1 / 15

Cloud VPN

Cloud VPN. Abdullah Alshalan Garrett Drown Team 3. Outline. Project Goal New Technical Background Current Network Layout Roadmap of our Project Status of our tasks Summary Challenges Faced. Project Goal.

sinead
Download Presentation

Cloud VPN

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cloud VPN Abdullah Alshalan Garrett Drown Team 3 CSE591: Virtualization and Cloud Computing

  2. Outline • Project Goal • New Technical Background • Current Network Layout • Roadmap of our Project • Status of our tasks • Summary • Challenges Faced CSE591: Virtualization and Cloud Computing

  3. Project Goal Provide users of Android devices with several reliable options for accessing a cloud via a VPN connection. CSE591: Virtualization and Cloud Computing

  4. Technical Background • There are several different protocols users may wish to use. • PPTP • L2TP • L2TP/IPSec • SSL VPN CSE591: Virtualization and Cloud Computing

  5. PPTP Point-To-Point Tunneling Protocol (PPTP): • Developed by Microsoft • Generally: • Maintains a control channel over a TCP connection. • Through that, it initiates a GRE tunnel • PPP packets are sent through a GRE tunnel (Generic Routing Encapsulation). • The PPP traffic is authenticated using protocols like PAP, CHAP, etc. • The PPP payload can be encrypted using MPPE. CSE591: Virtualization and Cloud Computing

  6. L2TP Layer 2 Tunneling Protocol (L2TP): • L2TP: • It’s initiated over UDP • L2TP itself does not provide any encryption or authentication. It simply provides the tunnel. • L2TP/IPSec: 3 major steps to establish it: • Negotiation of IPSec Security Association using pre-shared key or a certificate. • Establishing ESP communication, hence a secure channel. • Establishing a L2TP tunnel over the secure channel. CSE591: Virtualization and Cloud Computing

  7. SSL VPN • Encrypt everything above the Transport Layer using SSL protocols. • Runs over TCP or UDP. • Uses pre-shared keys or certificates for authentication • Always uses the strongest encryption that both the server and client support. • Capable of traversing NATs and firewalls and proxy servers. CSE591: Virtualization and Cloud Computing

  8. Network Diagram Virtual Private Network CSE591: Virtualization and Cloud Computing

  9. Roadmap of Project By midterm: • Set up, document, and test all possible server (Linux/Windows) and protocol combinations with the native Android client. (95% Completed) • Place a web server inside our VPN and have the mobile device access it through a VPN connection. (Completed) By final: • Have L2TP/IPSec with Certificates working. • Set up an SSL VPN Server (with OpenVPN) • Find a client for SSL VPN (without need for rooting) • Website for Registration • Documentation of how we did what we did • If time permits: Set up the native client to automatically reconnect when the connection is lost. CSE591: Virtualization and Cloud Computing

  10. Native Android Client • We have successfully set up the native Android VPN client to work with the following configurations: • Linux using L2TP • Linux using L2TP IPSec PSK • Windows using PPTP with no encryption • Windows using PPTP with encryption • Windows using L2TP IPSec PSK CSE591: Virtualization and Cloud Computing

  11. Native Android Client • For each of the configurations we have documented the steps we took to set up the VPN Servers and the VPN clients on the Android device. • This allows others to easily reproduce and expand on our work. • In the future, we will add more screenshots to this document to help future users with the process. CSE591: Virtualization and Cloud Computing

  12. Web Server inside VPN • We have successfully set up a Web Server inside of our VPN testing environment. • This allows us to verify that our VPN is working correctly. • Once the Android device has connected to the VPN we then see if the device can access the web site hosted on this server, which would otherwise be unavailable. CSE591: Virtualization and Cloud Computing

  13. Summary of Findings CSE591: Virtualization and Cloud Computing

  14. Challenges Faced • Setting up the Web Server • Dynamic IPs at ASU • Setting up Apache • Windows Firewall • Setting up Linux VPN Servers • Limited Documentation • Personal solutions provided online • Compatibility issues CSE591: Virtualization and Cloud Computing

  15. Questions? CSE591: Virtualization and Cloud Computing

More Related