Building a Virtual Private Network with Linux

Arthur Donkers

Figure 1 | Figure 2 | Figure 3 | Sidebar 1 | Sidebar 2 | Listing 1

Connecting different locations used to be a question of dedicated lines, expensive routers, and a lot of proprietary protocols. Apart from being cumbersome, it cost a lot of manpower and money to keep a link like that up and running. And if the different locations were situated in different countries (or even continents), it could run into a very expensive adventure.

Now (actually for more than 20 years), there is the magical network called the Internet that spans the globe and offers world-wide connectivity for local rates. So, what would be better than connecting the aforementioned locations via the Internet? Apart from a few minor problems like security, there is nothing to keep us from doing so. To solve the security problem, and some others, you can use a so-called Virtual Private Network or VPN. With this technique, you can extend your local corporate network over the Internet without compromising your corporate security or fundamentally rearranging your network topology.

This article will discuss how to build a virtual private network using Linux, a UNIX-compatible operating system developed on the Internet. Linux is available in source and can easily be adapted to your own hardware. It is currently available for PCs based on the Intel architecture, Sun SPARC machines, and Digital AXP (Alpha) machines (among others).

Introduction

Building a VPN can be a daunting task. A lot of details must be taken care of, and the task may involve a few programming skills to get the job done. I hope to get you started in the right direction. Each network environment has its own specifics, and therefore needs one or more specific solutions.