Virtual Private Networking

After reading the previous pages, you might assume it’s a piece of cake for businesspeople to connect to their corporate networks across the Internet from wherever they happen to be: their homes, hotel rooms, or their local Starbucks. But even though the steps on the preceding pages work fine if you’re dialing into your home machine, they’ll probably fail miserably when you want to connect to a corporate network. There’s one enormous obstacle in your way: Internet security.

The typical corporate network is guarded by a team of steely-eyed administrators, for whom Job Number One is preventing access by unauthorized visitors. They perform this job primarily with the aid of a super-secure firewall that seals off the company’s network from the Internet.

So how can you tap into the network from the road? One solution is to create a hole in the firewall for each authorized user—software that permits incoming Internet traffic only from specified IP addresses like your Mac’s. Unfortunately, this setup isn’t bulletproof, security-wise. It’s also a pain for administrators to manage.

Back in the dial-up modem days, you could dial directly into the corporate network, modem-to-modem. That was plenty secure, but it bypassed the Internet and therefore wound up being expensive. (Want proof? Try this simple test: Make a call from the Tokyo Hilton to the Poughkeepsie Sheet Metal home office. Have a look at your hotel bill when you check out.)

Fortunately, there’s a third solution ...

Get OS X Yosemite: The Missing Manual now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.