I’m trying to learn more about how VPN services work. I think I have a pretty good idea of the basic concept, but I cannot understand why they call it a VPN. I think I understand the concept of something like a work VPN - the employees connect to the VPN server that is hosted by the company, and then once you’re connected to the work VPN server, it can route you to offline (private) internal work resources. And those websites, or share drives, or whatever, are all networked together, that’s why you’re able to access them. Because you are connected to the network that is both virtual and private. A Virtual Private Network. This makes sense to me, and I think I understand the concept.
What I cannot understand is why the publicly available VPN services are called VPNs? How is this not just a proxy? You have an encrypted tunnel to a server that is run by this company, and it acts as a proxy for all your traffic. In what sense is this a virtual private network? How is this even a network at all? In what way is a VPN involved in this process? From what I can tell, we’ve just chosen collectively to use the term VPN to describe something that isn’t actually a virtual private network?
I’d really love if someone could help clear up my confusion here. And please correct me on anything I’ve said that is wrong, or if anything I’ve said needs some additional context. I am trying to learn, and I’ve read a lot on the subject in the past few weeks but I cannot figure out the answer to this question.
Technically, any encrypted tunneled transport, regardless where goes to, is a virtual private network. You could just as easily call it an encrypted tunnel and it would be the same thing.
Virtual because to your computer, it’s a new network interface
Private because it’s got encryption
Network because it goes to some other place, even if that other place is another ISP
When using a traditional VPN, you are essentially connecting to a virtual private network.
You have your [local LAN]-[PC] --connect_to–>[VPN–> | <------- Remote Network.]
The remote firewall that handles the VPN attaches you to the VPN network, and handles any traffic between the VPN Network and the Remote Network though the routing functionality and firewall service.
So essentially the VPN is a virtual private network inside the remote firewall/router.
Unlike a VPN, a proxy does not encrypt your connection to the proxy server.
The reason why they’re called VPNs is because they used VPN technology to create this more secure, proxy-like service that they confusingly also just called a “VPN”. I.e. the technology businesses use to create virtual private networks is the same technology VPN providers use to connect you to their servers.
I disagree with people calling ANY encrypted connection between 1 device and another a VPN. I believe that is way to loose of a definition. The “Network” in the name has to do more with Multiple devices connected together, not just 1 to 1. So a proxy that is encrypted is not a VPN in my book. I don’t believe that most people in the Networking field will consider any encrypted connection between two devices a VPN.
I feel like it’s a term that we’ve all adopted. Think of it like this for example: when torrenting, it’s a peer-to-peer connection. Comprised of Seeders (those who have the full file ready to be leeched from), and Leechers (those who connect to the seeders to retrieve the file piece by piece from the seeders). Companies are, in a way, peer-to-peer networks. Utilizing VPNs keeps unwanted access outside the company from snooping around their servers. Same with torrenting (or other uses that would handle sensitive, personal information). Though not all VPNs can be trusted due to the service(s) keeping logs of the activity that they can use against you, or the service “leaks”/drops/goes offline enough to put your personal information at risk.
technically, a proxy doesn’t encrypt data, and a VPN doesn’t act as a proxy, just an encrypted connection to another network (i.e. the server)
… what we know as a VPN bundles both services in one. but I guess calling it “proxy + VPN” is too complex anyway. and you DO need to connect to *somewhere* with the encrypted tunnel, because guess what, most internet servers (i.e. google or any webpage or any other service) don’t offer the possibility to connect via an encrypted server. and even if they did, that will only hide traffic content from any middle servers (namely your ISP), but would offer you zero privacy benefits – i.e. google would still get your IP and yada-yada.
Thanks, this is helpful. So if I set up an encrypted tunnel to a proxy server, and then routed all my traffic through a proxy, you could call that a VPN?
" they used VPN technology to create this more secure, proxy-like service that they confusingly also just called a “VPN”. I.e. the technology businesses use to create virtual private networks is the same technology VPN providers use to connect you to their servers"
This is incredibly helpful and I think this is really the answer to my question. It’s not so much that they’re creating a “virtual private network”, but rather, they are using VPN software to sell a service that functions the same as an encrypted connection to a proxy. Do I have that right?
A proxy can easily encrypt your connection. Just check out VLESS, VMESS, any modern proxy protocols. Almost all have support for encryption. The difference between a VPN and a proxy is a VPN is just that. A virtual private network with a TUN/TAP interface for the end user. A proxy is just a proxy used for fowarding traffic
A proxy can easily encrypt your connection. Just check out VLESS, VMESS, any modern proxy protocols. Almost all have support for encryption. The difference between a VPN and a proxy is a VPN is just that. A virtual private network with a TUN/TAP interface for the end user. A proxy is just a proxy used for fowarding traffic