Eli5: How do VPNs work?


I understand the end result. “Oh hey, I’m not at work but now I can access work’s network and things.” But how does it WORK?

In: Technology

By creating a different network that has the same permissions as your work network. Your work network is most likely connected to the internet, but just sealed off behind passwords, firewalls, and other protective measures.

A VPN is a tunnel through these protections, that is separately protected by passwords. So by logging into the VPN, you can get direct access to the work network. The VPN is programmed to be more widely accessible by users who may be scattered around the world, so anyone can connect to the VPN no matter where they are. Your work network is design to only be easily accessible by people onsite, not any random internet user.

When you try to do something online, your browser sends a request and with that, it also sends information about you. Nothing that personal, but just general. “I’m from California and I want to watch YouTube” this is so that you can access nearby servers for faster loads instead of servers in India.

A VPN acts as an intermediate. So now you send that request to the VPN host, they ask instead “I’m from Austria and I want to watch YouTube”. Then it just sends the data it received back to you. And you got Austrian YouTube.

**Snail Mail Analogy**

**Scenario 1 – normal communication**

You write a letter to someone. You have their address and your address on the envelop and your letter in side. The people at the Post Office handle it and make sure it is delivered.

**Scenario 2 – VPN**

But, you don’t trust the people at the Post Office. You don’t want them to know that you’re communicating with that other person. You also fear they might be opening your envelop and reading your letters.

So instead you make an arrangement with a trusted third party. You send a package to this third party. On the outside of the package is your address and this third party’s address.

Inside the package is a lock box. Inside the lock box is the identity of the person you want to contact and your message to them. When they receive your package from the post office, they open it, unlock the box, then they send a letter from them to the person you say.

The post office can’t look inside the lock box. They only see messages going from you to the trusted third party and then from the trusted third party to the recipient, but have no way of correlating those two messages as a single line of communication.

VPNs do many thing, I reply assuming you ask how can they prevent tracking and allow you to stream content not available in your region.

Internet is a web of networks, each network and everyone on these networks can talk to each other in theory. It is not direct though, your computer talks to your router, router to modem, modem to your ISP, ISP to the site you visit, etc.. the thing is these devices keep track of who send the request so they can carry the response back the correct recipient, meaning you. A VPN is just another device you add before the site you visit and the ISP. The difference with VPN is they can choose not to send tracking information to the website you visit but act like they are the ones who made the request, so the target cannot identify you. The communication between you and VPN is encrypted so ISP does not know what you say to the VPN, and government cannot use this data since it is encrypted. They collect it even so. It is a lot like buying something using your name and money and your address and then after receiving the packet, you taking package to your friend and getting paid for the package and the services.

Now how they let you stream from another region? Your modem’s IP address is assigned by your ISP, they cannot assign you any address, but only from addresses they own. We know every ISP and their IP addresses so we can see which ISP you use and which country/city you are from. It is public, you can see it. The clever thing with VPN is they have servers in different parts of the world, so they have addresses from many countries/cities. When you want to streak from US Netflix from your country, your VPN makes the request from a server they own in US so Netflix thinks you are in US. Netflix lets you do this, because you can move around the world with same account.