Filter
Top Products
Chapter 5 VPN Service 73
Before You Set Up VPN Service
Before setting up Virtual Private Network (VPN) service, you need to determine which
transport protocol you’re going to use. The table below shows which protocols are
supported by different platforms.
If you’re using L2TP, you need to have a Security Certificate from a Certificate Authority
like Verisign, or a pre-defined shared secret between connecting nodes. If you choose a
shared secret, it needs to be secure as well (8-12+ alphanumeric characters with
punctuation) and kept secret by the users.
If you’re using PPTP, you need to make sure all of your clients support 128-bit PPTP
connections, for greatest transport security. Be aware that enabling 40-bit transport
security is a serious security risk.
Managing VPN Service
This section describes tasks associated with managing VPN service. It includes starting,
stopping, and configuring the service.
Starting or Stopping VPN Service
You use Server Admin to start and stop VPN service.
To start or stop VPN service:
1 In Server Admin, choose the VPN Service from the Computers & Services list.
2 Make sure at least one of the transport protocols is checked and configured.
3 Click Start Service or Stop Service.
When the service is turned on, the Stop Service button is available.
Enabling and Configuring L2TP Transport Protocol
Use Server Admin to designate L2TP as the transport protocol. By enabling this
protocol, you must also configure the connection settings. You must designate an IPSec
shared secret (if you don’t use a Certificate Authority’s Security Certificate), the IP
address allocation range to be given to your clients, and group to be allowed VPN
priviledges (if desired). If both L2TP and PPTP are used, each protocol should have a
separate, non-overlapping address range.
If you have... you can use L2TP/IPSec. you can use PPTP.
Mac OS X 10.3.x clients X X
Mac OS X 10.2.x clients X
Windows clients X (if Windows XP) X
Linux or Unix clients X X
LL2351.Book Page 73 Monday, September 8, 2003 2:47 PM