Microsoft Internet Security and Acceleration (ISA) Server 2004 Unleashed
Chapter 10. Extending ISA 2004 to Branch Offices with Site-to-Site VPNs
IN THIS CHAPTER
In addition to providing for rich Application-layer firewall capabilities and content caching acceleration abilities, ISA Server 2004 also sports robust Virtual Private Network (VPN) capabililities. ISA's VPN options allow for traffic between systems to be encrypted and sent across untrusted networks such as the Internet. This allows for rich VPN client support, such as what is illustrated in Chapter 9, "Enabling Client Remote Access with ISA Server 2004 Virtual Private Networks (VPNs)." In addition to supporting standard VPN client functionality, ISA Server 2004 also allows for site-to-site VPNs to be created, enabling an organization to eschew expensive dedicated WAN links over cheaper Internet connections, without sacrificing any security in the process. This chapter focuses on site-to-site VPN deployment scenarios that use ISA Server 2004. It includes step-by-step information on how to set up site-to-site VPNs with various protocols, such as the Point-to-Point Tunneling Protocol (PPTP) and the Layer 2 Tunneling Protocol (L2TP). In addition, using IPSec Tunnel Mode for integration of ISA Server 2004 with third-party VPN solutions is covered. |