Configuring Virtual Ports

Not all ports listed in Network preferences are associated with a hardware interface. Some listed ports may be virtual ports, which take network data and reroute it through another physical port. Internet Connect can create two virtual ports: Virtual Private Networks and 802.1X.

[View full size image]

Virtual Private Networks (VPNs)

Mac OS X supports VPN technology, which lets IP traffic travel securely over a public TCP/IP network using tunneling to encrypt data between the client system and host network.

Mac OS X supports two VPN protocols over an existing Internet connection: Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling Protocol (L2TP) over IP Security (IPSec).

The PPTP protocol supports client-to-gateway and network-to-network connections. L2TP over IPSec supports network-to-network connections only and offers strong authentication using IPSec, Microsoft Challenge-Handshake Authentication Protocol (CHAP), or third-party solutions such as SecurID.

To configure your computer to connect to a VPN, follow these steps:

1.	Obtain the VPN configuration and connection settings from your system administrator.
2.	Configure VPN connection settings in Internet Connect (/Applications).
3.	Configure the TCP/IP and Proxies VPN settings in the VPN pane of Network preferences.

To connect to a VPN server that implements the L2TP and PPTP standards, such as the VPN server that comes with Mac OS X Server, use Internet Connect. If the VPN server you want to connect to does not implement the L2TP and PPTP standards, you'll need to configure the appropriate TCP/IP settings in Network preferences and use special VPN client software to connect to the network.

VPN connections terminate if they are not kept active. For example, VPN is disconnected when switching between users using fast user switching.

802.1X

The Institute of Electrical and Electronics Engineers (IEEE) 802.1X standard is intended to enhance network security by requiring a user to authenticate before accessing the network. Currently, 802.1X is primarily used with wireless networks; however, it can also be implemented on a wired network. To configure in Internet Connect, begin by choosing File > New 802.1X Connection.

When a user attempts to access a network through an access point, such as an AirPort Base Station or an Ethernet switch that has 802.1X enabled, the user must provide identity information that the access point forwards to an authentication server. If the authentication server is able to validate the user, the access point allows normal access to the network.

Your network administrator provides a user name and password that you enter in the 802.1X pane in Internet Connect. If required, you can create multiple configurations, each with unique user information, allowing the computer to connect to different networks.