Most site-to-site VPNs connecting over the internet use IPsec. It is also common for them to use carrier) running across the base transport.
VPN technology was developed as a way to allow remote users and branch offices to securely access corporate applications and other resources. To ensure safety, data travels through secure tunnels, and VPN users must use authentication methods -- including passwords, tokens or other unique identification procedures -- to gain access to the VPN server.
A VPN client on a remote user's computer or mobile device connects to a VPN on the organization's network. The gateway typically requires the device to authenticate its identity. Then, it creates a network link back to the device that allows it to reach internal network resources -- e.g., file servers, printers and intranets -- as though the gateway is on the network locally.
Now, if you want to access a website, your device will send the access request to the VPN server which will then forward the request to the website in its name and receive the data from it. Then this data will be sent to your device. And the website will think, the VPN server is the user and it will find no trace of your or your device as the actual user. Unlessyou transmit some personal information over the connection. For example, your identity can be known if you access a social networking website like Facebook or Twitter,
After the authentication phase is finished, what we can say, an imaginary tunnel is created which provides a direct point to point connection through the internet. We can send whatever data we want to via that tunnel.
A site-to-site VPN uses a gateway device to connect an entire network in one location to a network in another -- usually a small branch connecting to a data center. End-node devices in the remote location do not need VPN clients because the gateway handles the connection.
A VPN connection is used to provide direct access to a corporate network to a user who is not in the geographical coverage of the network. Logically, the remote user is connected just like a regular user who is using the network within the corporate premises.
In this step, data packets are first encapsulated, basically wrapped inside another packet along with some headers and other stuff are attached. All of this conceals the identity of the data packets. Now, your device initiates the connection by sending a Hello request to the VPN server, which replies with an acknowledgment and asks for the user credentials to clarify the authenticity of the user.
You can also setup a VPN connection on your smartphones running Android OS. It allows you to access your company’s private network right on your Android device. VPN also facilitates anetwork administrator to control your device, add or delete data and track your usage.
A remote-access VPN usually relies on eitherIP Security () to secure the connection, although SSL VPNs are often focused on supplying secure access to a single application rather than to the entire internal network.
When we talk about Remote Access VPN, we are talking about giving someone access to an existing private network over the internet. The private network can be a network setup by some corporate organizationequipped with database and network hardware related to the organization or any of their project.
Some VPNs providerunning across the base IPsec connection.
It uses a 3-way handshake method for assuring proper authentication between the client and server machines. The authentication process is based on cryptography where certificates, behaving as cryptographic keys already stored on the client and server sides, are used for initiating the connection.
So, you have a rough idea about the various protocols used in a VPN. We shall proceed further and see how it works. When you connect to a public network, for example, free WiFi networks at airports, you can assume that all your data is flowing through a big tunnel along with the data of other users.
It facilitates the tunneling of data between two geographical sites over the VPN network, often used in combination with the IPSec protocol which further aids to the security layer of the communication.