Introduction to VPNs

This topic is to discuss the following lesson:

Hi Rene,

Thank you for the excellent intro on VPN. I like the way you teach and make the concept simple.

I also heard about other types of VPN like Easy VPN, Anyconnect VPN and many more. If you can throw some lights on that and let us know their use in real networks.

Hello Bharath

EasyVPN is a wizard that can be used either on the router (using Cisco Configuration Professional) or at the client to simplify the creation of VPNs. Using a wizard it allows you to enter information in a GUI to create your VPN. There are three components that can be used: Easy VPN Client, Remote and Server. You can find out more information about it here.

Cisco AnyConnect is a secure mobility client that allows you to connect securely (via VPN) to a VPN server. It is essentially Cisco’s VPN client software for PC, laptop and mobile devices.

So Easy VPN and AnyConnect are not really types of VPNs, but they are tools that leverage VPNs and simplify their deployment.

I hope this has been helpful!

Laz

Hi lazaros,
What is the difference between Tunnel, DMVPN and VPN?

Hello Muhammad

A VPN is a method by which you can establish a secure connection between two points over an inherently insecure network. For example, you may have a corporation headquarters and a branch office, and you create a connection between these two over the Internet. Now the Internet is considered an insecure environment, as you have no control over who can see the traffic that may be traversing any portion of the Internet. However, with a VPN, you can encrypt the data you send so that any intercepted packets will be unreadable and ultimately useless to any potential attacker. The packets, when they reach the branch office, will be decrypted such that they can be read and used. Only the destination device at the branch office is capable of successfully (and legally) decryption the data, thus ensuring security and confidentiality.

A tunnel in the context of communications is a construct that is used by VPNs and other technologies, to allow the movement of data from one private network to another, over a public network. Tunnelling involves repackaging or further encapsulating the data into a form that can be transmitted over the Internet, only to be unpackaged at its destination and sent to the private network. A tunnel will allow two private networks to “believe” that they are directly connected as they are oblivious to the mechanisms of the transmission over the Internet. Think of it as a ferry boat. You want to drive your truck with its contents from England to Ireland. There are road networks in England, and in Ireland, but not in between. You load your truck into the ferry boat which takes you from Liverpool to Dublin. You don’t care how you get there, nor are you concerned with the mechanisms involved in navigation, or even staying afloat. As far as you are concerned, you drove from the English road network into the ferryboat only to drive out onto the Irish road network to get to your destination. The communications tunnel is the ferry boat, which repackages your payload to be able to traverse the Irish Sea. Now VPNs use tunnels to get their job done, but tunnelling is only one aspect of VPNs. The other major aspect is encryption and security, something that tunnelling alone does not do.

Now Dynamic Multipoint VPN or DMVPN is a special type of VPN. A DMVPN is actually a routing technique that can be used to build a VPN network with multiple sites and allow routing to take place, all dynamically, without having to statically configure all devices. It is a technique that is especially popular among enterprises that have multiple sites and require secure communication between them. You can find out more about DMVPN at the following lesson:

I hope this has been helpful!

Laz

Thanks Lazaros,
Great and clear explanation as I expected.