Introduction to VPN technology and commonly used VPN networking methods in enterprises

VPN (Virtual Private Network) refers to the use of public networks, mainly the Internet, to establish a private network to transmit private data.

What does this mean? We can explain it from some needs, because all technologies are created to meet certain needs. Imagine that the company has such a system, such as OA (Office Automation) system, financial system, which can only be accessed when you are in the company, and cannot be accessed once you leave the company. We call these systems internal systems, and their network environment is the internal network. Because these systems are very important to ensure sufficient security, these systems must not be connected to the Internet. Once connected to the Internet environment, they may be attacked, which is very dangerous.

So what should we do if we want to access these systems when we are not at work? In theory, we can use a dedicated line, which is equivalent to a long enough network cable, to connect to the company's internal network to access them, but this method is of course unrealistic. The reality is that we can use the Internet, because the Internet has been built there, so VPN technology was born. It creates a secure private connection on the Internet public network. The public network is unaware of the existence of VPN, and there is no need to make any changes to the public network. VPN only uses the data transmission capacity of the public network.

[[279299]]

According to the different network access methods, there are two main VPN access methods commonly used in enterprises, namely Site to Site connection method and Remote Access connection method. Site to Site is mainly used for connections between important sites of a company. For example, if a company has branches in other places, the employees of these branches will of course also need to access the internal system of the company headquarters. Site to Site VPN technology is transparent to end users, that is, the branch cannot feel the existence of VPN technology, because this method has established a connection through the VPN equipment of each site, so it will feel that the sites visited by each other are located in the same intranet. Site to Site VPN connection technology can only meet the connection between company sites, that is, users must be inside the company to use this technology to connect to other sites.

If the user is away on a business trip, site-to-site VPN connection technology is not applicable. In this case, remote access VPN connection technology is needed. Remote access VPN generally requires the installation of a VPN client on the client computer in advance. The client varies depending on the specific implementation technology used. The most convenient way is to dial to the company's VPN gateway device by entering the VPN account and password through the IE browser. If the dial-up is successful, the client is virtually connected to the company's VPN gateway through a network cable, and then obtains an IP address to access the company's internal server.