A VPN is a secure tunnel within a network such as the Internet for example.
Understanding the concept of tunnel
To represent what a computer tunnel is, think of a network as large pipes that run in all directions, to every computers. Water flows through these pipes.
Now, let’s imagine that I slide a rubber hose inside these pipes to go from one computer to another. You understand that the water that passes through the inside of this rubber hose:
- does not mix with the rest of the water in the pipes
- is not accessible to other pipes that are not connected to this hose.
Here’s how it could be represented: the water from the network cannot enter the pipe (VPN) and therefore cannot mix with the water in the tunnel. More on this website!
How does a VPN work? How to create this VPN tunnel?
First of all, to create this tunnel, you’re going to need a dedicated software. This software will manage the encryption and decryption of the data. This is link to cryptography. In this software, there will be two parts: a client software and a server software. This server software can be found in different ways: (the client software is always in adequacy with the server software).
- It can be integrated into the company’s firewall. It is a widespread solution in companies.
- It is also possible to install a server dedicated to the VPN. (There are vpn payant comparatif or free solutions available on the market. One of the most famous free VPN software is probably OpenVPN).
There may be unique connections on your computers that will transform your computers into VPN servers. (this is not new because it was already integrated into Windows XP).
It is also possible to install VPN boxes or routers. (these boxes will be dedicated or have several roles).
And finally, to surf the Internet (i.e., connect to the Internet in encrypted form), you can (must) use VPN servers such as ExpressVPN.
How to connect to the VPN?
The client will then connect to the VPN in several possible ways:
- With the software installed on the client computer,
- By a secure browsing browser (https) or using a plugin integrated into the browser. (a plugin is a tool that runs in the browser)
- By another box (a bit like the VPN server box).
- In general, the client software will ask the user for a login and password to confirm his identity.
But there may also be other possible authentication modes such as tokens*, smart cards, single password tokens.
And we can sometimes ask for both: login + token, we talk about double authentication.
– A token: translated as “token,” will guarantee that the customer is who he claims to be and that he is not a pirate. Because this token is unique, and the server recognises the one who owns it.
– Tokens with a unique password, whether physical boxes or smartphones (software installed on a smartphone or computer), are tools that give a code that changes regularly. Without the correspondence between this code and the server: it is not possible to connect.
More in this video