Dear Tecnogalaxy readers, today we’ll talk about VPNs, you’ve probably heard about this service many times in the last few years, but you’ve never wondered what it is and how it works?

A VPN (Virtual Private Network) allows you to create a virtual private network that guarantees privacy, anonymity, and data security through a confidential communication channel between devices, that are not necessarily on the same LAN network.


VPNs are used in most cases by private companies, public administrations, and most importantly they are used to cut costs in building your own secure network.

Using an MPLS (Multiprotocol Label Switching), is a technology for IP networks that allows to route multiprotocol traffic flows between source node and destination node through the use of identifiers between pairs of adjacent routers and simple operations on the labels themselves, usually companies such as Telecom, Vodafon, Irideos or Fastweb offer this type of service, obviously the costs compared to creating a VPN are very high.

However, the use of a VPN is also used by many private users who prefer to surf the net to be able to explore and exchange data on the Internet safely and without restrictions or geoblocking.

There are different types of VPNs, these networks are divided into remote access networks and site-to-site networks:


Remote access connections allow users (for example, smart working users) to access a server on a private network over the Internet.

This type of connection can be seen as a link between a PC (client) VPN and the company (Server).

For example, it is as if we had a dedicated and private link.


The site-to-site connection is used to connect to a private network, (always using a public network), offices located in multiple locations or offices of other organizations, this type of connection allows routing and secure communication.

Each location will have a dedicated router, (a node of the VPN network )that will route the data packets to the recipients (homologues according to a client/server model), thus sharing the information with the remote locations all transparently.

Technically, you can distinguish two sub-classes of site-to-site VPN, the first class (VPN-Intranet) when you join multiple locations of the same company, the second class (VPN-Extranet), when you join companies and/or offices outside the organization.

Within this distinction we can further classify the VPN into:

Trusted. The ISP (Internet Service Provider) that provides us with the internet connection, ensures the creation of a series of paths with precise security features, assigning a fixed IP address and applying a policy of security information cretta.

Secure. This type of VPN, ensures the creation of a tunnel between the nodes of the private network through encryption protocols, this data inside the tunnel is inaccessible to interception attempts.

Hybrid. It’s a mixed type of private network, it’s used in cases where a company with a Trusted VPN also needs a Secure VPN.

How a VPN works

As we know, the network infrastructure used by the mechanisms of a VPN is the Internet (certainly a cheaper and more profitable network, spread around the world but inherently insecure).

Precisely for this insecurity we need measures that exceed the characteristic limits of an unprotected public network: tunneling, authentication and encryption.


This mechanism involves establishing a (safe tunnel) between two entities that could also be on the other side of the world.

There is no tunnel materially, there is only a logical connection through an IP network, so the two ends of the tunnel even if distant and connected through many intermediate nodes, during the logical process virtually become adjacent as if they were in the same stable.

The data at the start is bagged by the tunneling protocol and sent on the network to the exit of the tunnel created, when the packet is received the enveloping is removed and shown to the recipient.


The authentication process, (obviously depends on the type of protocol adopted), is necessary to authorize access and ensure transmission so as to ensure non-repudiation.

Regardless of the type of VPN used (site-to-site/remote access) to establish a connection between a computer and its server, the steps can be summarized as follows:

  1. the client contacts the server.
  2. the server notifies its presence.
  3. the client requests the server to be identified.
  4. The server verifies that the connection attempt is authorized.
  5. the server responds to the authentication request and authorizes communication with the computer.
  6. start communication between the computer and the server.


Encryption is a technique that ensures the confidentiality of information transmitted by one device and the other.

The data becomes unreadable through a digital algorithm in a data encoded and incomprehensible for those who are not authorized, to be read the decryption function performs the reverse path.

The type of encryption, type of authentication used, depends on the communication protocol that is adopted by the provider offering the service.

The encryption algorithms are categorized into symmetric and asymmetric and based on hashing:

Symmetric algorithm: This technique uses the same key to encrypt and decrypt data.
Asymmetric algorithm: This technique uses a different key to encrypt and decrypt data.
Hashing: This technique uses a feature called a unique hash to protect data integrity as well as confidentiality.


Data transmission in VPN uses appropriate protocols, the choice depends on the needs and requirements you want.

Let’s see the specification of these protocols, among the most common are PPTP, L2PT, IPSEC, L2TP/IPSEC, SSL/TLS and HTTPS.

There are free and paid VPNs, of course the free ones in most cases have not 100% performance compared to paid ones.

Here are some of the best VPNs out there:


Surfshark is an advanced VPN solution that’s simple to use at the same time. It allows you to bypass regional restrictions and access foreign catalogs of streaming services.


Nordvpn is one of the most popular VPN services available on the market, it is practically compatible with all popular devices and operating systems such as Windows, macos, Linux, Android, iOS/iPadOS, Smart TV Android TV, Raspberry Pi, NAS, routers etc. The service can count on many servers around the world and very reliable.

Mozilla VPN

Mozilla VPN is a VPN service proposed by browser developer Firefox, we have the ability to browse anonymously and securely by masking our location, uses device-level encryption, and there are over 400 servers in 30 countries to connect to.

We can connect up to 5 devices at the same time without limitations in terms of bandwidth, obviously with all these options is paid.

As always make good use of it by making tests on your devices / computers , making them on devices/ computers is illegal.

To the next article!

N.B.: I do not assume any responsibility for the use that you will make of the guide, as drawn up for educational and educational use.

Was this article helpful to you? Help this site to keep the various expenses with a donation to your liking by clicking on this link. Thank you!

Follow us also on Telegram by clicking on this link to stay updated on the latest articles and news about the site.

If you want to ask questions or talk about technology you can join our Telegram group by clicking on this link.

© - It is forbidden to reproduce the content of this article.