Ask the Expert

Can one use VPN over a peer-to-peer network within a home?

One of my customers wants to know if she can use VPN over a peer-to-peer network within her home? Why would she even want to do this?

    Requires Free Membership to View

There's no reason why a VPN tunnel cannot be run over a peer-to-peer network connection between two. Most VPNs simply require IP-level connectivity between the two systems involved -- that can be two systems on the same Ethernet LAN, two systems connected by peer-to-peer (ad hoc mode) wireless, or two systems connected via the Internet.

Typically, one end of the tunnel is a VPN client, and the other end is a VPN gateway (server). So you must determine how to configure the type of VPN that your customer wants to use. For example, to use a PPTP or L2TP VPN between two hosts, configure one host as the PPTP or L2TP server -- for example, a Windows 2000 or XP Pro system can be configured to accept incoming VPN connections. The other host must be configured with an outbound VPN connection to the server. Some VPN protocols also support host-to-host tunneling -- notably, IPsec transport mode (also included in Windows 2000 and XP). What's the difference between client-server and host-host VPN tunneling? In a client-server VPN, only the client can initiate the tunnel; in a host-host VPN, either host can initiate the tunnel.

Finally, you ask why anyone would want to use a VPN for peer-to-peer traffic. Depending upon the type of VPN used, a tunnel can provide user authentication, data encryption, and (sometimes) data integrity. For example, requiring VPN authentication for inbound connections will stop any other host from successfully connecting to your (server) system. Requiring VPN encryption over a wireless ad hoc connection prevents those nearby from eavesdropping on your peer-to-peer traffic or injecting forged packets. Note that Wi-Fi Protected Access, the 802.11 encryption option that replaced WEP, is not available for ad hoc mode connections, so VPN tunneling can help fill that gap until 802.11i (WPA2) support is widely available.

This was first published in February 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: