Convenient as it may seem, before creating a VPN, certain measures must be taken to provide authenticity, data integrity and encryption so as to ensure that the users are who they say they are, as well as secure the data in a unreadable format to provide confidentiality and integrity.
There are two main types of VPNs, Site to Site (LAN to LAN) and Remote Access VPN.
Firstly, in Site to Site VPN or (StS), its main feature is allowing users from two separate LANs to communicate and interact with each other as if they were in the same building, i.e. a HQ-LAN in UK communicating with a Branch-LAN in Singapore. This is possible because of a feature - tunnelling. The VPN creates a private tunnel between the two LANs through the internet. This tunnel however, needs to be secured, and it can be done so through technological options such as; SSL, IPSec, GRE, MPL5, PPTP, MPPE, L2TP, L2F. These options are able to secure the Application Layer, Transport/ Network Layer and the Physical Layer.
Next in Remote Access VPN, where this particular VPN is designed to mobile users and home telecommuters, i.e. Prudential example above, tunnelling is also required in this service but different technologies and protocols are needed so secure the Remote Access VPN.
How does a Remote Access VPN work?
Easy. With a VPN server such as Easy VPN as well as a VPN client; Cisco VPN Client. The steps required are listed below:
- The VPN Client initiates the IKE (Internet Key Exchange) Phase 1 process.
- The VPN Client establishes a IKE SA.
- The VPN server accepts the SA proposal.
- The VPN server initiates a username/password challenge.
- The mode configuration process is initiated.
- The Reverse Route Injection (RRI) process is initiated.
- IKE quick mode completes the connection.
In conclusion, these are two overviews about the two main types of VPNs available. Thank you for taking your time to read. (:
