Whether you are surfing the internet for pleasure or accessing applications for work you are at risk from that army of hackers, spammers and bad guys all out to disrupt your online activities. A Virtual Private Network of VPN is a simple way to protect your privacy online.
We don’t want to sound paranoid, but in our business we very frequently help our customers recover from online attacks of one type or another. More importantly, we assist our clients set themselves up to avoid attacks in the first place.
When using WiFi networks, unscrupulous individuals can hijack your traffic, when you use the internet your ISP (among many others) can see your traffic, and while your traffic is in transit people can determine your location from your IP address.
What does a VPN do?
Like anything its, good to understand what the “thing” can and cant do.
When you activate a VPN it sets up an encrypted tunnel from your location to the VPN server at the other end – this might be at a VPN service provider or at your work server. The encrypted tunnel means that no one can intercept your traffic while it is in the tunnel. When your traffic pops out the other end it appears to come from the VPN server’s address and not your actual IP address. This is important as the IP address can disclose your geographic location.
At PAAC IT we use a VPN from our office router and access to our systems is only permitted from our office IP address. So when our team connects remotely we first connect via a VPN to our local router and then onward to our applications. This means no one else can spoof our logins unless they connect from our server.
So VPNs do fulfill and important function but they are not a full solution. You still need to run anti-virus software on your workstations and use strong passwords – preferably with 2 factor authentication activated. Read our “How to” article on setting up a password manager.
Keep current with our “How to” guides and top tips through our IT Insights newsletter.
When should I use a VPN?
Most of the time is the short answer. We suggest you set your VPN to connect automatically. That means that you don’t inadvertently send unprotected information. If it causes a problem you can always disconnect it. As a minimum you should always activate a VPN when using a network you don’t control – particularly WiFi networks – such as the one at home or in public places.
Setting up your VPN
We look at two use cases below:
- For remote access to work servers and routers
- For access to Internet based applications
Remote access to work servers and routers
This is a common use case for businesses that have their own premises with a router and local network on site. The applications the organisation uses may be onsite in a local server or cloud based applications such as Xero, Quickbooks Online of Sales Force. Remote users establish a VPN connection to the local server or router and from that point are routed on to the relevant application.
VPN Server Setup
The first step is to set up the VPN Server end of the service either on the server or router. We prefer the router as it provides more flexibility in where the traffic can go. Most routers have this capability built-in – we generally use Draytek routers. I’m only going to cover this very briefly as every router is different. and its not a “step by step” guide:Ensure the router is working and connected to the internet
- Log in to the router’s control panel note the router’s WAN IP or domain name
- Set up the VPN “tunnel” parameters that include the choice of transport protocol (such as Layer 2 Tunneling Protocol -L2TP) and encryption protocol (such as SSL VPN or IPsec VPN)
- Next is the setup of remote access user profiles. There may be one or more of these depending if you wish to allocate different access privileges to different groups of people. Each should have a user name and password
- Now comes setting up the shared secret key or password. This will be used by all the remote access clients to login
- Should be all good to go.
Setting up the client VPN
Having set up the VPN Server, its now time to configure the VPN on each client workstation that is going to use the VPN. Again there are variations for different type of VPN client and operating systems, so the description below is for a Windows 10 VPN client.
- On Windows PC, go to Settings >> Network & Internet >> VPN, click Add a VPN Connection.
2. Enter the router’s WAN IP or domain name in Server name or address, select VPN type as “L2TP/IPsec with pre-shared key”, and enter the Pre-shared key we set in router’ IPsec General Setup.
3. To establish the VPN, click on the VPN connection, and click Connect.
4. It will pop up a sign-in window, enter the username and password set in router’s VPN user profile.
5. To activate the VPN, select the WiFi symbol from the bottom Windows tray and click “VPN”
VPNs for access to Internet based applications
Both businesses and consumers use VPNs as a way to securely access internet based applications and streaming services such as Netflix and Amazon Prime. There’s a wide range out there but we like NordVPN and yes it does come with a small monthly charge. Some of the interesting it features it offers include:
- High security
- Good performance
- No logs policy – they say they dont track what sites you visit
- Smartplay – that unlocks access to 150 geo-restricted streaming servivices
- WiFiSec – it automatically fires up the VPN whenever a WiFi network is joined.
Im going to cope out here and suggest a visit to the NordVPN site, select your pricing plan and follow the instructions – they are very clear and simple.
I do hope you found the above helpful – if you would like to know more, call us on 01428 770 290.
Keep current with our “How to” guides and top tips through our IT Insights newsletter.