VPN stands for Virtual Private Network which is a private network that has been extended across a shared network or across public network like the Internet. In a nutshell, you use the Internet for your very own private purposes.

You can send data between two computers across the Internet in a way that is similar to a point-to-point private link. To create a Virtual link the data that is transmitted across the Internet must be encapsulated or tunnelled and that means the encapsulation must have a header containing all the information necessary to allow it to travel to its destination.

To create a Private link the data sent has to be encrypted which means if it gets intercepted along the way it would be indecipherable without the encryption keys. So to have Virtual Private Network data must be tunnelled or encapsulation and sent across shared or public network in an encrypted form. In previous tutorial we talked about network security provision in the form of firewalls to protect data within your internal network.

VPN becomes necessary to protect that data once it leaves your network. VPN was created as a cost-effective alternative to using a private, dedicated, leased line for a private network. Tunnelling protocols are communication standards that are used to manage the tunnels and to encapsulate the data. PPTP (Point to Point Tunnelling Protocol) which is a Microsoft proprietary protocol and L2TP (Layer 2 Tunnelling Protocol is an industry standard protocol.

There are two basic ways to create a VPN connection, router to router and computer using VPN client software to VPN server. A firewall is needed to protect a VPN server and there are two possible ways to use a firewall and a VPN server and they are in front or behind the firewall.

TIP: use VPN connection or VPN router that implements L2TP over IPSec as this combination encrypts the header as well as the data.