Skip to content

VPN

Reading time 3 minutes

Updated – May 4, 2024

VPN stands for vvirtual Privals Network. Virtual, because it is a network that establishes a connection between two points via various servers (VPN gateway) in an external network. For example, the home office (network A) via the Internet (network B) with the employer's network (network C).

Basics

Data encryption and access authorizations are usually managed by the respective router or separate, more powerful VPN hardware. The VPN protocol represents the transport route of the individual data packets and ensures their delivery to the correct recipient using externally 'imprinted' address data, similar to a package sticker stuck on the outside, via the so-called VPN tunnel, which cannot be seen or even manipulated from the outside. The content of the data packets cannot be recognized by the VPN protocol. Every forwarding of a package from one network to the next is implemented by re-addressing, i.e. changing the package label, until the package has reached the final recipient. Only this person is able to open the package and unpack the data.

If someone has physical access to the servers involved, they can trace the path from the sender to the receiver and vice versa. If the provider supports multi-hop functionality, i.e. switching between different servers in different countries, this becomes almost impossible, because the provider would have to be physically present on site at the relevant servers in the respective countries at the same time...

Since every server has an IP address that uniquely identifies it, every server request is always traceable. As part of political measures, states block certain IP address ranges and therefore access to websites of other states.

VPN also comes into play here, because if a user accesses a website via VPN whose IP is blocked, this request is packed into a VPN package and then sent via the VPN provider's VPN server to the desired, officially blocked, forwarded to the server, which in turn unpacks the package and packs the requested contents into the returned package, which is unpacked again on the recipient side and the contents of which are displayed on the corresponding website.

VPN enables the establishment of secure data connections via the network of countless VPN servers via connections that cannot be controlled from the outside and may even change periodically, even across different countries.

Selection criteria

How to use VPN? What do you need for that? Is VPN hardware or software preferable?

Well, many roads lead to VPN. The easiest way is to find a VPN provider through which you can set up a VPN connection to one of their available VPN servers using a program provided (VPN software).
Here, the provider's data center takes over the burden of data encryption.

Alternatively, you can use a router with a built-in VPN function, enter the relevant provider data to set up the VPN connection and leave the task of data encryption to the router, which can, however, lead to a slowdown in data traffic, as usual routers are usually not able to do this computing power are designed.

Another option is to use a device (VPN hardware) that is looped between the DSL connection and the router and implements the VPN connection provided by the provider, including encryption.

The disadvantage of VPN software is that online streaming services such as Amazon Prime recognize as soon as a VPN connection request is received and reject it. VPN hardware, as listed below, still allows their use without restrictions.

VPN hardware

Which VPN hardware is available? In addition to the additive VPN firewall, which only allows VPN packets to pass through that have been appropriately legitimated, or only forwards incoming VPN tunnel packets to the respective server via its Internet interface, currently offers Shellfire with the Shellfire box with up to 50 MBit/s downstream and unlimited traffic.

VPN software

VPN software is made available for download by VPN providers and offers different performance features.

It is important to ensure that there are as many servers as possible in as many countries as possible, that connection data is not logged, as many simultaneous connections as possible, WireGuard support (for higher processing speed), SmartDNS (to enable streaming on smart-enabled devices), Split Tunneling (both an encrypted VPN and a direct, unencrypted Internet connection are established in parallel, e.g. to the local printer) and, last but not least, multi-hop (a process of cascading VPN connections in which, for example, after each data packet is transferred to the subsequent server of a newly established AND re-encrypted VPN connection, neither the incoming nor outgoing server can be determined with reasonable effort and speed). However, multi-hop technology should be questioned by the provider regarding the aspect of renewed encryption, as some people change the server but do not renew the encryption.

An important point in the sense of complete anonymity: Very few providers allow the use of their service without registration or any proof of identity, including anonymous payment, such as the Swedish company Mullvad VPN.

The most expensive provider does not necessarily have to be the best. However, anyone who maintains thousands of servers in dozens of countries with acceptable speed, security and anonymity must also charge a correspondingly higher fee.

Software VPN providers – a selection

Two VPN providers are preferred by trade magazines NordVPN based in Panama and CyberGhost in Romania, whose server network is comparatively better developed, but the data throughput and streaming capability are less good. If you need a dedicated IP or are a gaming fan, you'll get your money's worth here.

A free and solid solution is offered by hide.me VPN based in Malaysia and six freely available servers, e.g. in Finland with 50 MB/s download rate, split tunneling and full IPv6 support.

In connection with the Teltonika Router RUTX50 results with CloudConnexa a free option to use up to three VPN connections. More on this in a separate article Contribution.

Leave a Reply

Your email address will not be published. Required fields are marked *

en_USEnglish