VPN Frequently Asked Questions (FAQ) VPN Fundamentals Operating Systems Specific Questions Miscellaneous Questions VPN Fundamentals 1) What is a VPN A1: A Virtual Private Network (VPN) is an enterprise network deployed on a shared infrastructure employing the same security, management, and throughput policies applied in a private network. It is "virtual" in the sense that even though you are utilizing a public (or shared) infrastructure, that fact is transparent and it appears as though you are only using your own private network. A2: A VPN is a group of two or more computer systems, typically connected to a private network (a network built and maintained by an organization solely for its own use) with limited public-network access, that communicates "securely" over a public network. VPNs may exist between an individual machine and a private network (client-to-server) or a remote LAN and a private network (server-to-server). VPNs include encryption, strong authentication of remote users or hosts, and mechanisms for hiding or masking information about the private network topology from potential attackers on the public network. A3: A VPN is a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures. A virtual private network can be contrasted with a system of owned or leased lines that can only be used by one company. The idea of the VPN is to give the company the same capabilities at much lower cost by using the shared public infrastructure rather than a private one.

A4: A VPN is an encrypted connection from a point outside the NCAR security perimeter across the perimeter. A VPN allows FULL connectivity to internal NCAR resources, so that you can do anything that you could do while connected to the internal network directly, including NFS mounts, Microsoft Networking, direct access to protected hosts, and other things that SSH port forwarding alone cannot do. Operating System Specific Questions 1) Installing VPN Client on Windows 95/98/2000/NT/XP 2) I am getting a message saying that the driver is not signed by Microsoft. This message can be ignored. It may occur a few times while installing the driver. Press OK to continue. It only occures with some versions of Windows 2000 and XP. If you want to turn this message off you can change the system setting in the "System Properties -> Hardware -> Driver Signing" in the control pannel. 3) I have a SONY VAIO laptop and the VPN is not working The VPN Client is not supported on SONY VAIO laptops running windows 98 and Windows ME due to a problem with the plug and play manager from SONY. Miscellaneous Questions 1) What ports need to be open in my firewall? If using the VPN Client behind a firewall, you must have your administrator open these protocol and port numbers to IP Address 199.250.21.165. Service Protocol Source Port Dest. Port ISAKMP/IPSEC Key Management 17 (UDP) 500 500 IPSEC Tunnel Encapsulation 50 (ESP) N/A N/A IPSEC NAT Transparency 17 (UDP) 10000(def) 10000 (default) 2) How Do I change my VPN password? Call the DMS Services Desk at 850.487.1746 or Toll-Free at 866.693.6748. 3) I use AOL and the VPN does not work. AOL and other proxy based services are not supported. 4) What type of broadband router should I use? We do not recommend any particular brand of broadband router. You should use one that supports IPSEC pass-through. A good resource of information on these routers can be found at http://www.practicallynetworked.com 5) What is the best way to see if I have internet connectivity to the server? "ping vpn3000.hcs.net"