A VPN, or Virtual Private Network, is a method of linking two locations like they are on a local private network. There are several reasons why you might want to set one up. Usually there is an aspect of convenience and you might also want to add security to your connection.
Let’s go over several reasons why you might want to set up a VPN tunnel and then look at the differences between running a tunnel versus running a complete VPN service on your machine.
What Is A VPN Tunnel?
A “tunnel” is simply a link between two locations through some other material. A good analogy is a tunnel that goes under a mountain. Both sides of the mountain are linked up through a direct path; in this case the “mountain” is the Internet. So essentially a tunnel is a direct shortcut through the Internet.
Although by definition a tunnel is not encrypted, typically the reason that you are creating one is that you want to add some encryption to it. Let’s say you have a branch office in one location using a regular Internet connection and then you want to connect to a server somewhere at your main office location. Since the data you are transferring between offices is likely sensitive, you wouldn’t want someone to be able to view that data while travelling over the Internet. That is where a VPN tunnel comes into play.
Why You Might Want To Set Up A VPN Tunnel
There are many reasons you might want to set up a VPN tunnel. The first reason many people use this for is to encrypt a TCP/IP connection from an application to a server. Some applications, mainly ones based on a client/server protocol, need to connect to a database server to access their data. Using a tunnel is an excellent way to not only make the connection easier for the end user but also to secure the communications.
The second reason is that you want to encrypt all of your traffic leaving some location. A tunnel can be set up, by using a regular or transparent proxy, to transfer all of your Internet data via that tunnel.
How To Set Up A VPN Tunnel
Jorge wrote up an excellent tutorial on how to tunnel web traffic with SSH Secure Shell. That tutorial is for forwarding all traffic in a web browser, but we are only using a local port forward to create a simple “tunnel” between machines. For this example, let’s say we want to forward local port 5555 to remote port 80, to securely access a web application on a remote machine. This tutorial also assumes we have a working SSH connection on the machine to encrypt the traffic.
- First download Putty and run the executable. Fill in the hostname (IP) and other access information for SSH access.
- Now enter the Connection->SSH->Tunnels menu. Here is where we configure the SSH tunnels. Enter your port information, for the above example the number and settings are shown below.
- Once you connect, Putty will open a screen connecting to the remote location. You could also set it up so that it does not launch a shell – it will then just show a blank screen, but the tunnel will still be open.
- Your tunnel is now ready for use. Open a web browser, or point whatever application you are configuring to localhost, and the port to whatever you set to forward. In this example it is port 5555 and forward it to the web server.
Even though you are not running a web server locally, you will see that you are connecting to the remote server just like it is running on your local machine. That is why it is called a tunnel – it is a direct connection to a remote place through a mountain of the Internet.
Do you have any other unique reasons for setting up a VPN tunnel between two machines? Please share your ideas below, and as always let us know if you have any questions about setting this up!
Image credit: Geograph