so basically i need to use a vpn to login to the remote office server via a terminal but when i check my ip it doesn’t change with & without the vpn…
so what’s the purpose of this vpn and how does it works basically?
It may be setup as a split tunnel vpn.
Split tunnel, the VPN can be configured to only route traffic targeting specific IP ranges over the VPN, the rest still go through your regular internet.
This VPN is doing authentication. VPNs may be used to do other things, but they’re really designed for secure connectivity to another network. Your company also may not want the overhead of forces tunneling.
Want to understand why the company i work
Ultimately you should talk to your company if you’re looking for an accurate answer.
It likely is giving you a VPN IP to access company-only resources.
Talk to your management or company I.T. if you have questions about this.
To put it simply - it is very likely due to the type of VPN- it will connect you to your work network but not route all traffic through the VPN.
My company uses a vpn as well. They don’t want spying.
ah ok i see but what security does the vpn provides compared to connecting without a vpn? can the vpn encrypt all the incoming and outgoing data that normal connection won’t? is there anything else i might miss here regarding the vpn usage? thanks again
It’s not so much about keeping your computer secure as it is about keeping their network secure: nobody can access the network who doesn’t have VPN credentials.
yeah, so the way to think about a VPN is it’s a tunnel between you and your employer.
Everything in the tunnel would had additional layers of encryption. Also because the VPN requires a client on your computer, they can use that as a point to inspect what applications are trying to access the corporate network, etc.
And in your case they’ve specifically set it up so that only your connections to internal corporate apps go over the VPN.
In many cases those apps just aren’t available on the internet. That’s a good way to ensure that the only people that have access to that system (even to the login page itself) are already known and authenticated correctly.
what security does the vpn provides compared to connecting without a vpn?
How would you connect securely to your company resources??
can the vpn encrypt all the incoming and outgoing data that normal connection won’t?
Yeah… because you need a way to get INTO the company resources. What exactly is a “normal connection”?
VPN proxy companies that advertise everywhere have destroyed the name of “VPN”. They’re proxies that use VPN as the technology to connect…but a VPN literally stands for Virtual Private Network.
It’s a way to connect to another network securely.
For a corporate VPN, what they want to achieve is only securing part of the traffic related to their business, the rest is your problem.
Although usually corp VPN adapter will push their private DNS settings, depends on the configuration, this may have the side effect of securing your DNS queries for everything on the PC as well.
Forced tunneling would mean that your vpn software would add a route to the route table which would force all traffic to the VPN endpoint in the office. From there, your traffic would go thru whatever their processes are.
But your VPN sounds like split tunneling. This means that work traffic is routed to the office and all other traffic egresses normally. The office traffic would be encrypted but not your regular traffic. This is just about gaining access to office resources.
The only security this provides is verifying your endpoint (laptop) and encrypting office-bound traffic. If you’ve logged in via usn/psw (or certificate), they know that you are yourself. Maybe your NetAdmin had to add your home IP to a whitelist of some kind. Maybe they have some kind of Network Access Control. Anything directed to the office will be encrypted. That’s about it for security though.
That makes sense that what I was missing hehe… but my ISP still see the same whether I use the VPN or not right? Is just see that my IP is different aka thinking I’m a different person or
It basically being far away from a device but acts like it’s next to you on the same network? Does it avoid sending the content through my ISP? If not where’s the security or difference if I’m using a VPN or not? Also can I be connected to multiple VPNs stimutuoansly?
it’s not about pretending to be close.
It’s about pretending you’ve got a dedicated physical connection all the way there. Imagine there was a cable that ran out of your house all the way to the office. That would be a “private network”. this is a “virtual private network” in that you’re pretending such a cable exists when it really doesn’t.
The traffic still passes through your ISP, but it does so in an encrypted form. This gives two important benefits:
- Security, of course. The ISP can’t read the contents.
- Simplicity. If the traffic wasn’t tunneled, the ISP would have to know intimate details about how the company’s network was built in order to know how to send the traffic to the right place. But since the traffic is tunneled, the ISP just needs to know how to get to the other side of the tunnel. Then your company’s network takes over from there.
It’s like sending a package inside a package.
the inner package might say “take this to TheGreatTriscuit’s desk”. The post office doesn’t know or care where my desk is. So you put that box in a bigger box that says “take this to Nabisco Corporate headquarters at whatever address”. The post office DOES know how to get there. Once the package arrives at the headquarters someone opens it, sees the inner package, and delivers it to my desk.
this process is called Encapsulation and it’s maybe the most important foundational concept of computer networking.
EDIT: I forgot to actually answer you question about multiple VPNs.
So since this is a virtual cable… then you can certainly imagine having more than 1. Your computer would just have to know which traffic to send down which (virtual) cable. And in theory that’s totally fine. Except they often conflict with each other. There’s no reason they HAVE to conflict with each other, but they just do a lot of the time. Often it’s a bad idea just because it can break things and be difficult to get working properly.
If your work VPN is ever broken the first thing they’ll tell you to do is get rid of any other VPNs. Also there very well might be policies against such things, so that all just depends.
It basically being far away from a device but acts like it’s next to you on the same network?
It puts you in the same network space as your resources.
Does it avoid sending the content through my ISP?
Everything that goes through the tunnel is encrypted. Your ISP will see that you have a VPN tunnel, and some traffic is riding on that tunnel, but they can’t see the actual traffic.
If not where’s the security or difference if I’m using a VPN or not?
You completely disregarded my question of “HOW WOULD YOU CONNECT SECURELY TO YOUR COMPANY RESOURCES?”. Without a VPN, how do you propose you connect to your company fileshares? Internal applications that you should never publish on the internet?
The security is that you can access company resources SECURELY without exposing all your company applications to the internet.
Also can I be connected to multiple VPNs stimutuoansly?
Yes, but again, you need to understand the PURPOSE of a VPN to connect to your company resources.
intersting… but how come with the vpn the data can’t be seen by the isp but without vpn it can? i understand that the vpn makes it go through the server of the vpn that makes sense , but why it becomes hidden aka encapuslated that withotu a vpn it’s not? that the only part i didnt get yet
thanks again
I understand that it provides the company a security layer by not letting any IP connecting… that’s all I understood so far, anything else that it provides?
Encryption. In addition to encapsulating the traffic, the vpn also encrypts all the original data.