VPN is an acronym that stands for Virtual-Private-Network, they are used to help protect digital privacy.
In today’s digital landscape it is not unusual to want more privacy, it is actually quite common. One of the most common ways of protecting your online privacy is with VPNs.
In this blog post I am going to be explaining both the basics and some technical aspects of VPNs.
What is a VPN?
A VPN connection will always have at least a client device and a VPN server.
The client device will be connected to the VPN server and have all traffic routed through this VPN server, when the client device connects with a web server (for example https://www.example.com) then all the data that the client sends to the web server first gets sent to the VPN server to then have this VPN server forward the data the client sent further to the web server, now when the web server serves data to the client it will send data to the VPN server and now the VPN server forwards the data to the client.
These connections between client and VPN server are encrypted, this means the data is scrambled into different looking data to make it look like random data to anyone trying to ‘snoop’ in on the user’s activity.
There are many different types of VPNs, though the two most common types are site-to-site VPNs and remote access VPNs.
The difference between these two types of VPNs is that the site-to-site type connects an entire network to an entire other network, while remote access VPNs allow an individual device to be connected to a remote network.
So, if you are wanting to connect all internet enabled devices on your network to be connected to the internet through a VPN, a site-to-site VPN is probably the right choice, whereas if you are only trying to have a single device connected to a VPN then the remote access VPN will be better.
How VPNs are Used
Just like with many things, VPNs have actual use cases, and some of them might fit yours.
VPNs can enhance your Privacy by creating ‘Anonymity’, where it becomes more difficult for sites or other servers you connect to to fingerprint you based on traditional identifiers such as IP addresses, Useragents, and more. This can be used for both good, and sadly not too uncommonly for bad.
VPNs also create extra security as many have Malware blocking, suspicious content flagging, encryption and DDoS mitigation.
While in many countries you have the right nowadays to access pretty much any media or information on the web, this sadly is not the case for everyone around the globe. In many places, especially ones with complex conflicts or other Political issues, the governments will force the Internet-Service-Providers (ISPs) into blocking certain content from the public, though whether you are a journalist or simply a citizen of such country but want or even need to access certain blocked things on the web, then a VPN will let you bypass such a limitation.
Even for those not experiencing censorship, VPNs allow you to for example access shows or other Geo-specific content, or if you go on holiday and do not want all the platforms you use to think you stole your own account or whatever other reason can still access content you usually do at home without issue through a VPN.
Even corporations and enterprises use VPNs, this is typically for establishing secure connections to corporate networks as these are high-risk environments where security is an absolute top-priority.
basic Technical Details
VPNs use encryption protocols to help keep transit data securely private.
There are multiple types of encryption protocols, while both OpenVPN and Wireguard, the two most commonly used VPN protocols, support SSL/TLS and are based on TLS.
OpenVPN uses various symmetric key block ciphers, including AES, Serpent and TwoFish.
Symmetric key block ciphers use the same key for encrypting and decrypting data – while asymmetric ones such as RSA use a Public key for encryption and a Private key for decryption.
VPNs, as earlier mentioned may use different types of VPN protocols.
The two most common ones, as mentioned, are OpenVPN and Wireguard, though there are also a few more, such as OpenSSH, SSTP, IPsec and others.
OpenVPN and Wireguard are quite similar, while Wireguard is designed to be more lightweight than OpenVPN plus OpenVPN uses username + password authentication while Wireguard just uses Public and Private keys.
OpenSSH is like Telnet, a way to access a remote computer via command line interface, but with encryption.
SSTP is a form of VPN tunnel that provides a way to transport Point-to-point Protocol traffic through an SSL/TLS channel.
IPsec authenticates and encrypts data packets for secure internet communications.
VPNs can be great for protecting your privacy or giving you access to things you otherwise would not, though it is important to read and understand the Logging Policies of a VPN provider you decide to use, because logs are when the provider keeps data about your activity over the VPN connection, while no-logs Policies are to ensure that the VPN provider does not keep any data on you and does not collect any from your activity. It is highly recommended to choose a provider that has a strong reputation for their no-logs policies.
VPNs, just like other great things in life can be an advantage but advantages come with disadvantages, in VPNs these could be the costs you pay to the provider, but it is also performance.
Encryption and handshakes between the client and the VPN server require quite a few system resources as well as bandwidth, while it is less noticeable on modern devices and on fast internet connections, it still has an affect.
VPNs are recommended against when you have a bad internet connection, because they need some of your internet bandwidth and in addition to that add around 10ms (or more) latency, which in most cases actually doesn’t make too much of a difference.
Public vs. Private VPNs
Publicly available VPNs often offer both Free and Paid options, while the free tier often being limited in speed or monthly traffic, and the Paid tier unlocking more locations and higher speed servers with other cool features, though the paid one of course costs money.
Publicly available VPNs also use heavily shared servers, this means that they may advertise their servers as something like ’10Gbps’, in real world throughput you might only get a few Mbit/s at best. They usually also have a community and basic support.
Private, or rather ‘Enterprise VPNs’ often include things such as SLAs, which basically say how much time per time the VPN server is allowed to be offline and tons of other rather technical stuff that mostly regard uptime.
They also will usually include dedicated IP addresses, which do actually eliminate the point of using them for Anonymity, though therefore they do often give you the full 10Gbps+ without any so called ‘noisy-neighbors’, which are other users that you have to share the VPN server’s resources with. They also will have professional support, proper documentation, and many other advantages, which come at a much greater cost though.
The Enterprise VPN with guarantee is going to perform better in almost any scenario compared to the Publicly available VPNs, though it is not worth the high cost for many, especially private individuals. So, control you probably have more with the Enterprise VPN, though Privacy, to be honest, probably on the Publicly available ones.
Setting up Your VPN
VPNs are not too difficult to setup these days, if you are using a popular provider then they most likely provide both a client and documentation themselves. Use their client and go on from there.
For those using the OpenVPN App, Click here.
For those using the Wireguard App, you can create a new Tunnel if you have not received a file from your provider to import, and use the template before, don’t forget to fill out the information you have received from your provider. If you haven’t received any information from your provider, please contact their support.
[Interface]
PrivateKey = (your private key here)
Address = (IPv4 /32 address here), (IPv6 /128 address here)
DNS = 194.242.2.4, 9.9.9.9, 2a07:e340::4, 2620:fe::9, 1.1.1.1, 2606:4700:4700::1111
[Peer]
PublicKey = (your public key here)
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = (server-ip:port)
PersistentKeepalive = 25Common Misconceptions
“VPNs make users completely anonymous.” – This is not true. While VPNs do offer some anonymity and privacy protections over using no VPN, they still do not make you invisible.
Conclusion
VPNs can enhance user Privacy and use various protocols to function.
When considering a VPN, keep your priorities straightforward and look for a provider that claims to meet those needs, also check online for reviews and elsewhere about what people say about the provider.
This post was completely written without AI, and may still get updated later.