A Virtual Private Network (VPN) is an internet security service that allows users to access the Internet as though they were connected to a private network. A VPN service allows a user to encrypt Internet communications and provide the user with a strong degree of anonymity when browsing the Internet. Users may use a VPN service to protect themselves against eavesdropping that may occur on public Wi-Fi, to circumvent Internet censorship, or to connect to a business's internal network for the purpose of remote work.
Establishing a VPN tunnel between two network nodes involves establishing and maintaining a logical network connection (the logical network connection can be referred to as a VPN connection). The VPN connection between two network nodes may contain intermediate hops. In the VPN connection, packets constructed in a given VPN protocol format are encapsulated within another carrier protocol. The VPN packets are then transmitted between VPN client and server and de-encapsulated on the receiving end.
For Internet-based VPNs, packets in a VPN protocol are encapsulated within Internet Protocol (IP) packets. VPN protocols also support authentication and encryption to keep the tunnels secure. Thus, a VPN is a network tunneled within another network (e.g., within the IP network).