0

I'm struggling to find a good explanation about what actually happens on the client side on a computer when a VPN client is running and connecting to a VPN server on the internet.

When we turn on and enable the VPN application to connect to a VPN somewhere in the world, and then use Chrome or Firefox etc. to access a website, how does the browser software know to connect to the VPN IP address instead?

My understanding is that normally an IP packet from layer 3 which has a source and destination IP address, gets wrapped in an Ethernet frame at layer 2.

When we use a VPN, does the IP packet for the destination address get wrapped in another packet for the VPN server first? Where does the TLS encryption come into this then?

Engineer999
  • 3,683
  • 6
  • 33
  • 71

1 Answers1

4

If you have a real VPN (where N stands for network, i.e. not a web proxy) then a virtual network interface is created on the computer and routes are setup, so that all non-local traffic is send through this virtual network interface. The traffic will be encrypted there and then send through the "real" network interface to the other VPN endpoint, i.e. the original IP packet will be encrypted and then wrapped into another IP packet for transport.

In the other VPN endpoint there is the same kind of setup: the encrypted network traffic comes in through the real network interface, gets passed into the virtual network interface, gets unwrapped and decrypted there and emerges decrypted on the VPN endpoint where it (the decrypted data) then get forwarded to the final target.

Steffen Ullrich
  • 114,247
  • 10
  • 131
  • 172