[EDIT] I’ve replied to some, if not most of the replies. At this point, if the things I’m asking are really far too complex to be ELI5, you could just tell me. But any help in ELI5 is going to be great! 
A classic private network was just a real cable network that had the following properties:
- everyone inside the network knows who is connected to the private network
- some computers are only wired to the private network but to no other network
- some designated computers (gateways) also have a wire to another network (read the internet)
- computers outside the network do not know who is connected to the private network, to them it seems as if only the gateways exist
A virtual private network(VPN) is the idea of creating the same structure but instead of using real world infrastructure (cables) the method to connect to the private network is encryption. So all computers in a VPN are connected to the internet but only they know they form a private network. To ensure no one else can read their communication all messages they send to each other are encrypted.
As for the use, there are many. One is obviously to communicate with a bunch of computers over a secure connection. Another is to use programs that rely for you to be in a local area network with people that are not. It can also be used to appear as if you were connected from somewhere you are not. Since whoever you talk to outside the VPN only receives messages from the gateways. So let’s say you are in the US and form a VPN with a gateway in Japan. When you now send a package to someone outside the network from inside, to them it will appear as if you were in japan.
How to get one: Simply use one of the many available programs out there to do that for you. Many applications nowadays do way more than just connect you to a VPN however.
In general the network you are physically connected to and logically connected to are the same. The goal of a VPN is to bend that rule and put you logically in to a remote network. This is accomplished by routing your local traffic through the VPN and then out the far side, and funnel responses back as needed. When the traffic comes out the far end as far as any one can tell it actually originated from the VPN server. In general the traffic is encrypted between you and the other end of the VPN.
Appearing like you’re part of the remote network has a couple of useful properties. On a corporate level if you have a protected network that you want to let employees access a VPN is a very good tool for that. If you set up the VPN end point inside the firewall, acls, and what have you to protect the network, the connections coming out of it will just be part of the local traffic and allow easy access to protected services, the same as it would for people physically in the office. It makes managing things much easier, you make one exception for the VPN and everything rides on that connection.
For consumers the big things with VPNs is abusing the idea that in general you logical location and physical location are the same. If you logically appear to be somewhere, say in the US, most services will assume you’re physically in the US, since that’s true for the vast majority of people. There are two thing you can do with this: get an endpoint in a different country/region so online services will treat you differently, such as getting around content restrictions on youtube, the other is getting an endpoint that just isn’t where you are right now. For having a connection that’s just not here, that adds another layer of indirection to finding out who you are, assuming you don’t do anything identifiable over the VPN connection. If you access say reddit and facebook, that’s a pretty good give away that the user on the other end is /u/jjompong / Bob Smith, but barring that to figure out who’s on the other end of the connection you’d need to contact the VPN service to find out which address was on the other end of your connection, then go to your ISP and repeat the process.
As for getting a VPN it’s half easy, install something like OpenVPN or Viscosity locally and you’re half way there. The harder part is setting up the far end of the connection. There are companies that provide VPNs as a service, you give them dollars they give you a username, password, and addresses, capitalism at it’s finest. In that case you do have to trust them to be on the up and up, they could be logging your every action with full traffic captures, or they could be going out of their way to keep no records of how their service is used, did I mention trust? The other option is rolling your own, get a general purpose server bare metal, VPS, etc(not shared hosting, the most likely won’t let you install arbitrary things), and install a VPN server (most likely openVPN) and you’re off and running. This provides a bit less plausible deniablity than using a dedicated service, if you’ve got dozens of people using the same end point it adds ambiguity to who did what, you’d need to ask the VPN provider to sort that out, again with the trust, if it’s just on person ever coming out of the VPN it’s a pretty safe bet it’s the guy footing the bill or someone they know.
A Virtual Private Network is a secure way to remotely access a private network from another network. Software-based solutions generally let you access the private network from any location, allowing you to do things like access your work computer from a coffee shop or access your home network from the library.
There are a lot of ways of setting up VPNs based on your needs, but for most people VPNs are overkill. Most commonly, you do not need access to a network but rather some content on the network which can more easily be shared via a cloud-based solution or simply exposing one service on your network publicly and locking it down.
Some services aren’t enabled in your country / provider / campus etc…
VPN in laymans terms lets you create a tunnel to a server in another country. Which acts like your computer. Which means the service becomes available to you.
I recommend flyvpn, or easvpn. Incredibly easy to use, google arround, it takes 5 minute.
Thanks for your answer. I do have a sort of follow-up question. One of the uses I have in mind is to be able to use the high-speed internet in the office while I’m, let’s say, on holiday. Is this actually a good application?
But do you get the advantage of the higher speeds of the network you’re connecting to or are you just limited to the speed of your current network (the one you’re connecting from)? I basically came upon this idea to be able to take advantage of the extremely high internet speeds we have at the office while on the holidays.
Not really, because it depends on the connection bandwidth/speed you are provided with at the holiday location. Since any packets / data you receive will have to be sent over the real world connection that you have at your holiday location this will be the limiting factor.
This is why it is called a virtual private network. It’s not a real network in the sense of a connection of cables, it’s a way of thinking about the organizational structure of computers that are all connected via the internet.
If you think about that long enough you’re going to facepalm for asking that question.
You use the internet to securely connect to a network thats somewhere else. Example: You connect via VPN to you university network. The device that accepts your VPN connection inside the university network will take your packets from the internet and pretend they came from inside the network. When the university network wants to send you packets back it will send them to the device and it will send the packets back to you over the internet.
The point of a VPN is simple, there are 3 main uses.
-
To allow a person a Virtual private network to share files in and play games. AKA you can set up a VPN with your friends and then easily share files and play games, as if you were on the same network. (when you are in your house)
-
To access content that is region blocked, by routing your internet usage through another country/server/area. A person may use a VPN from within the UK to access the BBC website’s streaming content, that is region locked to the UK.
-
To provide allow a person anonymous internet usage. By making it harder to see where a person is using the internet from, thus harder to track and increasing their privacy. This use is what has caught the attention of people recently, as it allows for anonymous illegal downloading, the ability to talk to others online without the authorities knowing who is talking to who.
A use for such privacy is people in buisness who don’t want their internet/email data to be traced back to them. Also people who contact news agencies and online media such as Wikileaks. These people are called whistleblowers, such as Edward Snowden. However a VPN could be used by anyone for increased security through anonyminity.
I personally do not use one, as they are tricky to manage and you will have to constantly change which VPN you use.
If you are worried about your personal privacy, you may want to look into both a VPN and full encryption of your computers hard drive.
What if I downloaded the content/files to the drives of the network I’m accessing?
Huh. No kidding. But anyways, considering that what if I downloaded the content and saved it locally at the network I’m connecting to? Will that work or is life really cruel?
Just a follow-up question, is this similar to ssh?
But am I right in thinking that the basic security feature for all VPNs is that only those who are given permission (or has some form of username/password) can access the network in the first place?
The original download from wherever to your work computer would run as fast as always ( using the former example with up to 10 Mbit/s). However when you want to have the files on your computer at the hotel you need to download them from the computer at work using the connection the holiday location has. (Here you would at best get the 1 Mbit/s from before.) It’s a little simplified but when you download anything with this setup this is was happens.
Imagine it like this, you are with someone at the phone who is at a workstation. Then you ask him about something on wikipedia. Of course the page loads almost instantly and he can see everything at once, but he has to read out loud for you, so that you know what is written.
In this scenario talking on the phone is the slow (1 Mpit/s ) connection and the internet on the workstation is the fast (10 Mbit/s ) connection. No matter how fast the page loads, he will not be able to talk faster because of it.
That will work, but then you’re not really talking a VPN. Just SSH/RDP to a machine in the office and download it there. That really doesn’t help you though anyway, unless you plan on downloading a ton of stuff over the weekend, then dumping it to a USB next time you’re in. If not, it’s actually faster to just DL it right to your house.
Picture an equilateral triangle, with points A, B, C.
A is where you’re coming from, B is your office, and C is your home. You can drive 200mph from A to B, but only 50mph from A to C or B to C.
Even though you can fly to your office, it still takes the same amount of time to drive from your office to home, as it would have from where you started. You might as well just drive straight from A to C. The time spent from A to B, even though super quick, does nothing but add to your time.
If you have a client on the remote network perform the download, yes, it will have the faster speed.
You still have the matter of getting it to you remotely though.
Not really, ssh lets execute commands on a remote machine while VPN makes it seem as if you are on the same network. One application is to only allow VPN connections from the internet. When you have established a VPN connection you act like you are on the network, so you can connect to all computers on the net(ssh into them, access webserver, send broadcasts.
Yes.
I do not like UpbeatMelon’s response because he is talking about some of the different ways you could use a VPN, but not what a VPN is. As you point out, it is basically a way of letting a person with the correct username/password access a network.
One important point though, is that VPNs connect networks. I want to clarify this because organizations frequently use VPNs in this way. For example, if I have an office in Japan and another in the US, I could use a VPN to connect both networks then all of the users in Japan can communicate to the US without having to individually connect.
Another example is if you want to setup a VPN at your home to connect to a friend’s home network (let’s say the two of you want to share movies) then everyone at hour home can see your friend’s movies because your whole home is connected through the VPN, every person does not need a login.