1. Field of Invention
The present invention relates generally to virtual private networks. More particularly, the present invention relates to providing security and fault tolerance for VPN gateways providing clients in a public network access to entities in a private network.
2. Description of the Related Art
Conventional virtual private networks deployed on a public network infrastructure provide the same security, management, quality of service policies, and benefits provided in private networks. Typical applications of virtual private networks (VPN) allow remote network nodes such as telecommuters, suppliers, partners, or distant offices access to a private network such as a company network through a VPN gateway. Many VPN applications use IPsec to provide encryption and authentication of messages between a client and a VPN gateway. The secure connection between a client and a VPN gateway is often referred to as a VPN tunnel. In most cases, a client accessing a private network through a VPN tunnel can enjoy the same privileges and access capabilities as a client within the private network.
However, conventional virtual private networks have very limited failover capabilities. A VPN client is typically provided with a gateway list. If one particular VPN gateway is determined to be inaccessible, another VPN gateway is selected from the VPN gateway list. However, this process is often slow and inefficient. Consequently, it is desirable to provide improved solutions for fault tolerance for VPN gateways.