Abstract This thesis provides two new mechanisms for implementing the Virtual Private Network (VPN) based on IPSec. Different with traditional VPN, these mechanisms provide stronger security in authentication and confidentiality. In addition, via implementing IPSec, making VPN has uniform specification and can be used extensively. The reasons for us to adopt IPSec to implement VPN are as follows. First, the two protocols of IPSec, Authentication Header (AH) and Encapsulating Security Payload (ESP), can enhance security of VPN’s authentication and confidentiality. Then, the ISAKMP/Oakley is a key exchange protocol that can improve Diffie-Hellman weakness and negotiate security attributes. At last, the application programs using IPSec need not be modified in any way. This is particularly important when securing application programs that are not available in source code, which is common today. This transparency sets IPSec apart from security protocols that operate above Internet. At last, IPSec is also designed to be usable both with IPv4 and IPv6. This means that vendors can provide identical specifications for VPN’s products. In summary, to describe the results of our work are as follows: 1. When IPSec is implemented in VPN, it provides strong security. 2. IPSec is below the transport layer (TCP, UDP) and so is transparent to applications. There is no need to change software on a user or server system when IPSec is implemented in VPN’s firewall or router. Even if IPSec is implemented in end systems, upper-layer software, including applications, is not affected. 3. When IPSec is implemented in VPN, it can be transparent to end-users. There is no need to train users on security mechanisms, issue keying material on a per-user basis, or revoke keying material when users leave the organization. 4. When IPSec is implemented in VPN, it can provide security for individual users such as homeworker and remote access. According to the IPSec-based VPN, we believe the VPN will be securer and be used more extensively in the future.