Virtual private network refers to establishing a more robust & secure
connection which is virtual & private with the main advantage of being
more secured and reliable. VPN came into existence due to major breach
of security in various protocols & services on internet & network
infrastructure.In various services on the internet the data can be sniffed
through sniffers in the local area network & confidential data like
secure access codes & credentials might be sniffed & captured so vpn
was a necessary implementation to prevent sniffing,packet capturing hence
leading to more secured environment and tunnel establishment in vpn
we can define vpn implementation in very layman term like a person sitting
in US can connect to a branch office in UK and transfer his or her data
in encrypted tunnel using vpn network. In vpn there are 2 types of connection
one is site to site connection & other is client to site connection.
In site to site connection the 2 firewalls or routers located at different
geographical areas can connect and establish a vpn tunnel between them making
the entire exchange of data secure and encrypted whereas in client to site
vpn connection only there is one vpn server and client connects to vpn
server from anywhere to exchange the data in encrypted tunnel.
1. PPTP VPN
This is the most common and widely used VPN protocol. They enable authorized remote users to connect to the VPN network using their existing Internet connection and then log on to the VPN using password authentication. They don’t need extra hardware and the features are often available as inexpensive add-on software. PPTP stands for Point-to-Point Tunneling Protocol. The disadvantage of PPTP is that it does not provide encryption and it relies on the PPP (Point-to-Point Protocol) to implement security measures.
2. Site-to-Site VPN
Site-to-site is much the same thing as PPTP except there is no “dedicated” line in use. It allows different sites of the same organization, each with its own real network, to connect together to form a VPN. Unlike PPTP, the routing, encryption and decryption is done by the routers on both ends, which could be hardware-based or software-based.
3. L2TP VPN
L2TP or Layer to Tunneling Protocol is similar to PPTP, since it also doesn’t provide encryption and it relies on PPP protocol to do this. The difference between PPTP and L2TP is that the latter provides not only data confidentiality but also data integrity. L2TP was developed by Microsoft and Cisco.
Tried and trusted protocol which sets up a tunnel from the remote site into your central site. As the name suggests, it’s designed for IP traffic. IPSec requires expensive, time consuming client installations and this can be considered an important disadvantage.
SSL or Secure Socket Layer is a VPN accessible via https over web browser. SSL creates a secure session from your PC browser to the application server you’re accessing. The major advantage of SSL is that it doesn’t need any software installed because it uses the web browser as the client application.
6. MPLS VPN
MPLS (Multi-Protocol Label Switching) are no good for remote access for individual users, but for site-to-site connectivity, they’re the most flexible and scalable option. These systems are essentially ISP-tuned VPNs, where two or more sites are connected to form a VPN using the same ISP. An MPLS network isn’t as easy to set up or add to as the others, and hence bound to be more expensive.
7. Hybrid VPN
A few companies have managed to combine features of SSL and IPSec & also other types of VPN types. Hybrid VPN servers are able to accept connections from multiple types of VPN clients. They offer higher flexibility at both clienbt and server levels and bound to be expensive.
Which open source vpn solution you should go for ? I choose openvpn (https://openvpn.net/)
For installing openvpn for either windows/linux please follow the link below
For configuring openvpn connections please refer their howto which is quite easy to understand and implement in your infrastructure.
They have also now binaries for your android and also iphones.
Feel free for any comments or queries.