VPN Tutorial - a DIY starter guide

 

A VPN is a secure, private communication tunnel between `two or more devices across a public network (like the Internet). These VPN devices can be either a computer running VPN software or a special device like a VPN enabled router. It allows your home computer to be connected to your office network or can allow two home computers in different locations to connect to each over the Internet.

 

Even though a VPN’s data travels across a public network like the Internet, it is secure because of very strong encryption. If anyone ‘listens’ to the VPN communications, they will not understand it because all the data is encrypted. In addition, VPN’s monitor their traffic in very sophisticated ways that ensure packets never get altered while traveling across the public network. Encryption and data verification is very CPU intensive.

A VPN server is a piece of hardware or software that can acts as a gateway into a whole network or a single computer. It is generally ‘always on’ and listening for VPN clients to connect to it.

A VPN Client is most often a piece of software but can be hardware too. A client initiates a ‘call’ to the server and logs on. Then the client computer can server network can communicate. They are on the same ‘virtual’ network.  Many broadband routers can 'pass' one or more VPN sessions from your LAN to the Internet. Each router handles this differently.

 

VPN ‘server’ software is rather rare. Windows Server level operating systems like ‘Windows 2000 Server’ have a ‘VPN server’ built in. I know if no software products priced for home or small business that allows you to set up a VPN server.

  

VPN ‘client’ software is much more common. When loaded on your computer, this software allows you create a secure VPN tunnel across the Internet and into another network fronted by a VPN server.

There are two major 'languages' or protocols that VPN's speak. Microsoft uses PPTP or Point to Point Tunneling Protocol and most everyone else uses IPSec - Internet Protocol Security. Most broadband routers can pass PPTP traffic by forwarding port 1723 but IPSec is more complex. If your router does not explicitly support IPSEC pass through, then even placing your computer in the DMZ might not work.

PPTP has 'good' encryption and also features 'authentication' for verifying a user ID and password. IPSec is pureley an encryption model and is mutch safer but does not include authentication routines.  A third standard, L2TP is IPSec with authentication built in.

Until recently, VPN server hardware was VERY expensive. As home networks become more sophisticated, the demand for home level VPN’s increase.  At the end of 2001, the home network industry responded by adding VPN servers into some broadband routers. These products are often priced at under $300 (us) and some are as inexpensive as $170.

VPN functionality is very processor intensive and most broadband routers have somewhat slow processors in them. Broadband router based VPN servers are often limited in throughput because of their microprocessors. Most have a maximum VPN throughput of around .6Mbps or 600Kbps.

More info about VPN Routers soon!

 

VPN Labs Loads of VPN Info