The document discusses the design of a virtual private network (VPN). Key points: 1) A VPN allows hosts scattered across different locations to communicate as if they are on the same local area network by simulating the LAN topology over the Internet. 2) The goal is to design a VPN that provides a generic virtual network interface to allow any network layer protocol (e.g. AppleTalk, IPX) to function, not just IP. 3) The proposed solution uses encapsulation and decapsulation of VPN packets within IP packets to transmit them over the Internet. A "shim header" is added to direct packets to the correct destination VPN client.