Encapsulation in VPN
in [Cisco]
|
Prev: enable cli command logging howto
Next: SPAM
From: karthikbalaguru on 19 Dec 2009 03:19 Hi, For data ecapsulation, VPN relies on either of the following technologies like GRE , IPSec, L2F, PPTP and L2TP . But, which of the above technologies is popular ? If they vary based on the requirements, can you pls lemme know a document/link that maps the technologies against the requirements w.r.t VPN ? Thx in advans, Karthik Balaguru
From: Bob Lin (MS-MVP) on 19 Dec 2009 12:22 IPSec and PPTP are more popular. The PPTP is using for client to server. IPSec can be used as cleint to server or site to site VPN. This search result may help. Virtual Private NetworksLearn about the Microsoft commitment to support VPN interoperability through standards such as L2TP/IPsec and PPTP. Connecting Remote Users to Your Network ... technet.microsoft.com/en-us/network/bb545442.aspx -- Bob Lin, Microsoft-MVP, MCSE & CNE Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com "karthikbalaguru" <karthikbalaguru79(a)gmail.com> wrote in message news:390def23-0826-447f-9cec-4e8e0ab32e3d(a)u1g2000pre.googlegroups.com... > Hi, > For data ecapsulation, VPN relies on either of the > following technologies like GRE , IPSec, L2F, > PPTP and L2TP . But, which of the above > technologies is popular ? If they vary based > on the requirements, can you pls lemme know > a document/link that maps the technologies > against the requirements w.r.t VPN ? > > Thx in advans, > Karthik Balaguru
From: karthikbalaguru on 19 Dec 2009 17:09 On Dec 19, 10:22 pm, "Bob Lin \(MS-MVP\)" <nore...(a)chicagotech.net> wrote: > IPSec and PPTP are more popular. The PPTP is using for client to server. > IPSec can be used as cleint to server or site to site VPN. This search > result may help. > Thx for your response. But it seems that PPTP can support only one tunnel at a time for each user. Therefore, its proposed successor, L2TP (a hybrid of PPTP and another protocol, L2F ) can support multiple, simultaneous tunnels for each user. So, shouldn't L2TP be popular ? PPTP and L2TP are the layer 2 VPN technologies from CPE (customer premise equipment) to CPE. IPSec is the primary layer 3 VPN technology providing a CPE to CPE tunnel. Refer- http://www.networkdictionary.com/networking/vpn.php Further from another link from internet, i found that it seems that PPTP separates the control and data channels into control stream that runs over TCP and a data stream that runs over GRE (a less popular Internet standard). But, in contrast L2TP combines the control/data channels and uses high-performance UDP. This makes L2TP more "firewall friendly" than PPTP -- a crucial advantage for an extranet protocol -- since most firewalls do not support GRE. So, i wonder how PPTP is popular compared to L2TP ? Any ideas ? Thx in advans, Karthik Balaguru
From: goarilla on 19 Dec 2009 17:31 On Sat, 19 Dec 2009 14:09:33 -0800, karthikbalaguru wrote: > On Dec 19, 10:22 pm, "Bob Lin \(MS-MVP\)" <nore...(a)chicagotech.net> > wrote: >> IPSec and PPTP are more popular. The PPTP is using for client to >> server. IPSec can be used as cleint to server or site to site VPN. This >> search result may help. >> >> > Thx for your response. But it seems that PPTP can support only one > tunnel at a > time for each user. Therefore, its proposed successor, L2TP (a hybrid of > PPTP > and another protocol, L2F ) can support multiple, simultaneous tunnels > for > each user. > > So, shouldn't L2TP be popular ? > > PPTP and L2TP are the layer 2 VPN technologies from CPE (customer > premise > equipment) to CPE. IPSec is the primary layer 3 VPN technology providing > a CPE > to CPE tunnel. Refer- > http://www.networkdictionary.com/networking/vpn.php > > Further from another link from internet, i found that it seems that PPTP > separates the control and data channels into control stream that runs > over > TCP and a data stream that runs over GRE (a less popular Internet > standard). > But, in contrast L2TP combines the control/data channels and uses > high-performance UDP. This makes L2TP more "firewall friendly" than PPTP > -- a crucial advantage for an extranet protocol -- since most firewalls > do not support GRE. > > So, i wonder how PPTP is popular compared to L2TP ? Any ideas ? > > Thx in advans, > Karthik Balaguru i don't know much about VPN, but i do believe it's a field dominated by proprietary/gateway solutions: cisco vpn, intel vpn, ...
From: bod43 on 19 Dec 2009 17:42
On 19 Dec, 22:31, goarilla <kevin.pau...(a)skynet.remove-this.be> wrote: > On Sat, 19 Dec 2009 14:09:33 -0800, karthikbalaguru wrote: > > On Dec 19, 10:22 pm, "Bob Lin \(MS-MVP\)" <nore...(a)chicagotech.net> > > wrote: > >> IPSec and PPTP are more popular. The PPTP is using for client to > >> server. IPSec can be used as cleint to server or site to site VPN. This > >> search result may help. > > > Thx for your response. But it seems that PPTP can support only one > > tunnel at a > > time for each user. Therefore, its proposed successor, L2TP (a hybrid of > > PPTP > > and another protocol, L2F ) can support multiple, simultaneous tunnels > > for > > each user. > > > So, shouldn't L2TP be popular ? > > > PPTP and L2TP are the layer 2 VPN technologies from CPE (customer > > premise > > equipment) to CPE. IPSec is the primary layer 3 VPN technology providing > > a CPE > > to CPE tunnel. Refer- > >http://www.networkdictionary.com/networking/vpn.php > > > Further from another link from internet, i found that it seems that PPTP > > separates the control and data channels into control stream that runs > > over > > TCP and a data stream that runs over GRE (a less popular Internet > > standard). > > But, in contrast L2TP combines the control/data channels and uses > > high-performance UDP. This makes L2TP more "firewall friendly" than PPTP > > -- a crucial advantage for an extranet protocol -- since most firewalls > > do not support GRE. > > > So, i wonder how PPTP is popular compared to L2TP ? Any ideas ? > > > Thx in advans, > > Karthik Balaguru > > i don't know much about VPN, but i do believe it's a field > dominated by proprietary/gateway solutions: cisco vpn, intel vpn, ... No. IPSEC is very widely used for infrastructure VPNs and is not proprietary. Cisco interoperates with Checkpoint interoperates with Draytek interoperates with OpenVPN ....... Never found a problem in dozens of cases. What is often proprietary are the VPN client solutions where one of the VPN endpoints is an individual PC. Cisco, Microsoft, Checkpoint all have their own proprietary inplementations. |