How to set up your own
virtual private network (Part 1)
VPN is able to
provide a virtual and safe LAN from any distance and number of computers.
Darien Graham-Smith will show you how to make it.
Virtual Private Network (VPN) sounds like a
boring topic. Even if you don’t know what it means, the concept is easy to
understand and technology could be very useful.
To cut the story short, VPN enables two
computers or more which originally stayed on the same network – can be a LAN or
internet – communicate and share resources safely. It is imaginary because
there is no physical infrastructure: traffic sent on the current connection.
However, it uses encryption to prevent customers from connecting the virtual
network and accessing the content of information package delivered in VPN.
That’s why it’s ‘private’.
Benefits of VPN may be not clear
immediately. If you just want to safely exchange traffic between guests of the
network, of course, there are many ways to do it without establishing the
second network. For example, you can use applications supporting SSL
encryption, or file and message encryption locally before send them across the
network.
However VPN is more flexible. It allows you
to share drivers and printers through the virtual connection, and support many
protocols such as HTTP and FTP, with complete thoroughness for the operating
system and applications. In fact, members of VPN are linked simultaneously with
two separate networks.
With networks based on the office, where to
access LAN resources could be managed locally, VNP doesn’t seem to be helpful.
Nevertheless, it is useful in those situations in which developing a safe
physical network is impractical. For instance, if a team is dispersing
throughout the country, all members may want to access shared private resources
– but sharing confidential data on the public internet could get trouble and
using leased dedicated lines to develop secured WAN is an expensive method.
With VPN, the team can set up a safe virtual network on the normal internet
service of each member.
Virtual private networks can also serve as
an extension of its own physical networks, with the support of a VNP gateway
server. If a CEO needs to access LAN of the company while traveling, he can use
the internet service of the hotel to connect to this gateway server, and once
giving appropriate credentials, it transmits the network to the CEO’s laptop,
as if it was connected directly to the LAN.
It doesn’t mean that VPN is only useful for
employees who are geographically dispersed and who frequently travel by planes.
Ability which normal officers work at home easily and safely is not attractive
but it’s not unrealistic. VPN may also be useful for ordinary purposes, such as
sharing personal documents and media between friends in different houses, or
between students in different blocks. Virtual can also helpful for games and
enable you to set up online leagues for a lot private players.
Setting up VPN
Theoretic benefits of virtual private
network are clear now, but managing a network is challenging and the second
virtual network is definitely the same.
And the truth is, VPN technology makes a
regular network setting more complicated. Private traffic has to be routed
through a protocol such as L2TP (Level 2 Tunnelling Protocol), which encodes
VPN information package into UDP. The security provided by a separate protocol
which is usually IPsec. All these things need configuring appropriately – in
the operating system and may be on router – to allow all VPN clients to
communicate securely. Another challenge is that VPN clients are often far apart
in terms of geographic, so “try and see” method may not be convenient.
Fortunately, you don’t need to be a network
engineer to carry a VPN out. Due to the process is too complex for normal
computer users to configure, some network experts – including hardware
manufacturers for Cisco and Cyberoam – provide VPN client software handling
technical aspects for you. There is also Hamachi which is manufactured by
LogMeIn, the developer located in Massachusetts is widely known through remote
desktop service. You can try its trial version in http://tinyurl.com/hamachi-trial.
Introduce Hamachi
Hamachi is a kind of fish in Japanese –
amber exactly. Luckily, it’s no need to have profound knowledge to use it. In
reality, as the remote access system of LogMeIn, you don’t need to worry about
technical network concept, though you should know some main ideas to make use
of Hamachi.
Hamachi has some advantages. Firstly, it’s
a service based on the internet, so you can’t use it to set up a secure network
in the LAN of your company or isolated network at home. If you want to do it,
you need to invest into advanced VPN system.
If you just want to form a private VPN for
8 computers, you can install and run free software. With 32 computers maximum,
you will have to pay 19USD/year for the standard subscription.
However, if you’re eager to use Hamachi in
business environment – where VPN is usually the most useful – you are allowed
to evaluate the free service in 14 days. After that, you have to pay for
premium subscriptions, with 119USD/year for each subscription, so if you work
in large teams, cost for each computer is really low.
Different types of virtual network
Because virtual networks work as same as
real networks, they can be arranged in similar connected structures. Hamachi
supports 3 organizing models for VPN. The simplest model is “mesh” network, in
which all computers are connected each other, setting up a co-ordinate virtual
LAN. A “mesh” VPN doesn’t need managing: it can be establish in the moment and
exist till 2 computers or more are involved.
A more elaborate network is what Hamachi
call “hub-and-spoke”. In contrast with mesh network connected fully,
hub-and-spoke network is focused partly or completely. Each member is assigned
as a hub or a stroke, and while all members connect to hubs, spokes can’t be
connected together. It means that clients are able to share central resources
as database or disk storage while being isolated safely from other clients. In
fact, hub-and-spoke network with an only hub forms a normal star. Hub-and-spoke
network in which all members are hubs is the same with mesh network about
functions; hub-and-spoke network without hubs is not a network.
The third type is gateway network – the
kind of network is used in the example about the CEO in vacation above. In this
model, a computer which is set as gateway is connected with the current LAN,
and also establishes VPN. Other clients connect with the gateway through this
VPN then transit to access resources on LAN.
