The concept of private virtual networks, abbreviated as VPN (from the English Virtual Private Network), appeared in computer technology relatively recently. The creation of this type of connection made it possible to combine computer terminals and mobile devices into virtual networks without the usual wires, moreover, regardless of the location of a particular terminal. Now we’ll look at how the VPN connection works, and at the same time we’ll give some recommendations on setting up such networks and related client programs.
What is a VPN?
As already understood, a VPN is a virtual private network with several devices connected to it. It’s not worth it to flatter yourself - usually it doesn’t work to connect a dozen two or three simultaneously working computer terminals (as it can be done in LAN). This has its limitations in network configuration, or even just in the bandwidth of the router, which is responsible for assigning IP addresses and transmitting data.
However, the idea originally laid down in connection technology is not new. They tried to justify it for a long time. And many modern computer network users do not even imagine what they have known about this all their lives, but simply have not tried to delve into the essence of the issue.
How a VPN connection works: basic principles and technologies
For a better understanding, we give the simplest example that is known to any modern person. Take at least a radio. Indeed, in fact, it is a transmitting device (translator), an intermediary unit (repeater), responsible for the transmission and distribution of the signal, and a receiving device (receiver).
Another thing is that the signal is transmitted to absolutely all consumers, and the virtual network works selectively, combining only certain devices into one network. Note that neither in the first nor in the second case, wires for connecting transmitting and receiving devices exchanging data with each other are not required.
But here there are subtleties. The fact is that initially the radio signal was unprotected, that is, it can be accepted by any radio amateur with a working device at the appropriate frequency. How does a VPN work? Yes, exactly the same. Only in this case, the role of the repeater is played by the router (router or ADSL modem), and the role of the receiver is played by a stationary computer terminal, laptop or mobile device with a special wireless connection module (Wi-Fi).
With all this, the data coming from the source is initially encrypted, and only then, using a special decoder, are reproduced on a specific device. This principle of VPN communication is called tunneling. And this principle is most consistent with mobile communications, when redirection occurs to a specific subscriber.
VLAN Tunneling
Let's see how VPN works in tunneling mode. In essence, it involves the creation of a certain straight line, say, from point “A” to point “B”, when, when transmitting data from a central source (router with a server connection), all network devices are detected automatically according to a predetermined configuration.
In other words, a tunnel is created with encoding when sending data and decoding when receiving. It turns out that no other user who tried to intercept data of this type in the transmission process can decrypt them.
Means of implementation
One of the most powerful tools for this type of connection and security at the same time are Cisco systems. True, some inexperienced admins have a question about why Cisco VPN equipment does not work.
This is primarily due only to incorrect configuration and installed drivers for routers such as D-Link or ZyXEL, which require fine-tuning only because they are equipped with built-in firewalls.
In addition, you should pay attention to the connection diagrams. There can be two: route-to-route or remote access. In the first case, we are talking about combining several distribution devices, and in the second, about managing the connection or data transfer using remote access.
Access protocols
As regards the protocols, configuration tools at the PCP / IP level are mainly used today, although the internal protocols for VPNs may vary.
Has the VPN stopped working? You should look at some hidden options. So, for example, the additional PPP and PPTP protocols based on TCP technology still belong to the TCP / IP protocol stacks, but to connect, say, when using PPTP, you need to use two IP addresses instead of the one. However, in any case, tunneling involves the transfer of data contained in internal protocols such as IPX or NetBEUI, and all of them are equipped with special PPP-based headers for the smooth transmission of data to the corresponding network driver.
For TCP / IP, it is generally recommended that you choose to automatically obtain the primary address and preferred DNS server. In this case, the use of the proxy server should be disabled (and not only for local addresses).
Hardware devices
Now let's look at a situation where the question arises of why the VPN does not work. The fact that the problem may be related to incorrect equipment configuration is understandable. But another situation may occur.
It is worth paying attention to the routers themselves, which monitor the connection. As mentioned above, only devices that match the connection parameters should be used.
For example, routers like the DI-808HV or DI-804HV can connect up to forty devices at a time. As for the ZyXEL equipment, in many cases it can work even through the ZyNOS built-in network operating system, but only using command-line mode via the Telnet protocol. This approach allows you to configure any device with data transfer to three networks in a common Ethernet environment with IP traffic transmission, as well as use the unique Any-IP technology, designed to use the standard table of routers with redirected traffic as a gateway for systems that were originally configured to work on other subnets.
What to do if VPN does not work (Windows 10 and below)?
The very first and most important condition is the correspondence of the output and input keys (Pre-shared Keys). They should be the same at both ends of the tunnel. It is also worth paying attention to cryptographic encryption algorithms (IKE or Manual) with or without authentication function.
For example, the same AH protocol (in the English version - Authentication Header) can provide only authorization without the possibility of using encryption.
VPN clients and their configuration
As for VPN clients, here everything is not simple. Most programs based on such technologies use standard configuration methods. However, there are pitfalls.
The problem is that no matter how you install the client, when the service is turned off in the "OS" itself, nothing good will come of it. That is why first you need to use these parameters in Windows, then enable them on the router (router), and only then proceed to configure the client itself.
In the system itself, you will have to create a new connection, and not use the existing one. We will not stop here, since the procedure is standard, but on the router itself you will have to go into additional settings (most often they are located in the WLAN Connection Type menu) and activate everything that is connected to the VPN server.
It is worth noting also the fact that the virtual server itself will have to be installed in the system as an accompanying program. But then it can be used even without manual configuration, simply choosing the closest location.
One of the most popular and easiest to use is the VPN client-server called SecurityKISS. The program is installed without a hitch, but then you don’t even need to go into the settings to ensure normal communication for all devices connected to the distributor.
It happens that the well-known and popular package Kerio VPN Client does not work. Here you will have to pay attention not only to the settings of the router or the “OS itself”, but also to the parameters of the client program. As a rule, the introduction of the correct parameters eliminates the problem. In an extreme case, you will have to check the settings of the main connection and the used TCP / IP protocols (v4 / v6).
What is the result?
We looked at how a VPN works. In principle, there is nothing complicated in connecting to creating networks of this type. The main difficulties are setting up specific equipment and setting its parameters, which, unfortunately, many users lose sight of, relying on the fact that the whole process will be reduced to automation.
On the other hand, we are now more concerned with issues related to the operation techniques of the virtual VPNs themselves, so you will have to configure the equipment, install device drivers, etc. using separate instructions and recommendations.