VPN - Virtual Private Networking

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello again as you know I'm Eli the computer guy over here for everyman I t.com and today's class is on VPN or virtual private networking VPN allows computers or entire networks to connect to each other over the Internet securely so if you have an office in Seattle and it needs to connect to an office in Washington DC securely you would use a VPN VPN is a client-server architecture so you have VPN servers and VPN clients and the software allows the VPN clients to securely connect to the VPN service today's class is going to talk about that we're going to talk about the clients are going to talk about the servers we're going to talk about the theory how all this works and then practical applications in the real world VPN technology is nowhere near as complicated as most people think there's a lot of theory behind how VPN works that is very complicated very sophisticated very hard to understand but but for you to actually use VPN technology you basically just click connect user name/password done that's about as complicated as it is normally for the average user the stuff behind it is much more complicated so this class is going to be on VPN Virtual Private networking Virtual Private networking allows computers or networks to connect to each other securely over the Internet so in order to understand VPN or virtual private networking we have to go back and we have to talk about how the internet was created and what it was created for in the first place now as we've discussed before in the other networking classes the internet was created by the US military so that the army could try to maintain communications during a time of massive nuclear attack so you know when you go to the movies and you see these movie and you know movies about Armageddon or you know a nuclear bomb going off in New York well what the the army what the military was worried about is what happens not if one nuclear weapon goes off what happens if 20-30-40 a hundred nuclear weapons go off what happens of the fifty major cities in the United States suddenly get vaporized they just a that they just no longer exist how would mill eteri units communicate with each other the reason that they're worried about this is because in the old style of communications basically with old telephone systems everything all communications went through central hubs so if you were in Seattle and you're trying to contact somebody in DC your telephone communication would go through things called central offices in order to get to DC now on a normal bright shiny day this system works fine the problem is is if one of these central offices is taken out by a nuclear warhead there is no way to easily reroute this communication to get to DC so the Soviets could bomb us and if they could destroy a few of these central offices our communications infrastructure would fall apart basically military units on the west coast cannot talk to the military units on the east coast etc that's that that's that's a bad bad thing so what the military wanted is they wanted a way to communicate that would be self-healing so that very easy very easily very quickly if a central hub was destroyed communication ones would remain online the where they came up with the idea of the internet so with the internet all communications are routed through things called routers so if you're in the US now there are tens of thousands maybe hundreds of thousands who knows maybe millions of these routers that are sitting on the internet so if you're in Seattle and you're using the internet to communicate to somebody in BC you go through any number of these routers to get to DC basically you go to the first router the first router passes you the second pass of your third passes you to fourth fifth six all the way to DC now why this is important is because if a nuclear bomb goes off here and destroys this router this system automatically we will rebuild a new communications of paths so if this router is destroyed your communication can now get rerouted through other routers to get to DC you know if if a huge chunk let's say if 10,000 of these routers are destroyed you can still communicate with DC a hundred thousand routers are destroyed and as long as they're not the right ones this will all heal itself and you'll be able to still communicate with whoever it is you're trying to communicate with well the problem with this front from it from a computer security standpoint is you have all these routers and these routers actually have the data traffic going through them so not only is this router here not only is this router moving traffic from it to the next router down the line but all the data is actually going through it the emails are going through files that are being transferred going through it etc so if you're a hacker and you can somehow get into this that this this this router you can collect all of the information that is going through and put it back together and see what people are doing so if you know if pictures are going through this router you can grab those pictures and look at those pictures if confidential information is going through this router you can grab that information look at this is called a man-in-the-middle attack so if you're learning about hacking basically a man in the attack is when two people are trying to communicate you get into the middle of that communication stream and you just start reading everything that is going by so when the internet was created from from a physical security standpoint it was very very good because if nuclear bombs went off and half these routers are destroyed communication still exists from a computer security from a data security standpoint it was very very insecure because if you could get into these routers or these servers you could look at all of the information that was going through you could grab all that information so that's why they came up with Virtual Private networking virtual private networking allows you connect to connect over the Internet securely so how it does this is through a couple of security tools the first is it uses something called a tunneling protocol so what the tunneling protocol does is when you're trying to connect to this this computer server in DC the tunneling protocol sets up a tunnel of between you and DC through all the routers that you're going through so there's there's a communication then inside this tunnel it then encrypts all of the information so you create a tunnel around the information that you're sending and then you encrypt all of the information in the tunnel to the people you're sending to the reason why this is important is because if a hacker is sitting at a router and they're able to you know see all the traffic that is going through the first security that they're going to run into is this tunnel that isn't pricking protecting your encrypted data well if they're they're sophisticated hackers they can then penetrate that tunnel but even if they penetrate the tunnel in order to try to grab your data that's in that tunnel well that data is encrypted so even when they do grab that data it still doesn't mean a whole lot to it do a lot to them because it's encrypted now the third thing that makes VPNs very very very secure and very good is as we talked about before you know you've got all these routers and so if you're trying to go to point B on the internet you know you may go through any number one of these a number of these routers to get to where you're going well the cool part with VPN is part of this tunneling protocol is if there is a hacker here and he tries to penetrate this tunnel this tunnel will try to detect penetrations so it's you know the tunnels going along everything is doing fine if it detects that somebody is trying to hack into it the tunnel will shut itself down and will recreate itself through another set of routers so if the hacker is here he tries to penetrate your tunnel that entire tunnel is shut down and then the tunnel finds a new path through the Internet so even if your hacker is still here well he's at this router you're now going through this router he's no longer able to try to grab your information so that's how VPN works is you've got the tunneling protocol so the tunneling protocol basically you know think about it like a tube think about it like a data tube that runs all the way through the internet so that tunnel that tube tries to protect your data then inside that tube all of your data is being sent but it's being sent encrypted so even if somebody can penetrate the tunnel all the data that's in there is encrypted so even if somebody is able to grab the information no it's encrypted and mean then beyond that once they penetrate the tunnel like I say the entire tunnel will drop and try to recreate itself this is how VPN virtual private networking works and as we talked about you know why we need it is because the original internet really wasn't secure from a data security standpoint now the final thing that we're going to talk about with this explanation is that you have to remember that VPN virtual private networking is a client-server technology so we've taught him a lot about that before in other classes especially like I say the server track so client-server technologies what that means is you have one server that provides a service and then you have a client that tries to connect to the server to get the service so whenever you're do dealing with a VPN technology you will always have a VPN server this VPN server will be sitting in your office or wherever it is that you're going to be trying to connect to then you have a VPN client the VPN client is generally installed on the computer that you're using that will be connecting to this office somewhere so so if you're using a laptop computer you may install or you may use a VPN client that is already installed onto that computer so what happens is you turn on the VPN client on your computer on your laptop it'll say where are we trying to connect to so generally you'll give it something like an IP address or an external IP addressable where you're trying to connect to so you know this this this office here has an IP address of 10.1 10.1 let's say so in the VPN client you will put that IP address you will then put your username and your password what will happen is when you can try to connect to the VPN server in the office your connection will go all the way through the internet you know zigzag around the Internet and then come here to this VPN server the VPN server will then look at the credentials that you gave it the username password and then it'll say is this person allowed on the network or not if you have the right credentials it will allow you to be on the network if you don't have the right connect credentials it will it will shut you out and you won't be able to use the network so this is the basic system of how VPN communications happen now something that you should understand is that there's a lot of different VPN software and hardware out there so Microsoft has VPN software cisco has VPN software there's Open VPN all these types of things one of the main things that you have to remember is that whatever VPN server you're using you have to use the VPN client that will work with it so cisco VPN will not necessarily work with micro VPN microsoftpls acerra lee work with with OpenVPN etc so this is a client-server technology so we went over the basics of what VPN virtual private networking is so this is where we create a tunnel through the internet so you can securely connect to your office the tunnel protects your data the data that is being sent through the tunnel is encrypted and if somebody penetrates that tunnel the entire tunnel shuts down and then tries to recreate itself in order to thwart hackers you know trying to get into it now when you're doing VPN this is a client-server technology so you're going to have a VPN server in your office you know the building you're trying to connect to and then your laptop computer or your smartphone or whatever will have a VPN client will that which will then connect to this VPN server you'll connect using the external IP address you'll give it your username your password that will all be sent to the VPN server if it is correct then you'll be allowed to be on the network if it is incorrect obviously you won't be allowed to be on the network but that is the essence of what VPN virtual private networking is so VPN a virtual private networking allows you can to connect securely to your office or organization over the network from wherever you are in the world so you know if you're in Dubai and you're connecting to your office in DC you can use this VPN tunnel to connect your office in DC and your computer so if you've got a little laptop right here as far as your computer is concerned you are actually connected inside this office so if you hit the print button here and Dubai you can send a print job to the printer that's sitting here in Washington DC if you need to get to a shared a file that's sitting on a computer in here in the office in Washington CT DC you can get to it you don't have to open any extra ports you don't have to do anything else fancy with your firewalls or you know port forwarding or any of that if you have this VPN connection as soon as you set this up your computer thinks that it's inside the building and the computers inside the building think that it's inside the building so basically it allows you to act as if you're local even if you're you know off on the internet somewhere so there's a couple of things to think about with this that that are very very important if you're going to be using VPN in the real world now the first thing that causes people a lot of problems if you're going to be using VPN is remember this computer here is now going to think that it's inside the office and the computers inside the office are going to think that it's it's inside the office well remember you are not on the local area network you're not on the land that has a speed of 100 megabits per second or a gigabit per second speed your speed on your computer out here when you go through the internet is whatever the speed of the internet connection is or actually the speed of the slowest connection of the internet connection so if you're here and let's say you have a fiber optic connection because you're in Dubai Dubai people are cool but your DC office only has a DSL connection well remember DSL the up load speed is normally 756 kilobits per second right so if you are trying to let's say edit a hundred Meg file a very large file that file has to get pushed out over seven hundred 56 kilobits per second connection to you and Dubai that is going to bring everything and make it very very very very slow so the first thing that you have to remember if you're going to be using VPN in your office organization or your clients organization is the upload speed that that organization has will dramatically affect the users of the VPN now most people don't think about this you know if you go out and get comcast internet or Verizon and Internet or any of those Internet's they always talk about the download speed they always talk about ten megabits per second download 100 megabits per second download three megabits per second download they're always talking about download very rarely do they talk about the upload speed well remember with this VPN connection upload speed is going to be as important as download speed if you only have a 756 kilobit per second upload connection VPN is gonna be pretty piss-poor you know it might be good for people trying to check a couple emails maybe send out a print job or something but if they're going to be pushing and pulling a lot of data back and forth this is going to be absolute garbage I have a client that way right now you know they have ten users all trying to use VPN there they you know they called me and they said you I what can we do can we buy a new server can we buy you know can we buy all this new networking equipment and I looked at it and I said no you need to go to Comcast you need to pay $200 a month for their I think it's a hundred Meg down fifty mega up connection you knew that everything will be a-okay for you why because they have ten users all trying to pull data out of the servers in their building but they have a sucky little 756 kilobits per second connection so that's very very very bad now the next thing that you have to remember with this this VPN technology this is a problem that I see in the real so this is just a theoretical problem is here in Baltimore we have a lot of old buildings and a lot of our old buildings have a lot of really old wiring really old wiring is bad for transmitting data so you know for DSL connections or cable connections etc well the problem with this is when somebody is out here you know in Baltimore and they're trying to connect to an office in DC and they're going through all those routers remember one of the things that the virtual private networking technology does is it says if a hacker is trying to penetrate the tunnel it will drop the tunnel and try to recreate it using a new path well the question is is is is what does a hack attack look like you know the VPN the people with that program is VPN technology I have to say what a hacking attack looks like and a hacking attack it really looks like is if if the data signal isn't steady if the data stream gets slowed down for some reason if there's too many dropped packets well with really bad really old wiring really old wiring drops a lot of packets really old wiring slows things down and makes a mess of things so a lot of times like in Baltimore I've seen VPN connections be really bad and almost completely unusable the reason is is because the old wiring in the building is so bad that there's a lot of packet loss VPN technology thinks that packet loss is hackers trying to penetrate the tunnel therefore the VPN keeps dropping the connection and then recreating the connection well since it's not a hacker it's the wiring basically what happens is that the VPN simply keeps dropping and re-creating the connection all the time is just balled OVA and so nothing ever gets around to happening so this is something to realize in the real world is that if you have really bad wiring in your building your VPN connection may keep bouncing up and down because the VPN thinks that somebody is trying to hack trying to penetrate that connection so these are things to think about in the real world again you know lie say upload speed is a very important thing most people don't think about it if you have a 756 kilobit per second connection you don't want to be using VPN you know you need fiber-optic you need you know Cable Internet t1 mm maybe I mean T ones not good that that's another thing with VPNs realized T ones T ones are old-school T ones are like 15 years old t1 on VPN still I mean it's okay I mean it's adequate I suppose but still not very good the only final thing I will say is you should not run into this you should not I'll say you should not run into this but I have an old timer and sometimes you see some really old equipment in the field VPN at one time Virtual Private networking at one time was a new technology it was new a long time ago like 12 years ago it was new but routers that were created before VPN technology was new or before VPN technology was used by a lot of people did not allow for something called VPN pass-through so VPN pass-through allows for Virtual Private networking tunnels to pass through the router like I say every router built for the past 10 years has this built into it an 11 year old router may not have it built into it so if you're sitting there and you have really old networking equipment you can't figure out why you know VPN isn't working for some reason it may be that the router does not allow VPN pass-through if that's the case and basically you just throw it out and buy a new one and frankly you're dealing with eleven year old router you just need to throw it down and buy a new one anyway so so so that's VPN in the real world so that's all there is to virtual private networking so virtual private networking allows you to connect to an office or organization's internal land their internal infrastructure through the internet so so you know you're sitting out Dubai you're trying to connect to an office in DC you can go through the internet VPN creates a tunnel it encrypts the data within the tunnel and then if any hackers try to penetrate the tunnel it drops the connection and tries to recreate it somewhere else and that's really all there is to it when the very important things to remember you know especially if you're coming from the Microsoft world is to make sure you understand how simple VPN technology is now if you're coming from the Microsoft world Microsoft packages a lot of things on top of any of their products so you know with VPN they have Active Directory and group policies and share permissions and all kind of stuff what you have to remember is that purevpn all the VPN does all bpn does is it creates this tunnel with the encryption and connects you to the internal network it does not have anything to do with Active Directory has nothing to do with group policies etc etc etc you can put servers on the internal network that allow Active Directory and group policies and all that but VPN itself doesn't have anything to do with those so so you can set up a VPN connection without needing to know anything about I say Active Directory group policies or you know intrusion detection or any of that now the other thing to remember with VPN is that there are a lot of VPN solutions out there probably any VPN solution you're going to come across will work fine for you the thing is is that you have to stick with that VPN solution so Microsoft one of the reasons why almost everybody uses Microsoft VPN is because it's built into their servers and their client operating systems if you buy a Windows server it has routing and remote access their VPN server built into the server for free you don't have to pay a dime for it so it's built in the server then if you have any version of Windows build after like Windows 95 there is a VPN client built into the the operating system so you just configure the VPN software on the server you can figure the router and then you set up the VPN client on the on the computer and it will be able to connect to the server it's easy but remember that if you have a Cisco VPN client there's a good chance it will not be able to connect to that Microsoft VPN server this is all a lot of this is very vendor specific if you use Open VPN client you need open VPN server for you have user use cisco VPN server you need a cisco VPN client generally all I say Microsoft Ari has it built in so you know frankly most of us we just go with Microsoft as we talked about in the real world the two very important things very very very important things that you have to worry about is remember your internet upload speed is really gonna matter with a VPN connection because remember since somebody is sitting in Dubai when they're trying to edit documents they now have to be able to pull those documents out of your server all the way through the internet over their computer so if you're dealing with a hundred Meg files 200 Meg files a gig file that entire file has to get pull from your server that's sitting in your building out your puny pathetic little internet connection over the Internet to them if you have a 756 K connection it's it's not gonna work very well final thing again you know if you're in a city like Baltimore remember old wiring is very bad for transmitting data you know data needs good clean newish you know less than 20 year old wiring to really be able to move efficiently effectively well if you have old wiring a lot of the defects in that old wiring the VPN software will think that the problems you're having are hackers trying to penetrate the tunnel therefore it'll keep dropping your tunnel because it thinks a hackers trying to penetrate it but your wiring stays bad and so basically if you have bad wiring you can have the thing where basically the VPN tunnel just keeps trying to recreate itself and it all goes goes back really really quick but so that is what virtual private networking is VPN it's a very very very you know nice relatively easy to use a piece of software solution again client-server you have a VPN server you connect to that server using a VPN client and like I say all the tunneling and encryption and all that that is that is that's done behind the curtain you really don't have to worry about it all you have to worry about is what's the external IP address what's a user name what's the password and that's it you just go about your day so as you know I'm Eli the computer guy over here for Eli everyman I t-dot-com I enjoy taking this class and look forward to seeing it the next one
Info
Channel: Eli the Computer Guy
Views: 2,211,801
Rating: undefined out of 5
Keywords: VPN, Virtual, Private, Networking
Id: q4P4BjjXghQ
Channel Id: undefined
Length: 27min 42sec (1662 seconds)
Published: Thu Apr 21 2011
Related Videos
TCP/IP and Subnet Masking
Eli the Computer Guy
3.7M
VPNs Explained | Site-to-Site + Remote Access
CertBros
577K
DNS for Cybersecurity
Eli the Computer Guy
108K
Networking basics (2020) | What is a switch, router, gateway, subnet, gateway, firewall & DMZ
IT k Funde
3M
Introduction to File and Share Permissions in Windows Server 2012
Eli the Computer Guy
477K
Virtual Private Network (VPN) | Cisco CCNA 200-301
Keith Barker - The OG of IT
33K
The OSI Model Demystified
Eli the Computer Guy
1.6M
Elon Musk Shows Jay Leno His SpaceX Rockets | Jay Leno's Garage Full Episode
CNBC Prime
747K
What exactly is VPN (Virtual Private Network) ?
AfterAcademy
42K
Understanding Switches
Eli the Computer Guy
1.3M
How To Add An Outlet To A Finished Wall
Everyday Home Repairs
4.8M
Introduction to Networking
Eli the Computer Guy
2M
OSI Model Deep Dive
Kevin Wallace Training, LLC
133K
Fastest Way To Get Water - NEW METHOD - How to Jet Drill a Well using a Mud Pump and Pressure Washer
Apple Drains
357K
Don't Get Audited with these 10 Tips - IRS Is Coming
Mark J Kohler
326K
Introduction to Programming and Computer Science - Full Course
freeCodeCamp.org
5.1M
let's hack your home network // FREE CCNA // EP 9
NetworkChuck
2.9M
What is a SWITCH? // FREE CCNA // Day 1
NetworkChuck
892K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.