WHAT IS A VPN?
A “VPN” is a “Virtual Private Network”. It’s a way to connect to a group of computers (at least more than one) at home or work even though you’re not physically there. Basically, so long as you can have control over two host computers on two different networks and an internet connection between the two, a protocol over IP can be used to link them together. Virtual? It’s as if you’re right there but, of course, you’re not. Private? Because anyone who sees the network only sees the public, not the private identification or the transferred data. Network? It’s just as if you are physically connected to the group of computers at the remote location.
More detailed information: A VPN is a network which uses the public network (i.e. Internet) to transfer information using secure methods. Some of the parts are connected using the public network, but the data sent across the Internet is encrypted, so the entire network is “virtually” private. Usually, for example, a VPN is set up between a home or main office and a laptop used outside of the office, using security (authentication) and encryption methods to safeguard data transferred between the two computers. For more about the distinction between public and private network addresses, click HERE.
Here’s how it works: Data goes into a “tunnel” (see below) from your computer and out of the tunnel at the VPN server, then it goes back to whatever site you are accessing. Data returning to your computer does the reverse. So web sites see the VPN server’s address, not yours. Nobody, not even your ISP, can snoop your communications or see what services you are using.
WHY USE A VPN?
BUSINESSES: Most often businesses, small and large, use VPNs to allow employees, outside salespersons, even vendors, to access some or all of the files on the company’s server computer in order to transact business. Or you can work from home, accessing the files in the office. If you’re a home business, you can access your files at the home computer while on the road, even for the day. Once set up, it’s simple and secure.
HOMES: A home VPN is useful for those who connect to public Wi-Fi at local hotspots, airports and even outside of the country, so that the user can safely and securely access everything from your files to Netflix to playing games designed for a LAN over the internet.
You could also allow other people to connect to your home network, making it easy to give them access to servers you’re hosting on your home network. This would allow you to play PC games designed for a LAN over the Internet, too, although there are easier ways to set up a temporary network for PC gaming. It’s also a way to privately share files, photos and videos without the insecurity of sharing them over the cloud.
And you can decide, through various security measures, which files and folders will be shared, even over a home or office VPN.
SIMILAR ALTERNATIVES TO VPNs
If all you require is periodic connection to another computer for limited purposes there are other ways to do this. Most operating systems, including Windows, offer a feature known as “RDC,” which stands for Remote Desktop Connection. It’s fairly easy to set up and is moderately secure. Then there are other, paid and free, RDCs that offer far more features ad considerably more security. Software like Cisco’s Anyconnect always provides a secure tunnel between the user and the corporate network. LogMeIn, which used to be free, is still excellent software. RealVNC is also quite popular, as is Chrome Remote Desktop. Personally, we use Teamviewer, which is still free and which is quite fast, easy to set up and full-featured. Simply click to download the software, make a note of the Teamviewer ID, set up a password for remote connection, and you’re on your way. Each time you click on the same software from a remote computer, you’re in to the host computer at the other end.
Some use both the VPN as well as RDC, depending on their needs. Here’s the difference: VPN is the act of extending the whole business network to a home or other viewer computer via the Internet. Setting up a VPN means that the remote user is actually accessing their office computer, with the same network rights, privileges and restrictions that they would have were they to be physically present in front of their office workstation. While it may be slightly slower, it has encrypted security but you have the same complete access you would have had if you were physically at work. RDP, on the other hand, is a means of replicating a desktop experience over a network connection, and is less robust. RDCs have quite a few limitations: Many RDCs will lock out the remote users’ screen so that they cannot use it while you are accessing it, and may even cut them out of their computer account, so that they have to sign in. And you can only access one computer on the network at a time, and that computer may not be the server for the network that contains the necessary settings. You may not be able to install/uninstall programs or change various settings, or even print remotely, either. RDC is really just useful to grab or edit a file or, like us, look at a remote client’s computer to see what’s going on, maybe reset some Internet issues.
HOW TO SET UP A VPN
There are a number of ways this can be done:
First, it can be accomplished with hardware (special VPN routers). These devices look like standard or home routers, but include built-in VPN server capabilities. This is a pre-built VPN solution. If you purchase a router that advertises “VPN server support” you can use the router’s web interface to activate and then configure the VPN server.
An alternative to purchasing a dedicated VPN router would be to purchase a standard router, but with the ability to allow you to flash custom firmware onto the router that will allow you to customize it into a VPN router. DD-WRT and OpenWrt are the most popular ones. (Of course, before purchasing the router, make sure it supports custom firmware. You can do this by going to the software provider’s site.
A second choice is to use private services (such as GoTrusted, PublicVPN, SuperVPN and WiTopia, click HERE for more). They’re not very expensive, but they do cost a it’s more suited for businesses. But they do much of the set-up work for you. This is done using such software as OpenVPN (available for PCs, Macs and Linux), then forwarding the appropriate ports from your standard router to those ports on the computer running the VPN server software.
If you have a web site, your web hosting provider (like GoDaddy or 1&1) also probably offers this service, probably less expensively than the private services mentioned above.
Another choice would be to install VPN software on your home or office computer, so long as you are willing to leave it on permanently, not shut it off like most home users do with their desktops. Not only would this be more cost effective, but it’s probably much easier to set up: You just add the VPN server and manage it via a control panel.
Both Windows and Apple offer features in their operating systems to host VPN servers, but they’re not available in every version and not as secure as OpenVPN.
If you’re really good at computers, you can even set up a Raspberry Pi with OpenVPN or RealVNC software, but that’s really for geeks with knowledge.
Remember that, in order to access the files on your VPN server, that computer must be on. That’s why VPNs are used more by businesses, who don’t shut off their computers at the end of the day like most home users. It should go without saying that, wherever you are putting and hosting the VPN server, make sure that it is always on.
Don’t forget to set up “dynamic DNS” on your router, so that you’ll always be able to access your VPN even if your Internet connection’s IP lease expires and the address changes, which is often the case with home routers. And take advantage of all possible security features offered by your VPN hardware or software, even beyond good password protection, as this is one of the prime reasons you’re getting a VPN.
Because you are using the additional resources to host a server, VPNs may sometimes slow down your network slightly, as well. According to Stan Hanks, who claims to have invented IP VPNs back in the 1980s, most are based on GRE, which was later codified into RFC-1701-2 on about 1992.
Are VPNs illegal? No. Every so often, this information comes up, like an urban myth. Over the years, some have tried to say that VPNs are illegal, but they’re not, so long as what you’re using them for isn’t. Because using a VPN can effectively make you invisible online, as you are surfing through another IP, it can be used for both legal (e.g. corporate connections from outside the office) or illegal (child pornography, spamming, malware) purposes. Kind of like BitCoins can be used for both good and evil. People who make this statement have probably read about countries with Internet control laws like Iran, North Korea and China, which do ban VPNs because they would allow their citizens to connect to such banned websites as FaceBook, Twitter or Netflix. Don’t worry, VPNs are perfectly legal.
Click HERE for more about VPN transmission protocols. See also TIP #65 and FAQ #49 for popular VPN programs and FAQ #41 for encryption protection for VPNs. Also VPN Tunneling, RDC. If your VPN doesn’t work properly, it may because the protocol used to set up a security association (“SA”) isn’t supported (e.g. IKEv1 or 2, which builds upon the Oakley protocol and ISAKMP), SSTP and PPTP protocols, etc. which are far beyond this relatively simple explanation.