a vpn is a private network that sends data securely between two locations across a public network, like the internet. vpn was created as a cost-effective alternative to using a private, dedicated, leased line for a private network. using industry standard encryption and authentication techniques, ipsec (ip security), the vpn creates a secure connection that, in effect, operates as if you are directly connected to your local network. virtual private networking can be used to create secure networks linking a central office with branch offices, telecommuters, and/or professionals on the road (travelers can connect to a vpn router using any computer with vpn client software that supports ipsec).

    there are two basic ways to create a vpn connection:

    · vpn router to vpn router

    · computer (using vpn client software that supports ipsec) to vpn

    router

    the vpn router creates a "tunnel" or channel between two endpoints, so that data transmissions between them are secure. a computer with vpn client software that supports ipsec can be one of the two endpoints. any computer with the built-in ipsec security manager (microsoft 2000 professional, 2000 advanced server, xp home, and xp professional) allows the vpn router to create a vpn tunnel using ipsec (refer to "appendix c: configuring ipsec between a microsoft windows 2000 or xp pc and a linksys cable/dsl vpn router"). other versions of microsoft operating systems require additional, third-party vpn client software applications that support ipsec to be installed.

    if you are using a vpn router connected to your cable or dsl modem, do not use vpn client software on any of the pcs on the lan side. if you do, then you will be limited to one ip-sec passthrough session, the maximum number allowed by the vpn router.

    vpn router to vpn router

    an example of a vpn router-to-vpn router vpn would be a cable/dsl vpn router linked to the central office's vpn router (see figure 4-1). at home, a telecommuter uses his cable/dsl vpn router for his always-on internet connection. his router is configured with his office's vpn settings.

    he accesses the router's web-based utility and connects to the vpn router at the central office 40 miles↑* away. using the vpn, the telecommuter now has a secure connection to the central office's network, as if he were physically connected.

    *the distance is an example only; vpns have no distance limitations.

   

    you must have at least one vpn router on one end of the vpn tunnel. at the other end of the vpn tunnel, you must have a second vpn router or a computer with vpn client software that supports ipsec.

    computer (using vpn client software that supports ipsec) to vpn router

    an example of a computer-to-vpn router vpn would be a notebook computer linked to the central office's vpn router (see figure 4-2). in her hotel room, a traveling businesswoman dials up her isp. her notebook computer has vpn client software that is configured with her office's vpn settings. she accesses the vpn client software that supports ipsec and connects to the vpn router at the central office 4000 miles↑* away. using the vpn, the businesswoman now has a secure connection to the central office's network, as if she were physically connected.

    *the distance is an example only; vpns have no distance limitations.

   

    for additional information and instructions about creating your own vpn, please visit linksys's website at www.linksys.com or refer to "appendix c: configuring ipsec between a microsoft windows 2000 or xp pc and a linksys cable/dsl vpn router."