When it comes to building and deploying Windows VPNs, it's nice to know that Windows Server 2003 includes the ingredients necessary to use Windows clients as far back as Windows 2000 Professional (and with some additional gyrations, even Windows 98) as VPN clients. You can find lots of information on this topic on the Microsoft Web pages (the VPN Technology Center is a good place to start; you'll find the VPN Documentation area at the lower right particularly full of useful links). But no place else will you find this topic covered as well, or as completely, as in the Microsoft Press book by Joseph Davies and Elliot Lewis entitled Deploying Virtual Private Networks with Microsoft Windows Server 2003 (2003, ISBN: 0735615764).
The book is divided up into 4 parts, as follows:
- VPN Technology (Chapters 1-4): makes a business case for using VPNs, then guides readers through an overview of terms, concepts, and technologies, discusses VPN security basics, and covers interoperability issues with third-party VPN providers and products.
- VPN Deployment (Chapters 5-10): covers topics related to planning and deploying remote access or site-to-site VPN implementations. This includes VPN gateway and client services, authentication services and protocols (certificate services and RADIUS), the Microsoft Connection Manager used to set up network and VPN links, Network Access Quarantine Control, and more. Remote access and site-to-site VPNs are covered in detail, from planning through design to deployment.
- VPN Troubleshooting (Chapters 11 & 12): devotes one chapter each to remote access VPNs and site-to-site VPNs, and concentrates on walking readers through testing and troubleshooting scenarios step-by-step, so as to facilitate identifying and solving common remote access and site-to-site VPN problems and difficulties.
- Appendixes (A – G): compiles all kinds of helpful ancillary materials, including VPN deployment best practices, configuring firewalls for VPNs, deploying certificate infrastructure, setting up remote access VPN links, Connection manager, and PPTP-based site-to-site VPN connections in a test lab, and a VPN deployment FAQ.
Though it follows the Microsoft party line on VPNs throughout, the book deals adequately with third-party products and solutions, and contains lots of well-packaged and nicely stated information on the subject. Though you may need to supplement it with additional information from other sources from time to time (particularly when dealing with new features and functions or third-party components), it's nevertheless a great resource and a good place to start, if you're planning on deploying VPNs in a Windows Server 2003 environment.
The CD packaged with the book also contains some good stuff. For one thing, it includes a searchable electronic copy of the book in eBook format (very handy when using the book as a reference). It also includes a VPN deployment calculator that helps guide you through planning and deploying Microsoft VPN server and client software, along with troubleshooting worksheets and sample logs that can guide you through troubleshooting problems with installation, deployment, and everyday use of L2TP, IPSec, PPTP, and other VPN-related protocols.
Ed Tittel is a regular contributor to numerous TechTarget Web sites, and the author of over 100 books on a wide range of computing subjects from markup languages to information security. He's also a contributing editor for Certification Magazine, and edits Que Publising's Exam Cram 2 and Training Guide series of IT cert prep books. E-mail Ed at firstname.lastname@example.org.
Dig Deeper on WAN technologies and services
MPLS VPN basics
Basic IPsec VPN topologies and configurations - from IPsec Virtual Private Network Fundamentals
Bandwidth management - from CCSP Self-Study: Cisco Secure Virtual Private Networks (CSVPN), 2nd Edit
Creating Remote Access and Site-to-Site VPNs with ISA Firewalls: from 'The Best Damn Firewall Book P