The Internet makes it possible for anyone almost anywhere to access computers across the globe. Of course because access is so easy, LANs need firewalls to prevent unwanted intruders. Such ironclad security, however, can also prove to be a barrier to desired access. A corporate employee on the road, for example, might find it convenient (even necessary) to access the corporate LAN from a hotel room or another LAN to get at internal data. But without a way to get through or bypass the corporate firewall, any access attempts will be futile. Fortunately there are a few ways to access a firewalled LAN, and the best, in most cases, is to use a Virtual Private Network (VPN).

Establishing a VPN connection means creating an encrypted channel, or “tunnel” for all IP traffic between your machine and the corporate VPN server. The VPN server straddles the edge of the corporate LAN, routing the traffic between the LAN and the Internet. Once you’ve authenticated using the VPN client software built in to Mac OS X, you’ll receive an IP on that remote LAN. The VPN server will then pass your data though, decrypting as it sends to the LAN and encrypting as it sends to the Internet. You can then access any IP-based service on that LAN that you could were you physically on-site: Intranet web pages, FTP, IP-based file sharing, etc.

Though all VPN traffic still travels across the Internet to reach the remote LAN, the packets are encrypted well enough to keep any potential eavesdroppers ...