Creating a VPN connection

Virtual private network (VPN) connections enable a computer to create a secure, tunneled connection to a remote host. Often, VPN is used to create a connection across the Internet to a private LAN. Computers that establish a VPN connection to a remote LAN can function on the LAN as if they were connected locally to the network. Therefore, a VPN connection enables the computer to access shared resources such as folders and printers and access other servers on the remote network.

It isn't difficult to create a VPN connection in Windows 2000 Professional, but you do have a few configuration questions to sort out. First, Windows supports two VPN protocols, PPTP and L2TP. The latter offers better security, so you should use L2TP if the remote VPN server supports it.

You also need to decide which protocols the VPN connection will use. In most cases, you will only need TCP/IP, but you might need to add others if you need to access resources on the remote server or LAN that require the protocol(s).

To create a VPN connection, run the Make New Connection Wizard in the Network And Dial-Up Connections folder. Click Next, choose the option Connect To A Private Network Through The Internet, and then click Next. In the Destination Address page, enter the IP address or host name of the VPN server that will host the connection, click Next, and accept the defaults for the rest of the wizard's prompts.

Windows opens the connection after it creates it. Click Properties in the Connect dialog box, and then click the Networking tab. The drop-down list labeled Type Of VPN Server I Am Calling lets you choose the VPN protocol to be used. Choose Automatic to have the client attempt PPTP first, followed by L2TP. Or, choose either PPTP or L2TP as required by the server.

Windows 2000 Server

Windows Services for UNIX (SFU) is an add-on for Windows 2000 Server that provides several components to enable integration between Windows systems and UNIX/Linux systems. One SFU component is the Network File System (NFS), which provides the Client, Server, and Gateway components that support file sharing between Windows and UNIX-based systems.

The Client component enables Windows clients to access files shared on UNIX-based NFS servers. The Server component displays Windows-hosted shares as NFS file systems, making them available to NFS clients in both UNIX and Windows environments.

Installing and managing an NFS client on Windows workstations is one solution to providing access to NFS shares on a UNIX server, but a better option is to use the Gateway component of NFS for Windows 2000. The Gateway component enables a Windows 2000 server to act as a gateway for NFS shares on UNIX hosts.

To the client, it appears that the Windows server is hosting these shares. Because the Windows clients can access the Windows server without any additional client software, these clients don't require NFS client software to access NFS shares on remote UNIX hosts. Eliminating the need for NFS client software simplifies network and client management.