Cisco Support Community
Community Member

Basic question VPN vs. dedicated point-to-point

Guys, imagine I need to provide a 10Mbps circuit between CompanyA in Portland, OR and CompanyB in New York.

CompanyA ISP is AT&T. CompanyB ISP is Time Warner.

I will put Cisco 3825 router on Company A and Cisco 2851 router on Company B. I will establish an IPSec tunnel.

My question is, is that considered a VPN? I mean,since those are two different ISP's for the respective companies, can I always expect to get a "dedicated" point-to-point connection or that is going to end up technically identified as a VPN?

Hall of Fame Super Blue

Re: Basic question VPN vs. dedicated point-to-point


A VPN can mean many different things. But if you are talking about an IPSEC VPN over the internet then yes i would call this a VPN.

But the lines can be blurred. A PVC between 2 sites owned by the same company. Is this is a dedicated P2P link or it is a L2 VPN in the overlay VPN model. The infrastructure you are running over is shared by the provider with multiple customers.

"Dedicated" will mean different things to different people. Dedicated bandwidth but over a shared infrastructure or a dedicated physical link.

By the sounds of what you describe it does not sound like a dedicated physical P2P link.


Community Member

Re: Basic question VPN vs. dedicated point-to-point

yes Jon u r right, If it is Ipsec we can say it as the VPN, but usually when the different service providers involves at the end to end ( not an cable provider ) we can simply called as the internet .

Hall of Fame Super Gold

Re: Basic question VPN vs. dedicated point-to-point


As Jon and Senthil point out there are some very loose definitions of what is a VPN. I believe that in most of the definitions if you are configuring IPSec to encrypt and protect traffic between the two end points that most people would say that it is a VPN. Is there some other aspect of VPN that you are asking about?

As I read your question there seems to be another aspect which is about dedicated connections. You ask:

can I always expect to get a "dedicated" point-to-point connection

and I believe that the answer to that is clearly no, what you describe with different providers for each company will not give any kind of dedicated service. The traffic through the providers and between the providers will be going through the Internet and the traffic will be sharing bandwidth with all the other traffic that each company is sending to the Internet.




Re: Basic question VPN vs. dedicated point-to-point

I think I understand what you are wanting. You just need a connection between the two offices. The verbage is really not important other than the how and what to actually call it.

What you are doing, IPSec, is a VPN. As long as the tunnel is up then you will have a direct connection to the offices. Because you are using the Internet for traffic it is not a dedicated point-to-point link. Most often that term is a leased line or a frame relay link. Not that all frame relay links are point to point to another facility. I worked at MCI and installed all of my customers at the time on Frame Relay internet circuits, however another company used frame relay to connect all of their offices as point to point links. The ISP in this case is irrelevent because even if they had the same provider you could still do the same thing and call it a VPN.

Re: Basic question VPN vs. dedicated point-to-point


You didn't mentioned whether the connection is thru internet or private wan link. Private wan link can exist between two providers interconnecting.

If thru internet, your question of "dedicated" point-to-point is not clear, if you mean dedicated bandwidth point-to-point I'm sorry but it will never happen as there is no internet QoS guaranteed point-to-point no matter what tunneling you use.

If thru private wan link, whatever tunneling you use it will always be dedicated.



Community Member

Re: Basic question VPN vs. dedicated point-to-point

Thanks all.

I totally understand that if you establish a connection from point A to point B thru another network (for example the Internet) then you've got a VPN.

But then if you have a P2P circuit from Company A to Company B and you encrypt it with IPSec, I am surprised that such scenario is also considered a VPN. Interesting. As some of you pointed out, that term may be subjective because a true "dedicated" circuit may always involve multiple networks.

CreatePlease to create content