IP VPN technology. VPN – what is it? — Description and configuration of the server


Soon there will be articles on the site talking about anonymity on the Internet using a VPN. We will set up a VPN on different devices. In order not to write every time in every article what a virtual private network VPN is, I decided to write this article.

If you are interested in issues of anonymity on the Internet, I advise you to read the article “” where we talked about proxy connections, why proxies are needed and what types there are.

In this article I will not dig deep. I will only tell you about the most important things that a person who is thinking about anonymity on the Internet needs to know.

Virtual private Virtual network Private Network (VPN) is a technology that provides the ability to provide one or several network connections over another network, such as the Internet.

This connection has the form of an encrypted tunnel that directly connects the user’s computer and a remote server, which allows not only but also to encrypt your traffic. In other words, this way you will be able to download anything from anywhere, and no one will know about it.

Types of VPN connections

You can set up the following types of VPN connections: As I said earlier, all information is reduced to the required minimum. Read more in specialized literature.

Virtual private network PPTP

RRTR- Point-toPoint Tunneling Protocol is a point-to-point tunnel protocol that will help establish a secure tunnel in an unsecured network. It is the most popular VPN connection method, but many Internet providers block such applications.

OpenVPN Virtual Private Network

OpenVPN- is a free implementation of this technology with the provision open source to create your own encrypted channels using the “point-to-point” or “server-client” types. The latter allows you to use another computer as a VPN server. However, setting up a tunnel requires installing a special software coupled with the knowledge to work with it.

L2TP Virtual Private Network

L2TP(Layer 2 Tunneling Protocol) is the most labor-intensive type of VPN tunnel to set up, but allows you to create it with specified access priorities, making it the most secure.

And although VPNs are not literally anonymizers, today most sites providing CGI-proximity services offer to purchase their own VPN channel. This technology is gaining momentum, so it is likely that soon the number of familiar anonymizers will be reduced to the required minimum.

More and more cafes, hotels and others public places acquire their own Wi-Fi networks. But by using unprotected traffic, device owners jeopardize the security of their own data. Therefore, the relevance of private networks is increasing. To protect yourself, you can create a VPN connection. About what it is and how to configure it correctly in Windows system 7, read our article.

What is a VPN connection and why is it needed?

This technology involves a secure network created on top of an unsecured network. The VPN client, using a public network, connects to the VPN server through special protocols. The server accepts the request, verifies the client's identity, and then transmits the data. This is ensured by cryptography.

VPN capabilities allow you to use it for the following purposes:

  1. Hide your real IP and become anonymous.
  2. Download a file from a network in which access is restricted for IP addresses of the user’s country (if you use the IP address of a country that has access to this network.
  3. Encryption of transmitted data.

How to set up a connection?

  1. Through “Start”, open “Control Panel”, then launch “Network and Sharing Center”.

    Select the “Network and Sharing Center” area

  2. Follow the link “Set up a new connection or network.”

    To create a new connection or network, you need to click on the corresponding line in the list

  3. Click "Connect to Workplace".

    Select "Connect to a workplace"

  4. Select "Use my Internet connection (VPN)."

    Select "Use my Internet connection (VPN)"

  5. In the “Internet address” field, enter the address of your VPN server.
  6. To find it out, you need to launch the Run tool (Win + R) and enter cmd.

    Must be entered in cmd line and press "Enter"

  7. Then write the ipconfig command, run it and find the “Default gateway” line, which contains the desired address.

    You need the address that is in the “Main gateway” line

  8. Now you need to insert the address and tick the “Don’t connect now...” checkbox and click “Next”.

    Enter the received address in the field, check the box next to “Don’t connect now...”

  9. Enter the username and password provided by the provider and click “Create”.

    Enter login and password

  10. Close a window.
  11. Open Network and Sharing Center again and click Change adapter settings.
  12. The VPN connection icon appears here. To make a connection, you need to click on the icon right click mouse and click “Connect”. To disable, also right-click on the icon and click “Disable”.

    There is a VPN connection icon here, through which you can connect or disconnect

  13. In the window that opens, you need to enter your username and password and connect.

    Enter your username and password (if necessary) and click “Connect”

Video: creating and setting up a VPN

Possible errors and solutions to problems

400 Bad Request

  1. Disable a firewall or other program that affects your security and online activities.
  2. Update the version of the browser you are using or use a different one.
  3. Delete everything that the browser writes to disk: settings, certificates, saved files, etc.

611, 612

  1. Restart your computer and check if the local network is working. If this does not solve the problem, then call technical assistance.
  2. Close some programs to improve system performance.

629

Check your firewall settings. As a last resort, it can be disabled, but this is undesirable, as the level of security will be reduced.

630

Reinstall the network adapter drivers.

650

  1. Check if “Connect via local network».
  2. There is a problem with the network card or network cable.

738

  1. Perhaps your login and password were stolen by attackers.
  2. The session was stuck. After a few minutes, try to connect again.

752

  1. The local firewall is not configured correctly.
  2. Changed access attributes (international phone number instead of the VPN server address).

789

Open the VPN connection settings, go to the “Network” tab and select “Automatic” or “Point-to-Point Tunnel Protocol (PPTP)” from the available VPN types. Then reconnect.

800

The cable, router or router may be damaged. If they are ok, then you need to check the following:

  1. LAN connection properties. They may have gotten lost or been deleted. You need to open the properties of the VPN connection, select “Internet Protocol Version 4 (TCP/IPv4)” and open its properties. Then check the correctness of the parameters: IP address, subnet mask, default gateway. As a rule, they are specified in the provider's Internet connection agreement. Alternatively, you can check the boxes next to “Obtain an IP address automatically” and “Obtain a DNS server address automatically.”
  2. If you are using a router or router, then the “Default gateway” field is 192.168.0.1 (192.168.0.1). More details about this are described in the router instructions. If it is known for sure that the access point has a default gateway of 192.168.0.1 or 192.168.1.1, then the IP addresses are in the range from 192.168.0.100 (192.168.1.100) and higher.
  3. IP address conflict (there is a yellow exclamation mark in the tray icon on the monitor). This means that there is a computer on the local network with the same IP address. If there is no router, but there is a conflict, it means that the IP address is not the one specified in the agreement with the provider. In this case, you need to change the IP address.
  4. There may be problems with the subnet mask or DNS server. They must be specified in the contract. In cases where a router is used, the DNS is often the same as the default gateway.
  5. The network card is turned off or burned out. To check the device, you need to click “Start”, select the “Run” tool and enter devmgmt.msc in the mmc line. In the window that opens, click on “ Network adapters" If it is turned off (crossed out), then you need to start it. If the card does not turn on, it means that it has burned out or has come out of the slot (the second option is only possible if the card is not built into motherboard). If the card works, then disable it and start again. As a last resort, you can delete network card from the configuration and click on the “Update hardware configuration” icon. The system will find the network card and install it.
  6. Incorrect VPN server address. It must be indicated in the instructions. If there is no such information, then you need to contact technical service. If the Internet works without a VPN connection, then go to the provider’s website and find the VPN server address. It can be either alphabetic (vpn.lan) or in the form of an IP address. To view the VPN server address, you need to open the properties of the VPN connection.
  7. On personal account no money.

Regardless of the error, if you cannot fix it yourself, you will have to contact technical support.

How to enable automatic start?

  1. In order for the connection to start automatically, you need to go to “Control Panel” - “Network and Internet” - “ Network connections».

    Find VPN in Control Panel

  2. We find the VPN, open properties, then go to the “Options” tab and uncheck the “Display connection progress”, “Prompt for name, password” and “Include Windows login domain” checkboxes.
  3. Then you need to open the scheduler Windows jobs. Go to “Control Panel” - “System and Security” - “Administration” - “Task Scheduler”. Or you can go through the registry: Win + R, enter the line taskschd.msc.

    Open the task scheduler

  4. Select “Action” from the menu, then “Create a simple task.”

VPN (Virtual Private Network), or translated into Russian, a virtual private network, is a technology that allows you to connect computer devices into secure networks to provide their users with an encrypted channel and anonymous access to resources on the Internet.

In companies, VPN is used mainly to unite several branches located in different cities or even parts of the world into one local network. Employees of such companies, using a VPN, can use all the resources that are located in each branch as if they were their own local resources, located nearby. For example, print a document on a printer located in another branch in just one click.

For ordinary users Internet VPN useful when:

  • the site has been blocked by the provider, but you need to log in;
  • you often need to use online banking and payment systems and want to protect your data from possible theft;
  • the service only works for Europe, but you are in Russia and don’t mind listening to music on LastFm;
  • you want the sites you visit not to track your data;
  • There is no router, but it is possible to connect two computers to a local network to provide both with access to the Internet.

How VPN works

Virtual private networks work through a tunnel they establish between your computer and remote server. All data transmitted through this tunnel is encrypted.

It can be imagined as an ordinary tunnel, which is found on highways, only laid through the Internet between two points - a computer and a server. Through this tunnel, data, like cars, rushes between points at the highest possible speed. At the input (on the user’s computer), this data is encrypted and goes in this form to the recipient (to the server), at this point it is decrypted and interpreted: a file is downloaded, a request is sent to the site, etc. After which the received data is encrypted again server and are sent through the tunnel back to the user’s computer.

For anonymous access To access sites and services, a network consisting of a computer (tablet, smartphone) and a server is sufficient.

In general, data exchange via VPN looks like this:

  1. A tunnel is created between the user’s computer and the server with installed software for VPN creation. For example OpenVPN.
  2. In these programs, a key (password) is generated on the server and computer to encrypt/decrypt data.
  3. A request is created on the computer and encrypted using the previously created key.
  4. Encrypted data is transmitted through the tunnel to the server.
  5. The data coming from the tunnel to the server is decrypted and the request is executed - sending a file, logging into the site, starting the service.
  6. The server prepares the response, encrypts it before sending it, and sends it back to the user.
  7. The user's computer receives the data and decrypts it with the key that was generated earlier.

Devices included in the virtual private network, are not geographically tied and can be located at any distance from each other.

For the average user of virtual private network services, it is enough to understand that logging onto the Internet through a VPN is complete anonymity and unlimited access to any resources, including those that are blocked by your provider or are not available in your country.

Who needs a VPN and why?

Experts recommend using a VPN to transfer any data that should not end up in the hands of third parties - logins, passwords, private and work correspondence, work with Internet banking. This is especially true when using open points access -- WiFi at airports, cafes, parks, etc.

The technology will also be useful for those who want to freely access any sites and services, including those blocked by the provider or open only to a certain circle of people. For example, Last.fm is available for free only to residents of the USA, England and a number of other European countries. A VPN connection will allow you to use music services from Russia.

Differences between VPN and TOR, proxy and anonymizers

VPN works globally on a computer and redirects the work of all software installed on the computer through the tunnel. Any request - via chat, browser, client cloud storage(dropbox), etc., before reaching the recipient, it goes through a tunnel and is encrypted. Intermediate devices “mix the tracks” through encrypting requests and decrypt it only before sending it to the final destination. The final recipient of the request, for example, a website, records not the user’s data - geographic location, etc., but the VPN server data. That is, it is theoretically impossible to track which sites the user visited and what requests he transmitted over a secure connection.

To some extent, anonymizers, proxies and TOR can be considered analogues of VPNs, but they all lose in some way to virtual private networks.

What is the difference between a VPN and TOR?

Like VPN, TOR technology involves encrypting requests and transmitting them from the user to the server and vice versa. Only TOR does not create permanent tunnels; the paths for receiving/transmitting data change with each access, which reduces the chances of intercepting data packets, but not in the best possible way affects the speed. TOR is free technology and supported by enthusiasts, so expect stable operation no need to. Simply put, you will be able to access a site blocked by your provider, but it will take several hours or even days for HD video to load from it.

What is the difference between a VPN and a proxy?

Proxy, similar to VPN, redirects the request to the site, passing it through intermediary servers. It’s not difficult to intercept such requests, because the exchange of information occurs without any encryption.

What is the difference between a VPN and an anonymizer?

Anonymizer is a stripped-down version of proxy, capable of working only within open tab browser. You can use it to access the page, but you won’t be able to use most of the features, and no encryption is provided.

In terms of speed, proxy will win among the methods of indirect data exchange, since it does not provide for encryption of the communication channel. In second place is VPN, which provides not only anonymity, but also protection. Third place goes to the anonymizer, limited to work V open window browser. TOR is suitable when you don’t have the time or ability to connect to a VPN, but you shouldn’t count on high-speed processing of large requests. This gradation is valid for the case when non-grid servers are used, located at the same distance from the one being tested.

How to connect to the Internet via VPN

In RuNet, VPN access services are offered by dozens of services. Well, there are probably hundreds all over the world. Basically all services are paid. The cost ranges from a few dollars to several tens of dollars per month. Specialists who have a good understanding of IT create a VPN server for themselves on their own, using servers provided by various hosting providers for these purposes. The cost of such a server is usually about $5 per month.

Prefer paid or free solution depends on requirements and expectations. Both options will work - hide location, replace IP, encrypt data during transmission, etc. - but there are problems with speed and access to paid services happen much less often and are resolved much faster.

Tweet

Plus

Please enable JavaScript to view the

To understand what a VPN is, it is enough to decipher and translate this abbreviation. It is understood as a “virtual private network” that unites individual computers or local networks in order to ensure the secrecy and security of transmitted information. This technology involves establishing a connection with a special network-based server public access with help special programs. As a result of this, in existing connection a channel appears, reliably protected modern algorithms encryption. In other words, a VPN is a point-to-point connection within or over an unsecured network that provides a secure tunnel for the exchange of information between users and the server.

Fundamental Properties of a VPN

Understanding what a VPN is is incomplete without understanding its key properties: encryption, authentication and access control. It is these three criteria that distinguish a VPN from an ordinary corporate network that operates on the basis of public connections. Implementation of the above properties makes it possible to protect user computers and organization servers. Information that passes through materially unprotected channels becomes invulnerable to influence external factors, eliminating the possibility of its leakage and illegal use.

VPN typology

Having understood what a VPN is, you can move on to considering its subtypes, which are distinguished based on the protocols used:

  1. PPTP is a point-to-point tunnel protocol that creates a secure channel over a regular network. The connection is established using two network sessions: data is transferred via PPP over the GRE protocol, the connection is initialized and managed via TCP (port 1723). It can be difficult to set up on mobile and some other networks. Today, this type of VPN is the least reliable. It should not be used when working with data that should not fall into the hands of third parties.
  2. L2TP - Layer 2 tunneling. This advanced protocol was developed based on PPTP and L2F. Thanks to IPSec encryption and combining the main and control channels into a single UDP session, it is much more secure.
  3. SSTP is SSL-based secure socket tunneling. This protocol creates reliable connections over HTTPS. For the protocol to function, port 443 is required, which allows communication to be established from anywhere, even beyond the proxy.

VPN Features

The previous sections talked about what a VPN is from a technical point of view. Now you should look at this technology through the eyes of users and understand what specific advantages it brings:

  1. Safety. Not a single Internet user would like it if his page on a social network was hacked or, even worse, passwords for bank cards and virtual wallets were stolen. VPN effectively protects personal data. Both outgoing and incoming information flows are transmitted through the tunnel in encrypted form. Even the ISP cannot access them. This point is especially important for those who often connect to the network in Internet cafes and other points with unsecured Wi-Fi. If you do not use a VPN in such places, you will be at risk not only transmitted information, but also the connected device.
  2. Anonymity. VPN eliminates the issue of hiding and changing IP addresses because it never shows the user’s real IP to the resources he visits. The entire flow of information passes through a secure server. Connecting through anonymous proxies does not involve encryption, the user’s activity is not a secret to the provider, and the IP may become the property of the resource being used. In this case, the VPN will pass off its own IP as the user’s.
  3. Unlimited access. Many sites are blocked at the level of states or local networks: for example, they are not available in the offices of serious companies social media. But it’s worse when you can’t get to your favorite site even from home. VPN, replacing the user’s IP with its own, automatically changes its location and opens the way to all blocked sites.

VPN Applications

Virtual private networks are most often used:

  1. Providers and system administrators of companies to ensure secure access to global network. At the same time, to work within the local network and to reach the general level, they are used different settings security.
  2. Administrators to restrict access to a private network. This case is classic. With the help of VPN, enterprise divisions are united, and it is also possible to remote connection employees.
  3. Administrators to combine networks of different levels. Usually, corporate networks are multi-level, and each subsequent level is provided increased protection. VPN in in this case provides greater reliability than simple aggregation.

Basic nuances when setting up a VPN

Users who already know what a VPN connection is often set out to set it up themselves. Step by step instructions on setting up secure networks for various operating systems can be found everywhere, but they do not always mention one important point. With a standard VPN connection, the main gateway is specified for the VPN network, as a result of which the user’s Internet is lost or connected through remote network. This creates inconvenience and sometimes leads to unnecessary expenses for paying for double traffic. To avoid trouble, you need to do the following: in the network settings, find the TCP/IPv4 properties and in the additional settings uncheck the box that allows the use of the main gateway on the remote network.

VPN (Virtual Private Networks) - virtual private networks. VPN is one of those technologies that is unknown where it came from. However, when such technologies take root in a company's infrastructure, everyone wonders how they ever managed without them. Virtual private networks allow you to use the Internet as your own private network. Thus, the proliferation of VPNs is related to the development of the Internet. The technology itself uses the TCP/IP protocol stack as the basis for its work.

In order to understand what a VPN is, you need to understand two concepts: encryption and virtuality.

Encryption is the reversible transformation of a message to hide it from unauthorized persons.

Virtuality is an object or state that does not really exist, but can arise under certain conditions.

Encryption converts a message from one form, such as "Hello!" into another form “*&878hJf7*&8723”. On the other hand, there is also an inverse transformation, which is called decryption, i.e. converting the message "*&878hJf7*&8723" into a "Hello!" message. The security approach in VPNs assumes that no one other than the intended recipient will be able to perform decryption.

The concept of “virtuality” refers to the “as if” situation. For example, a situation where you access remote computer using a tablet. In this case, the tablet simulates the operation of a remote computer.

The term VPN has a precise definition:

A VPN is an encrypted or encapsulated communication process that securely transfers data from one point to another; The security of this data is ensured by strong encryption technology and the transmitted data passes through an open, unsecured, routed network.

Since the VPN is encrypted, when communicating between nodes, data is transmitted securely and its integrity is guaranteed. Data flows through an open, unsecured, routed network, so when transmitted over a shared link, it can take many paths to its final destination. Thus, VPN can be thought of as the process of sending encrypted data from one point to another over the Internet.

Encapsulation is the process of placing a data packet inside an IP packet. Encapsulation allows you to add an additional layer of protection. Encapsulation allows you to create VPN tunnels and transfer data over a network with other protocols. The most common way to create VPN tunnels is to encapsulate network protocols (IP, IPX, AppleTalk, etc.) in PPP and then encapsulate the resulting packets into tunneling protocols. The latter most often is the IP protocol, although, in rare cases, ATM protocols can also be used, Frame Relay. This approach is called second-layer tunneling, since the passenger here is the second layer protocol (PPP).

An alternative approach is packet encapsulation network protocol directly into a tunneling protocol (such as VTP) is called layer 3 tunneling.

VPNs are divided into three types based on their purpose:

  1. Intranet - used to unite several distributed branches of one organization into a single secure network, exchanging data via open channels communications.
  2. Extranet - Used for networks to which external users (for example, customers or clients) connect. Due to the fact that the level of trust in such users is lower than in company employees, special protection is required to prevent external users from accessing particularly valuable information.
  3. Remote access - created between central corporate offices and remote mobile users. If you have encryption software loaded on the remote laptop computer, remote user establishes an encrypted tunnel with VPN device at central corporate offices.

There are many options for implementing a VPN. There are performance factors to consider when choosing how to implement a VPN VPN systems. For example, if a router is running at the limit of its processor power, then adding additional VPN tunnels and applying encryption/decryption could bring the entire network to a halt as the router cannot handle normal traffic.

VPN implementation options:

  1. VPN based on firewalls. Firewall ( firewall) is a software or hardware-software element computer network, which controls and filters what passes through it network traffic in accordance with given rules. Today, most firewall vendors support tunneling and data encryption. All similar products are based on the fact that traffic passing through the firewall is encrypted.
  2. Router-based VPN. Since all information emanating from the local network first arrives at the router, it is advisable to assign encryption functions to it. Cisco routers, for example, support L2TP and IPSec encryption protocols. In addition to simple encryption, they also support other VPN features such as authentication at connection establishment and key exchange.
  3. Network-based VPN operating system. In Linux, technologies such as OpenVPN, OpenConnect or NetworkManager are usually used to connect a VPN. Used to create a VPN in Windows PPTP protocol, which is integrated into the Windows system.

___________________________


2024 gtavrl.ru.