quoted from
Summary
Virtual Private Networks (VPN) allow users working at home, on the road or at a branch office to connect in a secure manner to a remote corporate server using the public Internet. VPN server or host is a computer that accepts VPN connections from VPN clients. A VPN server or host can be a NT/W2K server or W2K/XP Pro. VPN client is a computer that initiates a VPN connection to a VPN server or host. A VPN client can be an individual computer running MS Windows NT version 4.0, Windows 2000, 9x. VPN clients can also be any non-Microsoft Point-to-Point Tunneling Protocol (PPTP) client or Layer Two Tunneling Protocol (L2TP) client using IPSec.
Basic VPN Requirement
User Permission. Enable a user to access the VPN. To do this, go to AD Users and Computers, select the user who need to access the VPN, click Dial-in. Check Allow access on the Remote Access Permission (Dial-in or VPN).
IP Configuration. The VPN server should have a static IP address and assign the arrange IP addresses to VPN clients. The VPN server must also be configured with DNS and WINS server addresses to assign to the VPN client during the connection.
Data Encryption. Data carried on the public network should be rendered unreadable to unauthorized clients on the network.
Protocol Support. The TCP/IP is common protocols used in the public network. The VPN also include IP, Internetwork Packet Exchange (IPX), NetBEUI and so on.
Firewall Ports. When you place a VPN server behind your firewall, be sure to enable IP protocol 47 (GRE) and TCP port 1723.
Interface(s) for VPN server. If your network doesn't have a router or the VPN is also a gateway, your computer must have at least two interfaces, one connecting to the Internet and another connecting to the LAN. If it is behind a router, you just need one NIC.
One interface for VPN client. The interface can be a dial-in modem, or a dedicated connection to the Internet.
Robert Lin, MS-MVP, MCSE & CNE
Windows, Network, Internet, VPN, Routing and How to at
