About virtual private networks
An alternate method of securely connecting Internet-attached NiagaraAX hosts is through the use of a virtual private network (VPN).
A VPN is an encrypted IP connection between hosts over a public infrastructure such as the Internet or the public telephone network. A VPN embeds a special protocol within the TCP/IP packets carried over the Internet. This concept of a second network protocol within a primary protocol is called tunneling. The following tunneling protocols are commonly found in VPN installations:
Along with encryption, many VPNs also include strong authentication of remote users or hosts and ways to hide information about the private LAN from hosts on the public network. A VPN can be between an individual computer and a LAN or can be LAN-to-LAN. Many companies use a VPN for connecting traveling or teleworking users, or for connecting small, remote sites to the corporate LAN.
Typically, a VPN architecture is comprised of:
- a client running software that is configured with parameters such as server IP address and tunneling protocol. The client could be an individual workstation (for computer-to-LAN VPNs), or another router or server (for LAN-to-LAN VPNs).
- a server device that handles the client connection, authentication, and decryption of the information from the client. A VPN server could be part of a firewall, or be a separate device.
Some advantages of using VPNs include:
- the client actually becomes part of the remote LAN (it receives an IP address on the remote LAN) and therefore has access to any resources on the LAN.
- cost can be lower than direct-dial (no extra telephone lines, RAS equipment to maintain, or long distance charges).
- if using cable or DSL connection, transmission speed can be faster than using direct-dial.
Some disadvantages include:
Copyright © 2000-2014 Tridium Inc. All rights reserved.