VPNs aren’t a new invention. They have been around for almost a quarter of a century. However, the general users took notice of VPNs only for the last five years or so. Due to growing security and privacy concerns amongst the ideal internet users, demands for tools like the VPN increased several folds. The VPN industry witnessed a staggering quadruple jump in the period between 2016-19 alone. All these facts are a testament to this quintessential service, though; a VPN is more than a simple tool for spoofing your IP. With advanced functions like VPN Gateway, a VPN has a lot to offer other than letting you stream your favorite Netflix. A VPN Gateway; (or a VPN router as some call it) is a function that businesses or corporations use to connect two or more LANs over an insecure network such as the internet.
VPN was invented back in 1996 by a then Microsoft employee who had started developing PPTP. Peer-to-peer tunneling protocol or PPTP lets computers connect to the internet via a more secure and private connection. This set of specifications were published in1999, thus officially paving the way forward for modern VPNs.
VPN: A brief history
A VPN is a private connection allowing users to access the internet while remaining anonymous. No, a VPN doesn’t help you with malware and digital attacks but protects your data traffic by using a bunch of protocols like PPTP, L2TP/IPsec, IKEv2, SSTP, OpenVPN, WireGuard, etc.
Initially, it was intended and used almost exclusively in a business. As businesses had sensitive information they didn’t want to fall into the wrong hands, there was a demand for a technology that connected their various remote locations over a public network without the fear of anyone intercepting the data. However, the core of the idea was to gain access to remote areas without relying on the public network. It was much later that the population realized the potential a VPN has to offer.
With the increase in awareness of the general users, it has been adopted since; as one of the most popular privacy tools.
Types of VPN
Over the years, a VPN has witnessed specific changes according to its usage and the technology available. With different and better connectivity protocols, a VPN can be broadly classified into two types.
Remote Access VPN
Remote access VPN is the VPN a private user comes into contact with. Simply put, remote-access VPNs allow the users to connect to a secure server and gain access to a network remotely. Commercial VPN services utilize this VPN type. This VPN is for home users. It is capable of bypassing regional restrictions and spoofing IP locations.
Site-to-Site VPN is way diverse from its counterpart. It works differently. At its core, Site-to-Site VPN provides multiple users at fixed locations the ability to access each other’s resources. Big businesses and corporations use Site-to-Site VPN (or router-to-router VPN). This VPN isn’t easy to install, as it requires specialized equipment and heavy resources. It isn’t as flexible as commercial VPN services. Router-to-Router communication is the basis for Site-to-Site VPN.
A VPN Gateway is a service provided with Site-to-Site VPN. There are two subs of this VPN.
- Intranet-based Site-to-Site —- Communication between various branches/sites of the same company.
- Extranet-based Site-to-Site —- Communication between separate offices/areas of different companies.
VPN Gateway(VGW) an introduction
The advent growth of the internet gave rise to heightened demand for a sophisticated security system. It resulted in the VPNs of now. A VPN has a huge user base, with approximately 5% of total internet users using VPNs daily. This alone shows the stability of this tool. While most consumers use VPNs for personal reasons, it certainly is not limited to spoofing IP addresses and bypassing Netflix restrictions. Due to Site-to-Site VPN, big corporations have their consideration for how they use VPNs. One such functionality is a VPN Gateway, one of the cores of VPN technology.
A VPN Gateway is a networking device and or service. It connects two or more networks or devices (servers/computers/routers/nodes) in a virtual infrastructure over a nonsecure network like the internet. It can bridge the connection or communication between two or more remote sites, networks, or devices. A VPN Gateway (VPN routers) can also connect multiple VPNs.
VPN Gateways can be a networking service(virtual), routers, firewalls, servers, or devices with similar inter-networking and data transmission capabilities. A VPN gateway is generally installed on the core VPN infrastructure. It can block, pass, or route VPN traffic. VPN gateway provides services such as IP address assignment and management, dynamic and static routing, and the maintenance of routing tables.
Note – A VPN gateway can be virtual. It can be in the form of a service provided by a third party like Amazon or Microsoft based on Cloud computing. In such cases, companies like Amazon develop their gateways which a customer can use via their services.
VPN Gateway as router
A VPN router is a particular device that routes traffic within a VPN environment. It is a routing device that works specifically to enable network communication within a VPN environment.
A VPN router enables core packet routing and network communication services. It provides the ability to share and provide VPN connectivity to multiple devices within the same network. Some routers are portable and easily installed, while some require specific installation dependent on heavy resources. A VPN router utilizes more than one networking/tunneling protocol to create and manage communication within a VPN network.
VPN Gateway as server
As a combination of hardware and software, VPN servers are a technology that provides VPN clients (end software) with connectivity to a secure private network (VPN). It enables the hosting and delivery of VPN services.
A server with a VPN server software installed and configured is what we call a VPN server. It generally has more logical and physical communication ports. The main functionality of a VPN server is to provide VPN connection and services to remote and or local VPN clients.
VPN Gateway as firewall
A VPN gateway can act as a firewall to perennially protect against unauthorized and malicious users intercepting or exploiting a VPN connection.
It can either be in the form of software, hardware, or an all-in-one firewall appliance. Typically installed at the server end of a VPN, it is configured with filters to allow only VPN-specific packets to pass through. In the same way, when installed at the front, it permits only the tunnel data on its internet interface to advance to the server.
What is a Gateway?
Before understanding what a VPN Gateway is, we have to know what gateway means.
As the name suggests, a gateway is just a gate. It allows/disallows data from entering/exiting the network. In technical terms, a device that sits between different networks or applications is a gateway. It converts information, data, or other communications from one protocol or form to another. Ordinarily, a gateway transfers data between LANs and the internet. A gateway can be more like a protocol converter.
A gateway is a network node that connects two networks with different transmission protocols together. They serve as an entry and exit point on a network. As such, each bit of data has to pass from the gateway. Due to this, a gateway can often work as servers and firewalls if needed.
The main advantage; of a gateway on a corporate infrastructure is to simplify internet connectivity into a single device. Many people recognize a gateway as a router, but there are times when routers and gateway are too different.
Difference between a gateway and a router
Gateways and routers are often one and the same. They can both regulate traffic between two or separate networks. However, a router can join two different networks but with the same protocols. On the other hand, a gateway can similarly join two separate networks; but with different protocols.
Thus, a router is always a gateway, but a gateway isn’t necessarily always a router.
VPN gateway as a Network service
A VPN gateway is a virtual gateway; used to send encrypted traffic between a virtual network and an on-premise location. It can operate over a non-secure network, such as the internet.
Generally, a VPN gateway connects to either a single VPN gateway or multiple VPN gateways to extend the LAN. Corporate networks connect to a VPN server running Routing And Remote Access Service (RRAS). However, the actual connection holds over the internet. That means for a VPN gateway, the configuration settings need the address of the LAN connected to a public IP address.
A few factors that affect VPN gateway design and implementation are:
- IP address assignment
- Name resolution
- Dynamic routing
- Auto-static routing updates
- Routing table maintenance