A computer network, such as the Internet, allows users operating client computer systems to transmit data to and receive data from one or more sites or servers across the network. One conventional form of data transmission involves the use of a virtual private network (VPN) within the computer network. One type of VPN involves a private network constructed using a public network infrastructure (e.g., the Internet) to securely connect divergent network nodes (e.g., remote sites or users). Instead of using a dedicated, physical connection, such as a leased line, a VPN uses “virtual” connections routed from, for example, a company's private central network through a public network (e.g., the Internet) to a remote site or to a remote employee on the road or working from home. Such “virtual” connections are formed in a process known as tunneling. Such VPN's are conventionally constructed to operate over a public network through the use of a combination of data encapsulation, data encryption, and user authentication.
One conventional utilization of a VPN involves a client application at a remote site, such as a software client application installed on a remote computer, establishing a connection to a central site, such as a corporate network. To establish a VPN connection to a corporate network, a user operating the client software selects a gateway from a list of VPN gateways associated with the corporate network. Conventionally, the user bases such a selection upon a “best guess” approach. For example, assume a user is geographically located in Paris, France and can access his corporate network using the client to connect through VPN gateways (e.g., as provided in a list by the client) located in Paris, Amsterdam, or San Jose, Calif. Based upon the “best guess” approach, the user can operate the client to select the gateway geographically closest to his location (e.g., the Paris VPN gateway) for establishment of a tunnel through the public network. The software client application, as a result, connects the client computer to the VPN gateway (e.g., a concentrator of a corporate network) via a telephone connection or an Internet Service Provider connection to the Internet. The VPN software client establishes a secure, encrypted tunnel from the client device to the VPN gateway through the Internet. The gateway then controls access and authorization to the private network.