VPN (Academic Question)

D

dje

n00b
Joined
Aug 25, 2006
Messages
39
My knowledge is pre-CCNA, so I'm reaching ahead of the curve here.

I've been pondering VPN/proxy services and their implementation in protecting a home internet connection. I understand VPN to be a client-oriented system, meaning every computer on a network needs special software or configuration. Is it possible to implement VPN on the border of a small network?

In other words, can this diagram be valid? (PC0 and PC1 are not configured for VPN.)


PC0---->[Switch]---->[NAT]---->[VPN]---->
PC1-------^


For the average internet-connected home, it is unreasonable to expect that all clients will be configured for VPN all the time (i.e. visiting Uncle Bob's wifi laptop), but it is reasonable that average people can (should) expect consistent privacy.

Am I just describing router-to-router VPN, or is there something more here? For example, looking at a product like Untangle, their OpenVPN implementation still requires client software.

Thanks.
 
VPN is a point-to-point technology. Yes, you can do site-to-site VPNs so all communication between the sites traverses the tunnel it regardless of the client. Once you leave that buble you run into the standard problems.

To interact with a VPN your device will need some sort of software client that will handle changes required. If you want all your outbound traffic handled by a VPN then each remote endpoint will need to be coordinated.

What is your desired end goal? Privacy protection?
 
VPN is primarly used for two purpose

External users VPN to a corp network
Site to Site VPN for connecting remote offices.

internal users to the network have no need for VPN, they are protected by boarder firewalls/content filters. There are also layers of protection in windows firewall and anti-virus software.

The VPN is purly for external users to securly connect to a network from a remote location.
 
PanzerBoxb said:
What is your desired end goal? Privacy protection?
Click to expand...

Goal is privacy protection through a VPN service like VyprVPN. Intent is not to screw the VPN service provider out of subscription dollars for multiple clients, but rather to have a consolidated solution at the home.

I know this question is probably more complex that it looks. I appreciate the insight.
 
VyprVPN has integration into DD-WRT, so if you can get your hands on a router you can flash with it, you have a pre-configured VPN endpoint in your router.
 
So yes, you are looking at a site-to-site VPN from your router/firewall to the VyprVPN end. They support OpenVPN and DD-WRT you so have a few choices.

What is your current router?
 
PanzerBoxb said:
So yes, you are looking at a site-to-site VPN from your router/firewall to the VyprVPN end. They support OpenVPN and DD-WRT you so have a few choices.

What is your current router?
Click to expand...

I have a Linksys WRT54G available to experiment with. Also might use a Linux VM. I have been looking for a purpose to do some virtualization.
 
OK, I'll try it out. It will be a couple weeks before I can report success/failure.
 
You must log in or register to reply here.
Back
Top