Chapter 21. Virtual Private Networks
Virtual Private Networks (VPNs) allow remote users an incredible amount of freedom to utilize sensitive internal IT resources by creating an encrypted “tunnel” between the client machine and your local area network. While VPNs have been around for quite some time, they have just recently been approachable by any but the largest organizations, as they have usually involved a fair amount of complexity and extensive hardware or software requirements. Mac OS X Server solves a lot of those issues by providing industry-standard VPN solutions that can used by Macintosh, Windows, and Linux/Unix clients alike with a minimum effort.
One of the hardest part of truly understanding the concept of a VPN is distinguishing a VPN from other types of encrypted connections. Secure Shell (SSH) and Secure Socket Layer (SSL) are both common types of encrypting a specific connection between a client and a server, but they are not really examples of a VPN. Both fail the VPN definition on two accounts:
Neither usually protects more than one connection. For example, when using SSL to protect your mail connection, you are only protecting that specific mail connection, not all mail connections and certainly not all traffic that your client is sending.
SSH or SSL will not give the client machine a presence on the remote network. When using a VPN, a client machine actually receives an IP address that is local on the remote network.
Naturally, there are exceptions to both of ...