Last Update: August 17, 2023
VPNs are convenient and also protect your data and privacy. They can also preserve your anonymity. Using a VPN today is simple. You download an app, click Quick Connect, and you're connected to the VPN and protected. However, you may have wondered how does a VPN work?
In short, you communicate via a secure tunnel with the VPN server and third parties can not snoop. VPN are suitable both to protect your data and anonymity, and to avoid annoying geoblocking. Let's take a closer look.
VPN is an acronym for Virtual Private Network and that's exactly what it is. It is a private network that is sealed off from the outside world. Think of it like your home network. All devices connected to your router are on a private network, often in the 192.168.0.x (IPv4) address range. Most home routers are configured so that the devices connected to them can access the Internet, but cannot access it from the outside.
A virtual private network is similar, but across sites - so the devices do not have to be in the same location.
In the past, VPNs were used exclusively by companies. Field workers who used third-party networks could use a VPN to dial into the corporate network. After that, the device is part of the corporate network, even if it is in another country, for example. The device is protected by the company's firewall and so on.
Normally, your Internet traffic goes through your ISP's servers. So they can see what DNS requests you make and what websites you visit. Since most websites are encrypted with HTTPS these days, the ISP can't track your communication. However, it knows a lot about you. If the ISP gets a request from the authorities, then the government also knows what you are doing.
If you use a VPN, all your traffic is routed through the VPN provider's servers - including DNS requests. Neither ISP, nor government, nor other snoopers see what you do on the Internet. The most secure VPNs have no-logs policies and do not collect your data. That's why they can't share anything in response to government requests.
In short, your network traffic is routed through a secure tunnel to the VPN server, and your communication with the Internet runs through it. The tunnel is so strongly encrypted that it can't be cracked using conventional methods.
First of all, your virtual location changes. Let's say you are in Europe and connect to a server in the US. Now it looks like your device is located in the USA. Websites you visit will see the IP address of the server you are connected to and no longer your actual IP address. Also, all your traffic is routed through the VPN server, including DNS requests, and no longer through your ISP (Internet Service Provider).
This solves several problems:
Thanks to good providers with clients for all popular operating systems, connecting to a VPN is easy these days.
Find a VPN provider that supports the most popular operating systems. NordVPN and CyberGhost offer apps for Android, iOS, Windows, macOS and Linux. Moreover, you may use them on routers and there are browser extensions for Firefox and Chrome.
For cell phones you can find the apps in the corresponding stores and for Windows, macOS and Linux there are corresponding packages. The installation usually takes only a few minutes.
Here it depends on what you want to do. If you want to protect your data and remain anonymous, it is best to use the fast connection. In this case, the app will search for the fastest server for you. If you want to avoid geoblocking, you connect to a country that shows your program.
So you see, the question "How does a VPN work?" is no longer very technical. The services have become so user-friendly that anyone can use them.
Many streaming providers use so-called geoblocking for licensing reasons. If such a region lock is in use, you can only watch the corresponding shows if you are in the correct country. Your IP address reveals in which country you are located.
With a VPN, however, you can virtually move. In our example above, you connected to the US. Now it looks like you are visiting the websites or streaming providers from the USA. If certain shows are only licensed for the USA, you can still watch them, even if you are in Europe. You've beaten geoblocking.
Finally, a short excursion to the VPN protocols. They are the transport for your traffic, so to speak. There are several VPN protocols that are more or less old and thus more or less secure.
PPTP (Point-to-Point Tunneling Protocol) is pretty much not used anymore. The protocol has only weak encryption and is no longer considered secure.
SSTP (Secure Socket Tunneling Protocol) is also fairly well-known, as it was developed by Microsoft and is built into Windows. It is considered secure, but it is proprietary. With SSTP, you can establish a VPN tunnel over secure HTTP (SSL/TLS) via port 443. The good thing about this method is that port 443 is almost never blocked, since HTTPS runs over it.
OpenVPN is an excellent compromise between security and speed. The protocol is open-source and that's why anyone can view and review the code. All reputable VPN providers have OpenVPN in their portfolio.
WireGuard is relatively new, lightweight and very fast. The protocol is great for streaming. There are some privacy concerns, however, since fixed IP addresses are used. The best VPNs all have WireGuard in use and it is becoming standard with more and more providers. VPN providers mitigate the IP address issue in different ways, such as with Double NAT, which sufficiently preserves your anonymity.
