Virtual Private Networks (VPNs):

Setup and Management

Site-to-Site and Client VPNs for Secure Remote Access
BSIT 3-2: KAYLA M. GUTLAY

REXIELYN S. GUETAN

JOAN MAE G. GIME

What is VPN?
• Virtual Private Network is a type of private network that uses
public telecommunication, such as the Internet, instead of
leased lines to communicate.
• A virtual private network, or VPN, is an encrypted connection
over the Internet from a device to a network.
How do VPNs work?
Step 1: Device Connection to a VPN Server
When you activate a VPN on your device, it first
connects to a VPN server. This server is usually located in a
different geographical location, which could be chosen by you
or automatically by the VPN service.
Step 2: Data Encryption
Before your data leaves your device, the VPN client
software encrypts it using advanced encryption protocols.
This encrypted data is nearly impossible to intercept and read
without the appropriate decryption key.
How do VPNs work?
Step 3: Data Transmission to the VPN Server
The encrypted data is then transmitted to the VPN
server. This server acts as an intermediary between your
device and the wider internet.
Step 4: IP Address Masking
The VPN server replaces your original IP address with its
own. This means that when your data reaches the destination
server (like a website), it appears as if the request is coming
from the VPN server’s location rather than your actual
location.
How do VPNs work?
Step 5: Data Decryption
When the VPN server receives data from the internet
(such as a webpage you requested), it encrypts the data
before sending it back to your device.
Step 6: Final Decryption
Your VPN client decrypts the data received from the VPN
server, allowing you to access the content as if you were
directly connected to the internet.
How do VPNs work?
Types of VPNs
• Client (Remote Access) VPN

• Site-to-Site VPN (Intranet-based)

• Site-to-Site VPN (Extranet-based)

Client (Remote Access) VPN
• Individual users are connected to the private network and It
allows the technique to access the services and resources of
that private network remotely.
• It is most suitable for the business and home users. In remote
access VPN, multiple users are allowed.

Example:
An employee working from home connects to their
company's internal network using a VPN app.
Client (Remote Access) VPN
How Does a Remote Access VPN Work?
Client (Remote Access) VPN
How Does a Remote Access VPN Work?
1. The user launches the VPN client
The process begins when a remote user opens their
VPN application on a device, like a laptop or
smartphone.
2. Authentication takes place
The user logs in using their credentials. Often, multi-
factor authentication is required to ensure only
authorized users can connect.
Client (Remote Access) VPN
How Does a Remote Access VPN Work?
3. A secure tunnel is created
Once authenticated, the VPN client builds an encrypted
tunnel to the VPN gateway (the server at the company’s
end). This tunnel protects all data sent and received.
4. The user gains secure access
Through this tunnel, the remote device is now virtually
part of the company’s internal network. The user can
safely access applications, file servers, and other internal
systems—just like they’re in the office.
Site-to-Site VPN (Intranet-based)
• Intranet-based VPNs connect multiple offices/branches of the
same company.
• Used to unify internal resources across physical locations.

Example:
If a company has offices in different cities, an intranet-
based VPN allows them to communicate and share data
securely as if they were all in one location.
Site-to-Site VPN (Extranet-based)
• Extranet-based VPNs connect a company's network to the
network of another organization, like a business partner or a
supplier.
• This type of VPN ensures that both organizations can work
together securely, sharing necessary data while keeping other
information private.
• Allows limited, secure access to shared resources.

Example:
A retail company sets up a VPN connection with its
supplier so they can securely share inventory data and order
information.
Site-to-Site VPN
How Does a Site-to-site VPN Work?
Site-to-Site VPN
How Does a Site-to-site VPN Work?
1. Gateways are set up at both sites
Each network has a VPN gateway—usually a router or
firewall—that manages the connection.
2. A secure tunnel is created
The gateways establish an encrypted tunnel over the
internet. This tunnel protects all the data that travels
between the two networks.
3. Data is encrypted and sent
When one network sends data, the gateway encrypts it
before it goes through the tunnel.
Site-to-Site VPN
How Does a Site-to-site VPN Work?
4. Data arrives and is decrypted
The receiving gateway decrypts the data and delivers it
to the internal network, just like local traffic.
5. Networks communicate securely
Both sites can now share files, applications, or systems
as if they were part of the same local network.
VPN protocols
VPN protocols ensure an appropriate level of security to
connected systems when the underlying network infrastructure
alone can't provide it. Several different protocols can secure and
encrypt data. They include the following:
• IP Security (IPsec).
- Secures data by encrypting it at the IP level, often used
in site-to-site VPNs.
• Secure Sockets Layer (SSL) and Transport Layer Security
(TLS).
- Encrypts traffic through a web browser, commonly used
for client VPNs.
VPN protocols
• Point-to-Point Tunneling Protocol (PPTP).
- An older, fast but less secure VPN protocol mostly replaced
by modern options.
• Layer 2 Tunneling Protocol (L2TP).
- Often paired with IPsec for added encryption, used to
create secure tunnels.
• OpenVPN.
- A flexible, open-source protocol known for strong encryptio
and cross-platform support.
Benefits Using a VPN
• The ability to hide a user's IP address and browsing history.
• Secure connections with encrypted data.
• Bypassing geo-blocked content.
• Making it more difficult for advertisers to target ads to
individuals.
Challenges of Using a VPN
• Not all devices support a VPN.
• VPNs do not protect against every threat.
• Paid VPNs are more trusted, secure options.
• A VPN might slow down internet speeds.
• Anonymity through VPNs has limitations -- for example,
browser fingerprinting is still possible.
VPN Management
• Configuration and Setup
Establishing and configuring VPN servers, clients, and
protocols to ensure secure connections.
• Monitoring and Maintenance
Regularly monitoring VPN performance, user activity, and
security logs to ensure optimal operation and address
issues.
• User Access Control
Managing user permissions, authentication methods, and
multi-factor authentication to control who can access the
VPN.
VPN Management
• Security Updates and Patches
Keeping VPN software up to date with the latest security
patches to protect against vulnerabilities.
• Troubleshooting
Resolving connection issues, performance problems, and
ensuring that the VPN remains functional and secure.
References
https://www.cisco.com/site/us/en/learn/topics/security/what-is-a-
virtual-private-network-vpn.html
https://www.esecurityplanet.com/networks/how-does-a-vpn-work/
https://www.geeksforgeeks.org/difference-between-site-to-site-
vpn-and-remote-access-vpn/
https://www.paloaltonetworks.com/cyberpedia/what-is-a-remote-
access-vpn
https://www.puredome.com/blog/how-does-site-to-site-vpn-work
https://www.techtarget.com/searchnetworking/definition/virtual-
private-network
THANK YOU!!!