0

I understand what a VPN does, and I understand the concept of tunneling between the end user and the VPN server to allow this secure connection to happen, but what happens after that is somewhat vague to me.

Can any node on a network (i.e. network host) run a VPN server? I.e. it makes no difference if it's a router or a simple device connected to the router (that is accessible from outside)? And is it after the tunneling step just like a proxy, in that the VPN server captures the packets, and then resends them itself and returns the response to the origin?

Another question: Do packets forwarded by the VPN server contain the VPN server host private IP, or does the VPN server software act as a new node on the network and receives its own private IP from the router?

Improve this question
1
  • Basically it gets decapsulated from the VPN packet encapsulation, then the host gets an IP packet that is either for itself or for it to forward to another host. (At least that's how L3 tunneling works. Not sure if there's a huge difference in L2 tunneling.)
    – Tom Yan
    Commented May 21, 2021 at 4:44

1 Answer 1

Reset to default
2

The VPN server is just a computer program. Any device that runs an advanced-enough operating system that has available such a utility can run it. This includes principally Linux, Windows and MacOS.

The VPN server can only be used in conjunction with matching software on the client computer. This software will usually create on the client a virtual network adapter, that will look to the operating system the same as a physical one, and will add a default route to the routing table so all future communications will pass through it by default.

The client software is tasked with establishing contact with the VPN server using the protocol you mentioned, encrypting outgoing packets and decrypting incoming ones.

Improve this answer
3
  • Although it is technically correct and I understand what you're saying, I only do so because I have the knowledge. I think the most important aspect of why VPN works is not explained well enough. It boils down to this: all traffic between the client and VPN server is encrypted such that no matter if the traffic is intercepted, its useless to the hacker. Basically what you do is you still communicate like normal, but all traffic is changed so much that it is only useful to the client and VPN server.
    – LPChip
    Commented May 20, 2021 at 21:54
  • 1
    @LPChip I don't think encryption is a criterion that defines VPN. All it needs to do is to provide a "link" that one can create a network with. P doesn't stand for Privacy here, but Private of similar sense in Private IP.
    – Tom Yan
    Commented May 21, 2021 at 4:40
  • @LPChip: This is just a short description intended to point the poster in the right direction. A full treaty would take a book.
    – harrymc
    Commented May 21, 2021 at 7:47

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .