VPN Basics

Before a VPN can be established, certain requirements must be met. These include the following:

• Each network site must be set up with a VPN-capable device (router, firewall, or some other VPN dedicated device) on the network edge.

• Each site must know the IP addressing scheme (host, network, and network mask) in use by the other side of the intended connection.

• Both sites must agree on the authentication method and, if required, exchange digital certificates.

• Both sites also must agree on the encryption method and exchange the keys required.

VPNs are used to replace both dial-in modem pools and dedicated wide area network (WAN) links. A VPN solution for remote dial-in users can reduce support costs because there are no phone lines or 800-number charges. A VPN solution offers advantages over a dedicated WAN environment when sites are geographically diverse or mobile, saving the cost of dedicated facilities and hardware. VPNs provide security and reliability to what would otherwise be an insecure connection through a private network. A VPN is made up of three technologies that when used together form the secure connection; authentication, tunneling, and encryption.