Data is received by a service provider that is indicative of a selected server-side system and a selected client-side system between which a VPN is to be established. Security settings are then automatically determined for the client-side system based at least partially on the data. The security settings are preferably public and private keys and/or a Digital Certificate. VPN configuration details, including the security settings, are then automatically transmitted to the client-side system. The client side system then uses the configuration details to automatically configure itself to establish a secure VPN tunnel between the server-side system and itself. VPN configuration details may also be automatically transmitted to a VPN concentrator within the server-side system. A Virtual Private Network tunnel is subsequently established between the client-side system and the server-side system, and the tunnel's operation verified. A computer program product for configuring a VPN system is also provided.