Virtual Private Network (VPN)

A virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables a computer or network-enabled device to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security and management policies of the private networks. VPNs allow employees to securely access their company's intranet while traveling outside the office. Similarly, VPNs securely connect geographically separated offices of an organization, creating one cohesive network.

Using mbox as CPE appliance, there are a few ways we can build VPN cloud to connect remote sites back to HQ/DC network

    • configure L2TPv3 tunnels between two mbox. This is good for bridging two layer 2 networks across any WAN.

    • configure GRE tunnels between two mbox. This is the simplest VPN.

    • configure SSL VPN tunnels between two mbox. Client-Server VPN tunnel. Support dynamic IP on client side.

    • configure IPSec VPN tunnels between two mbox

It is important to note that L2TPv3 and GRE tunnels only encapsulate data and provide a virtual path to link sites across public Internet, but they do not encrypt data. So there’s no data confidentiality. But they are very easy to implement, however not very scalable.

SSL and IPSec tunnel offer sophisticated encryption using various sets of standard encryption and authentication technologies, therefore are widely used for building VPN networks across public Internet.