New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here


by: Amira Cormier

ComputerNetworks CS4590

Amira Cormier

GPA 3.55


Almost Ready


These notes were just uploaded, and will be ready to view shortly.

Purchase these notes here, or revisit this page.

Either way, we'll remind you when they're ready :)

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

Class Notes
25 ?




Popular in Course

Popular in ComputerScienence

This 0 page Class Notes was uploaded by Amira Cormier on Monday November 2, 2015. The Class Notes belongs to CS4590 at California State University - East Bay taught by Ching-ChengLee in Fall. Since its upload, it has received 33 views. For similar materials see /class/234372/cs4590-california-state-university-east-bay in ComputerScienence at California State University - East Bay.

Popular in ComputerScienence


Reviews for ComputerNetworks


Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 11/02/15
Other VPNs TLSISSL PPTP L2TP Advanced Computer Networks 52005 J39L39Irgen H uselhofer IAIK Overview 7 Introduction to VPNS Why using VPNS What are VPNS VPN technologies TLSSSL Layer 2 VPNS PPTP LZTF LZTPIF SeC ACN 82005 Hauselhofer 129 V g Why using VPNs fast secure and reliable connection between separated networks full access on ressources from everywhere gt building a virtual local connection to local ISFgt reasonable access building connection only ACN 82005 Hauselhofer 229 IAIK 5 What are VPNs A virtual private network is the extension of a private network that encompasses links across shared or public networks like the internet Microsoft White Paper Virtual Private Networking in Windows 2000 ACN 82005 Hauselhofer 329 IAIK 5 VPN technologies Secure VF Ns Networks that are constructed using encryption IPSec LZTPIPSec TLSSSL Trusted VF Ns VPN customer trusted the VPN provider to maintain of the circuits Layer 2 frames over MPLS integrity Hybrid VF Ns Combined use of secure amp trusted VPNs Secure parts controlled by customer or provider providing the trusted part ACN 82005 Hauselhofer 429 IAIK 5 Common uses 13 Remote access UPN connection User to LAN connection Dial up to local ISP Employee needs external access on corporate network ACN 82005 Hauselhofer 529 IAIK vs Common uses 23 Connecting networks over internet UF N cunnec ti Dr Tunnel L w Dedicated or Dedicated dial up link to ISF CUFFGrate link to ISF39 Hub Dedicated lines to connect a branch office to corporate LAN Dial up line to connect a branch office to corporate LAN ACN 82005 Hauselhofer 629 IAIK Vs Common uses 33 Connecting computers over intranet UF39N mnl lec tic lr I T Secured ol Hidden Network eg departments LAN physically disconnected from intranet because of very sensitive data Connection via separated VPN server ACN 82005 Hauselhofer 729 IAIK VPN requirements User Authentication Separate Data Increase Protection Address Managrnent Preve n Tauripe rin g l39u nnallng Encryption Integrity Data Encryption Key Management Multiprotocol support ACN 82005 Hauselhofer 829 IAIK g Tunneling 13 Method for transfering data of a private network over a public network Tunnel Logical path through which encapsulated packets travel r Tunnel endpoints Tran sit internetwork heads Transit internetwork ACN 82005 Hauselhofer 929 IAIK 5 Tunneling 23 Voluntary tunnel User or Client computer is tunnel endpoint Acts as tunnel Client runa IF39 hoauor curig rlel IP healJar lP messng payout Day39sad PC wth L Lz39rP C lcnl IVllsNrrA39Ic LA Soner ACN 82005 Hauselhofer 1029 IAIK 5 Tunneling 33 Compulsory tunnel User or client computer is not tunnel endpoint VPN capable access server creates tunnel and endpoint is tunnel n F lwdr 11 mes gr ham 1129 ACN 82005 Hauselhofer IAIK g Layer 2 VPNsi lgtlgtlgt Point to Point Protocol PPP RFC 1661 RFC 2153 Standard method for transporting multiprotocol datagrarns over point to point links Originally developed as encapsulation protocol for IP traffic Protocol Structure I s hiis II 12 bits 24 hits I 4 him Varjablei 16 32 bits I Flag II Address I Control I Protocol II Infantmention I FCS identi er for encapsulated protocol in information eld Information datagrarn for protocol ch Frarne Check Sequence ACN 82005 Hauselhofer 1229 IAIK Layer 2 VPNsi gtgtTgt 14 Point to Point Tunneling Protocol PPTP RFC 2637 Mainly implemented and used by Microsoft Extension of PPP Allows tunneling of PPP datagrarns over IP networks Easy to use and to implement Use of 2 connections Control connection Tunnel connection ACN 82005 Hauselhofer 1329 IAIK 5 Layer 2 VPNs PPTP 24 Protocol only implemented by PPTP Access Concentrator PAC and PPTP NetworK Server PNS Uses Generic Routing Encapsulation GRE to carry PPP packets Many sessions multiplexed on a single tunnel ACN 82005 Hauselhofer 1429 IAIK g Layer 2 VPNsi PPTP 34 Creating a tunnel 1 Establishing control connection between PAC and PNS on port 1723 2 Exchanging information between PAC and PNS eg encryption 3 Establishing tunnel oonneotion ACN 82005 Hauselhofer 1529 IAIK TUG g Layer 2 VPNS gtgtTIgt 44 Structure of PPTP packet Encrypted I PP payload 3 up datagrarn IPgtlt datagrarn NetBELJI frame 7 PPP frame gt PPP payload can be encrypted andor compressed 3 RE PPP h eader header IP header GRE header contains information about tunnel protocol and encryption algorithm ACN 82005 Hauselhofer 1629 IAIK g Layer 2 VPNsi 2I 12 Layer 2 Forwarding L2F Developed by CISCO Allows multiple tunnels and multiple connections on every tunnel Tunneling PPP and SLIP frames Supports UDP Frame Relay X25 1729 ACN 82005 Hauselhofer IAIK Layer 2 VPNsi 2I 22 Establishing connection 1 Remote user initiates PPP connection to ISP 2 ISP undertakes authentication via CHAP or PAP 3 No tunnel exists Tunnel will be created Tunnel exists New multiplex ID will be allocated gt notification to home gateway Horne gateway accepts or declines new connection ACN 82005 Hauselhofer 1829 IAIK Layer 2 VPNs 2Tgt 12 Layer 2 Tunneling Protocol LZTP RFC 2661 Combines best features of I2l and PPTP Uses UDP Can be transported over Frame Relay ATM X25 Allows multiple tunnels with mutliple sessions every tunnel inside Commonly used with IPSeC gt LZTPIPSeC ACN 82005 Hauselhofer 1929 lAJlK s Layer 2 VPNe 2Tgt 22 Structure of L2TP packet Hgt UDF PPP PP payload header header header header I P datagrarrl IPX datagrarrl NetBELJI Frame l4 PPP frame gt I LZTP Frame gt I UDP message payload can be encrypted IPSec ESP andor compressed ACN 882005 Hauselhofer 2029 V Layer 2 VPNe L2TPIPSeC Uses IPSeC Encapsulating Security Payload ESP Structure of encrypted packet IP UD P PP PPF payload header header header header IP datagram PX datagram NetBEUI frame IPS 35 IP 39Eggc UDP L2TIgt PPP PPP payload ESE Autehc header header header header header IP datagram IPX datagram NetBEUI rrarne trailer trailer T T Encrypted by IPSeC ACN 82005 Hauselhofer 2129 5 Layer 2 VPNS LZTPIF SeC vs F F TF P PTP I2TPI PSec data encryption begins after PPP connection is established use Microsoft Point to Point Encryption MPPE gt stream cipher using RSA RC 4 4o 56 128 Bits requires only user level authentication still implemented in Windows data encryption begins before connection is established by negotiating an IPSec Security Association SA use Data Encryption Standard DES or 3 DES gt block cipher 56 Bits user level and computer level authentication VPN Client software needed ACN 82005 Hauselhofer 2229 IAIK g SSLTLS 1 l6 Developed by Netscape actual version 88L 30 gt basis for TLS 1 O Goals Cryptographic security secure connection between two parties Interoperability independent programmers should be able develop applications Extensibility encryption methods can be incorporated as necessary Relative efficiency reduced CPU usage by using session caching scheme ACN 82005 Hauselhofer 2329 Vquot g 88 ITls 26 Uses certificates for identification Private Key used to prove identity SSL server provides all encryption Keys Originally for HTTPWeb applications Encryption implemented in all todays browsers gt millions of clients ACN 82005 Hauselhofer 2429 IAIK SSL Network Layer SSL between Application Layer and TCPIP ACN 82005 Hauselhofer 2529 IAJIK TUG SSL protocol stack Handshake cipher change and alert protocol for SSL handshake SSL clpher SSL alert Appllcatlon Protocol con protocol change protocol protocol I eg HTTP SSL Record Protocol Record protocol for Top encryption and integrity P 2629 ACN 82005 Hauselhofer a SSLTLS 56 Handshake Protocol 2331 Mes r 7 gas lial1t germer 1 Clien t hello F ea 2 Server hello eq 3 Certi cate options A Certi cate request opiions m 5 Server key exchange optima 4 Eu Sewer hello done 7 C r39ti t r opzr ri l E EL Client key exchange p 9 Certi cate verify epziene 5 1IL Change Cipher Spec L 11 Ifihished q 12 Change cipher Spec eq 13 Finighad 14 Entrysited gate 14 Encrypted data ACN 82005 Hauselhofer 2729 IAIK 5 SS ITIS 662 Record protocol Fragment data Encapsulate data with appropriate header Primary data padding MAC Encrypting data eg DES 3 DES AES Sending completed record ACN 82005 Hauselhofer 2829 Bibliography WindowSecurity Secure Socket Layer htt wwwwihdowseourit oomartiolesSeoure Socket La erhtml Microsoft Virtual Private Networking in Mindows 2000 Netscape SSL Version 30 Draft httpwphetsoapeoomehqssI3draft302txt39 NetworkDictonary Protocols htt wwwhetworkdiotiona oom rotoools Virtual Private Network Consortium httQwwwv9hoorg ACN 82005 Hauselhofer 2929


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Steve Martinelli UC Los Angeles

"There's no way I would have passed my Organic Chemistry class this semester without the notes and study guides I got from StudySoup."

Allison Fischer University of Alabama

"I signed up to be an Elite Notetaker with 2 of my sorority sisters this semester. We just posted our notes weekly and were each making over $600 per month. I LOVE StudySoup!"

Jim McGreen Ohio University

"Knowing I can count on the Elite Notetaker in my class allows me to focus on what the professor is saying instead of just scribbling notes the whole time and falling behind."

Parker Thompson 500 Startups

"It's a great way for students to improve their educational experience and it seemed like a product that everybody wants, so all the people participating are winning."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.