The concept of private virtual networks, abbreviated as VPN (from the English Virtual Private Network), appeared in computer technology relatively recently. The creation of this type of connection made it possible to combine computer terminals and mobile devices into virtual networks without the usual wires, regardless of the location of a particular terminal. Now let's look at how a VPN connection works, and at the same time give some recommendations for setting up such networks and related client programs.
What is a VPN?
As you already know, a VPN is a virtual private network with multiple devices connected to it. You should not delude yourself - it usually does not work to connect a dozen two or three simultaneously working computer terminals (as this can be done in the "locale"). This has its limitations in setting up a network or even simply in the bandwidth of the router responsible for assigning IP addresses and transmitting data.
However, the idea originally embodied in connection technology is not new. They tried to substantiate it for a long time. And many modern users of computer networks do not even imagine that they have known about it all their lives, but simply did not try to get to the bottom of the issue.
How a VPN connection works: basic principles and technologies
For a better understanding, let's give the simplest example that is known to any modern person. Take at least the radio. After all, in fact, it is a transmitting device (translator), an intermediary unit (repeater) responsible for signal transmission and distribution, and a receiving device (receiver).
Another thing is that the signal is broadcast to absolutely all consumers, and the virtual network works selectively, uniting only certain devices into one network. Note that neither in the first nor in the second case, wires are required to connect transmitting and receiving devices that exchange data with each other.
But even here there are subtleties. The fact is that initially the radio signal was unprotected, that is, it can be received by any radio amateur with a working device at the appropriate frequency. How Does a VPN Work? Yes, exactly the same. Only in this case, the role of a repeater is played by a router (router or ADSL modem), and the role of a receiver is played by a stationary computer terminal, laptop or mobile device equipped with a special wireless connection module (Wi-Fi).
With all this data,outgoing from the source are initially encrypted, and only then, using a special decoder, are played on a specific device. This principle of communication through VPN is called tunneling. And this principle is most consistent with mobile communications, when redirection occurs to a specific subscriber.
Tunneling local virtual networks
Let's understand how a VPN works in tunnel mode. In essence, it involves the creation of a certain straight line, say, from point "A" to point "B", when when transferring data from a central source (a router with a server connection), the detection of all network devices is performed automatically according to a predefined configuration.
In other words, a tunnel is created with encoding when sending data and decoding when receiving. It turns out that no other user who tries to intercept this type of data during transmission will be able to decrypt it.
Means of implementation
One of the most powerful tools for this kind of connection and at the same time security are Cisco systems. True, some inexperienced admins have a question about why VPN-Cisco-equipment does not work.
This is primarily due to incorrect configuration and installed drivers for routers like D-Link or ZyXEL, which require fine tuning only because they are equipped with built-in firewalls.
In addition, you should pay attentionPay attention to wiring diagrams. There can be two of them: route-to-route or remote access. In the first case, we are talking about combining several distribution devices, and in the second, we are talking about managing a connection or data transfer using remote access.
Access protocols
In terms of protocols, PCP/IP level configuration tools are mostly used today, although internal protocols for VPNs may vary.
VPN stopped working? You should look at some hidden options. So, for example, the additional protocols based on TCP technology PPP and PPTP still belong to the TCP / IP protocol stacks, but for a connection, say, in the case of using PPTP, you must use two IP addresses instead of the required one. However, in any case, tunneling involves the transfer of data contained in internal protocols such as IPX or NetBEUI, and all of them are provided with special PPP-based headers to seamlessly transfer data to the appropriate network driver.
For TCP/IP, it is generally recommended to choose to automatically obtain the primary address and preferred DNS server. In this case, the use of the proxy server must be disabled (and not only for local addresses).
Hardware devices
Now let's look at the situation where the question arises as to why the VPN does not work. The fact that the problem may be related to incorrect hardware configuration is understandable. But another situation may also emerge.
Worth paying attention to yourselfrouters that control connectivity. As mentioned above, you should use only devices that are suitable for connection parameters.
For example, routers like the DI-808HV or DI-804HV can connect up to forty devices simultaneously. As for the ZyXEL hardware, in many cases it can even work through the ZyNOS embedded network operating system, but only using the command line mode via the Telnet protocol. This approach allows you to configure any device with data transfer to three networks in a common Ethernet environment with IP traffic, as well as use the unique Any-IP technology designed to use a standard table of routers with forwarded traffic as a gateway for systems that were originally configured to work on other subnets.
What to do if the VPN does not work (Windows 10 and below)?
The very first and most important condition is the correspondence of output and input keys (Pre-shared Keys). They must be the same at both ends of the tunnel. You should also pay attention to cryptographic encryption algorithms (IKE or Manual) with or without an authentication function.
For example, the same AH protocol (in the English version - Authentication Header) can provide only authorization without the possibility of using encryption.
VPN clients and their settings
As far as VPN clients are concerned, not everything is simple here either. Most programs based on such technologies use standard configuration methods. However, there are some pitfalls here.
The problem is that no matter how you install the client, when the service is turned off in the OS itself, nothing good will come of it. That is why you first need to enable these settings in Windows, then enable them on the router (router), and only then proceed to configure the client itself.
In the system itself, you will have to create a new connection, and not use the existing one. We will not dwell on this, since the procedure is standard, but on the router itself you will have to go into additional settings (most often they are located in the WLAN Connection Type menu) and activate everything related to the VPN server.
It is also worth noting the fact that the virtual server itself will have to be installed into the system as a companion program. But then it can be used even without manual configuration, simply by choosing the nearest location.
One of the most popular and easiest to use VPN client-server called SecurityKISS. The program is installed without a hitch, but then you don’t even need to go into the settings to ensure normal communication for all devices connected to the distributor.
It happens that a fairly well-known and popular Kerio VPN Client package does not work. Here you have topay attention not only to the settings of the router or the "OS" itself, but also to the parameters of the client program. As a rule, the introduction of the correct parameters allows you to get rid of the problem. As a last resort, you will have to check the settings of the main connection and the TCP / IP protocols used (v4 / v6).
What is the result?
We've covered how a VPN works. In principle, there is nothing complicated in the connection itself or the creation of networks of this type. The main difficulty lies in setting up specific equipment and setting its parameters, which, unfortunately, many users overlook, relying on the fact that the whole process will be reduced to automatism.
On the other hand, we have now de alt more with issues related to the technology of the VPN virtual networks themselves, so you will have to configure the equipment, install device drivers, etc. using separate instructions and recommendations.
