One of my customers wants to know if she can use VPN over a peer-to-peer network within her home? Why would she...
even want to do this?
There's no reason why a VPN tunnel cannot be run over a peer-to-peer network connection between two. Most VPNs simply require IP-level connectivity between the two systems involved -- that can be two systems on the same Ethernet LAN, two systems connected by peer-to-peer (ad hoc mode) wireless, or two systems connected via the Internet.
Typically, one end of the tunnel is a VPN client, and the other end is a VPN gateway (server). So you must determine how to configure the type of VPN that your customer wants to use. For example, to use a PPTP or L2TP VPN between two hosts, configure one host as the PPTP or L2TP server -- for example, a Windows 2000 or XP Pro system can be configured to accept incoming VPN connections. The other host must be configured with an outbound VPN connection to the server. Some VPN protocols also support host-to-host tunneling -- notably, IPsec transport mode (also included in Windows 2000 and XP). What's the difference between client-server and host-host VPN tunneling? In a client-server VPN, only the client can initiate the tunnel; in a host-host VPN, either host can initiate the tunnel.
Finally, you ask why anyone would want to use a VPN for peer-to-peer traffic. Depending upon the type of VPN used, a tunnel can provide user authentication, data encryption, and (sometimes) data integrity. For example, requiring VPN authentication for inbound connections will stop any other host from successfully connecting to your (server) system. Requiring VPN encryption over a wireless ad hoc connection prevents those nearby from eavesdropping on your peer-to-peer traffic or injecting forged packets. Note that Wi-Fi Protected Access, the 802.11 encryption option that replaced WEP, is not available for ad hoc mode connections, so VPN tunneling can help fill that gap until 802.11i (WPA2) support is widely available.
Related Q&A from Lisa Phifer
The enterprise mobility management market for wearable devices is in its infancy, but IT can still use existing EMM tools to manage wearables.continue reading
Wireless expert Lisa A. Phifer explains to what extent WEP cracking remains a worrisome issue. It all depends on your company's WLAN security policy.continue reading
Wireless expert Lisa A. Phifer explains why you shouldn't stop using 802.1X authentication methods for enterprise WLAN access control.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.