VPN Tunnel- Safe passage for data

The network that encapsulates packets at the same level or below is referred as VPN Tunneling. The management in VPN Tunnel software enables it to create or terminate a tunnel. After the establishment of VPN tunnel the data can be sent. Learn more on the working of tunnels.Read through.

The article covers

VPN tunnel software
How does tunneling work?
three things done by the tunnel
Types of Tunnels
Tunneling Protocols

VPN Tunneling is a network technology that encapsulates packets at the same level or below. One type of packet is encapsulated within the datagram (packet in TCP/IP or UDP containing source and destination address) of a different protocol. Since multiple protocols are pushed through a given network it is said to tunnel. Multiple Protocols that support encryption and authentication make up a Virtual Private Network. Tunneling is used to transport a network protocol through a network; which it normally does not support.

A VPN tunnel software has a management protocol that creates, maintains and terminates a tunnel. After the VPN tunnel is established data can be sent. How does tunneling work? A client or server uses the data transfer protocol to prepare the data transfer. Data is transferred through the VPN tunnel using a datagram based protocol. When a tunnel session is created both end points must agree to various parameters such as address assignment, encryption or compression parameters. PPTP-Point to point tunneling protocol/L2TP-Layer 2 Tunneling protocol encapsulates private network traffic in packets to be transmitted over public networks (TCP/IP). The tunnel thus does three things

It creates and maintains a virtual link.
encrypts and decrypts data to reduce snooping by others
It guarantees the authenticity of the sender and receiver

These together make a virtual private network. Some software's have all the three components where as other have only two components (one establishing a virtual link and the second to provide communication across it).

Types of Tunnels

Tunnels are basically of two types; Voluntary tunnels and Compulsory tunnels.

Voluntary Tunnel

Voluntary tunnels where a client or user issues the VPN request to configure and create a voluntary tunnel. In this case the user's computer is the end point and acts as a VPN client. Voluntary tunnels require an IP connection either a LAN or a dial up connection. In a LAN case there is already a network that routes the encapsulated payloads to the tunnel server. For a dial up connection the computer must be connected to the internet to establish a voluntary tunnel. The initial establishing of IP connectivity is not a part of VPN and the client needs VPN tunnel client software to create a voluntary tunnel.

Compulsory tunnel

A VPN remote access server configures and creates a tunnel where the user computer is not the end point. The end points are therefore the VPN remote access server and the VPN tunneling (LAN) server. A number of ISP vendors that have dialup servers are now offering VPN services. The server (NAS-Network Access Server) creating and providing the tunnel for the client is known as the FEP-Front End Processor for PPTP and LAC-L2TP Access Concentrator for L2TP. The FEP must have the appropriate VPN tunneling software protocol and should be capable of establishing the tunnel when the client requires. The client is compulsorily availing the service of the FEP hence the terminology compulsory tunneling. Separate tunnels are created for Multiple voluntary Dial up clients where as a single compulsory tunnel can be used to multiple clients. The tunnel is existent as long as there is some client using the tunnel.

Continue to: Tunneling Protocols

VPN Ports: Your Entry and Exit
VPN Router: A wise choice for Enterprises
VPN Gateway: Secure Your Network
VPN Firewalls- Stopping Crooks