Something regarding internet browsing using an IPSec VPN?

Something is causing me a real headache:

If my workplace offered a wireless internet connection, at the workplace, using VPN (assume it's IPSec for now). If I were to connect, I presume on the other end of the router/access point there would be a VPN Router. However, where would the corresponding second VPN router be to un-IPSec the data??

Is it even possible to offer an IPSec VPN to allow employees to connect to the internet, for the question I asked above? Im guessing one would have to hire one of those companies with a VPN server to then "pop out" and access the internet???

Me-------Access Point------- VPN Router--------------Internet------VPN Router????

EDIT:

I guess I am asking, is the VPN just between the access point and the gateway to the internet, or does the VPN extend out onto the internet?

Tashi

Posted 2012-01-04T22:57:13.617

Reputation: 1

Answers

In this scenario, you would be using the VPN to replace a WPA or WEP security protocol. You're securing the wireless connection between a laptop and the internal network. All traffic going to and from the internet remains unencrypted until it hits the wireless devices doing authentication.

(Wifi laptop) ///encrypted/// (VPN wifi device) ---plaintext--- (router) ---> internet

So the only time traffic would be encrypted is between the wifi device and the wifi router or your internal router and then plain text to the rest of the internet.

levinology

Posted 2012-01-04T22:57:13.617

Reputation: 111

Quite simply a VPN is a private network, or in this case a connection that is secured/encrypted from one endpoint (client) to another (server), everything thereafter is UNENCRYPTED.

Only the 'pipe' between client and server are VPN secured.

In your example it would be:

Me (client) ----[SECURE VPN CONNECTION]--->{ OFFICE NETWORK / VPN Router / Server } --[OUT TO]--> Public Internet

enter image description here

See more details here: http://en.wikipedia.org/wiki/Virtual_private_network

Jakub

Posted 2012-01-04T22:57:13.617

Reputation: 3 111

I use a VPN connection to work from home or elsewhere. This is done with a VPN client running on my laptop. I have three different connections that I use with it: cable to my router, wifi, and a telco USB network adapter. The VPN connection starts on my laptop so the connection in between doesn't matter.

me(VPN client) ---- network connection ---- VPN server (Corporate network)

All data traveling between me and the corporate network is encrypted by the VPN. If I am on my Wifi network that connection is encrypted also, but other Wifi networks are not. Whether or not the Wifi connection itself is encrypted is irrelevant to the VPN encryption.

If I use an unencrypted protocol, it is unencrypted on my laptop and within the corporate network and possibly out into the Internet. If i use an encrypted protocol like HTTPS it is encrypted end to end. (While transiting my Wifi network it would be encrypted three times: HTTPS, VPN, and Wifi.

As @Jakub pointed out VPN connections are also used between offices to secure traffic over public networks. In this case the traffic would be encrypted between the VPN servers at each end. Inside the office LANs encryption would depend on the protocol being used.

BillThor

Posted 2012-01-04T22:57:13.617

Reputation: 9 384