Introduction to VPNs

Hello Muhammad

A VPN is a method by which you can establish a secure connection between two points over an inherently insecure network. For example, you may have a corporation headquarters and a branch office, and you create a connection between these two over the Internet. Now the Internet is considered an insecure environment, as you have no control over who can see the traffic that may be traversing any portion of the Internet. However, with a VPN, you can encrypt the data you send so that any intercepted packets will be unreadable and ultimately useless to any potential attacker. The packets, when they reach the branch office, will be decrypted such that they can be read and used. Only the destination device at the branch office is capable of successfully (and legally) decryption the data, thus ensuring security and confidentiality.

A tunnel in the context of communications is a construct that is used by VPNs and other technologies, to allow the movement of data from one private network to another, over a public network. Tunnelling involves repackaging or further encapsulating the data into a form that can be transmitted over the Internet, only to be unpackaged at its destination and sent to the private network. A tunnel will allow two private networks to “believe” that they are directly connected as they are oblivious to the mechanisms of the transmission over the Internet. Think of it as a ferry boat. You want to drive your truck with its contents from England to Ireland. There are road networks in England, and in Ireland, but not in between. You load your truck into the ferry boat which takes you from Liverpool to Dublin. You don’t care how you get there, nor are you concerned with the mechanisms involved in navigation, or even staying afloat. As far as you are concerned, you drove from the English road network into the ferryboat only to drive out onto the Irish road network to get to your destination. The communications tunnel is the ferry boat, which repackages your payload to be able to traverse the Irish Sea. Now VPNs use tunnels to get their job done, but tunnelling is only one aspect of VPNs. The other major aspect is encryption and security, something that tunnelling alone does not do.

Now Dynamic Multipoint VPN or DMVPN is a special type of VPN. A DMVPN is actually a routing technique that can be used to build a VPN network with multiple sites and allow routing to take place, all dynamically, without having to statically configure all devices. It is a technique that is especially popular among enterprises that have multiple sites and require secure communication between them. You can find out more about DMVPN at the following lesson:

I hope this has been helpful!

Laz