Back to Contents Page

Virtual Private Networks and Encryption

A Virtual Private Network (VPN) allows remote users who belong to a private network (Intel network) to communicate freely and securely through a public network, such as the Internet. Many companies, including Intel, now use hardware and software VPN solutions that employees with high-speed Internet connections use to establish a secure tunnel between home and the corporate network.

A VPN client application connects a remote user to the WLAN providing a secure access to the private network as if you were an on-site user. As a remote user, a connection (low speed or high speed) to the Internet is first established. Then the VPN client application is used to establish a secure connection called a tunnel between the remote computer and the private network.

A VPN client support the following technologies to connect to the internet:

  • POTS (Plain Old Telephone Service) – Uses a dial-up modem to connect.
  • ISDN (Integrated Services Digital Network) – Uses a dial-up modem to connect.
  • Cable – Uses a cable modem and is always connected.
  • DSL – Uses DSL Modem and is always connected.
  • LAN connection – Uses a direct LAN connection to the Internet.
  • Wireless LAN connection – Uses a wireless LAN connection that is connected to the internet via an access point.

There are two ways to create a VPN connection: By dialing an ISP, or by connecting directly to the Internet.

Dialing an ISP: The VPN connection first makes a call to an ISP. After the connection is established, the connection then makes another call to the remote access server that establishes the PPTP or L2TP tunnel. After authentication, access to corporate network is granted.

Connect directly to the Internet: Connecting directly to the Internet means direct IP access without going through an ISP. A user who is already connected to the Internet uses a VPN connection to dial the number for the remote access server. After authentication, the user can access the corporate network, achieving the same functionality as the preceding example.

If you have an active Winsock Proxy client, you cannot create a VPN. A Winsock Proxy client immediately redirects data to a configured proxy server before the data can be processed in the fashion required by a VPN. To establish a VPN, disable the Winsock Proxy client.

VPN Network Protocol Support

Because virtual private networks (VPNs) support the most common network protocols, it is easy for clients on Ethernet, TCP/IP, and IPX networks to use VPNs. The IPX/SPX protocol is not available on Windows XP 64-Bit Edition.

VPN Administration

To tighten security measures a system administrator can configure remote access dial-in settings to define a group profile such that all users who are assigned to that profile are required to authenticate by using the Extensible Authentication Protocol (EAP) and encrypt their data by using strong (128-bit) data encryption. By assigning a user to the group profile, these security measures are automatically required when anyone in that group profile connects to the remote access server. You should configure your VPN connection to match the policies set by your network administrator.

Back to Contents Page


Copyright (c) 2003 Intel Corporation.