for Point-to-Point communication: Cisco’s Layer 2 Forwarding Protocol (L2F) and USRobotics Point-to-Point Tunneling Protocol (PPTP). A new version of this protocol, L2TPv3, was published as proposed standard RFC 3931 in 2005. L2TPv3 provides additional security features, improved encapsulation, and the ability to carry data links other than simply PPP (PPP) over an IP network (e.g., Frame Relay, Ethernet, ATM, etc.).
The entire L2TP packet, including payload and L2TP header, is sent within a User Datagram Protocol (UDP) datagram. It is common to carry PPP sessions within an L2TP tunnel. L2TP does not provide confidentiality or strong authentication by itself. IPsec is often used to secure L2TP packets by providing confidentiality, authentication and integrity. The combination of these two protocols is generally known as L2TP/IPsec (discussed below).
The two endpoints of an L2TP tunnel are called the LAC (L2TP Access Concentrator) and the LNS (L2TP Network Server). The LAC is the initiator of the tunnel while the LNS is the server, which waits for new tunnels. Once a tunnel is established, the network traffic between the peers is bidirectional. To be useful for networking, higher-level protocols are then run through the L2TP tunnel. To facilitate this, an L2TP session (or ‘call’) is established within the tunnel for each higher-level protocol such as PPP. Either the LAC or LNS may initiate sessions. The traffic for each session is isolated by L2TP, so it is possible to set up multiple virtual networks across a single tunnel. MTU should be considered when implementing L2TP.
The packets exchanged within an L2TP tunnel are categorized as either control packets or data packets. L2TP provides reliability features for the control packets, but no reliability for data packets. Reliability, if desired, must be provided by the nested protocols running within each session of the L2TP tunnel.
Cisco Anyconnect VPN client
People connect to the Internet from several public locations, such as airports and cafes, they had no acceptable use policy enforcement, minimal protection against malware, and are at a higher risk of data loss.Cisco offers AnyConnect Secure Mobility to extend the network perimeter to remote endpoints, enabling the seamless integration of web filtering services offered by the Web Security appliance.
When researching security options that are available from Cisco, one of the words that is hard to miss is AnyConnect. Cisco has developed the AnyConnect Secure Mobility Client as a “next generation” Virtual Private Network (VPN) client. AnyConnect is not limited to providing VPN access, it has a number of other capabilities that enable an enterprise to truly secure the endpoint.
Cisco anyconnect VPN client provides the remote access connectivity portion of AnyConnect Secure Mobility.The connection is secure because both the user and device must be authenticated and validated prior to being provided access to the network.When a user opens a VPN session using Cisco AnyConnect, the AnyConnect client connects to the adaptive security appliance using SSL. The client authenticates with the adaptive security appliance and is assigned an internal IP address on the network.
How does cisco anyconnect vpn work?
Remote and mobile users use the Cisco AnyConnect Secure VPN client to establish VPN sessions with the adaptive security appliance. The adaptive security appliance sends web traffic to the Web Security appliance along with information identifying the user by IP address and user name. The Web Security appliance scans the traffic, enforces acceptable use policies, and protects the user from security threats. The adaptive security appliance returns all traffic deemed safe and acceptable to the user.
You can see how to setup Cisco anyconnect vpn client on your computer and smartphone :
What is OpenVPN Service?
OpenVPN is an open-source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for key exchange. It is capable of traversing network address translators (NATs) and firewalls. It was written by James Yonan and is published under the GNU General Public License (GPL).
OpenVPN allows peers to authenticate each other using a pre-shared secret key, certificates, or username/password. When used in a multiclient-server configuration, it allows the server to release an authentication certificate for every client, using signature and Certificate authority. It uses the OpenSSL encryption library extensively, as well as the SSLv3/TLSv1 protocol, and contains many security and control features.
Another types of protocols of VPN is SSTP , Secure Socket Tunneling Protocol (SSTP) is a form of VPN tunnel that provides a mechanism to transport PPP or L2TP traffic through an SSL 3.0 channel. SSL provides transport-level security with key-negotiation, encryption and traffic integrity checking. The use of SSL over TCP port 443 allows SSTP to pass through virtually all firewalls and proxy servers except for authenticated web proxies.
SSTP servers must be authenticated during the SSL phase. SSTP clients can optionally be authenticated during the SSL phase, and must be authenticated in the PPP phase. The use of PPP allows support for common authentication methods, such as EAP-TLS and MS-CHAP.