08 November 2018
In this guide we will be taking you through the process of installing a VPN, with step-by-step instructions for some of the most popular devices and operating systems. We’ll show you how to protect your privacy and secure your personal data over the internet with some of the best VPN products available today.
You might be asking yourself what you would need a VPN for in the first place, and what they actually do. A VPN (virtual private network) is a secure method of communicating with other computers and networks across the internet. This can be accomplished in several different ways, depending on what your needs are, each with their own features and benefits. Let’s take a look at the two main VPN types and what they are used for.
If you are a home user that has used connection privacy services before, or an employee that connects to the office via a special connection, then chances are that you have used a Remote Access VPN. This is a service that enables users to connect to a private network remotely and creates an encrypted connection through which they can communicate.
In the former example, home users would connect to a VPN which would protect their privacy while, for example, enjoying online streaming music and video services such as Netflix, or using online social media content like Facebook. All data is encrypted, so cybercriminals and snoops can’t read the coded information. This makes internet banking and other online financial services like PayPal much more secure to use as well.
In another example, travelling employees might find that they need to access documents that are hosted on their internal corporate network while away from the office. A VPN is especially useful here because employees no longer have to physically go into the office to use the server or request that the file to be sent via email. Instead, they can connect directly to the LAN via a VPN client. This creates a secure connection that routes traffic between the employee’s device, the corporation’s firewall and router, and the file server where the documents are being stored. This is also done through an encrypted connection, meaning that all of the communications are safe from prying eyes.
Site-to-Site VPNs are constant connections that are usually used by businesses, and they usually connect different regional offices or sites together over the internet. Because routers are the primary pieces of equipment that make such connections possible, a Site-to-Site VPN might also be referred to as a Router-to-Router VPN. These connections usually lock onto one another with a session key that is known only to the technical staff at each location, meaning that no outside parties can intercept any meaningful data from the connection.
The sites will communicate with one another as if they are all on the same Local Area Network (LAN), even if the IP addresses of each site are on different ranges. This is made possible by the routers at each location, as they contain the routing information that is necessary for the data to be transmitted from one site to the other.
In addition to the two VPN types that we have just looked at, there are also many different VPN protocols that are used when secure communications are required, each with their own specific purposes, depending on the situation that they are needed in. Below are the most commonly used VPN Protocols. Just a warning, we’re going to get a little technical here!
IPSec can be thought of as an end-to-end technology that operates within the internet layer of the IPS (Internet Protocol Suite). Because of this, IPSec is able to secure applications automatically at the IP layer, giving users a safe and secure VPN environment to work in. It accomplishes this task by firstly authenticating the session between the two parties, then by encrypting the data of each transmission on a packet level for the duration of the session.
IPSec can operate in “tunnelling” mode or in “transport” mode, depending on the requirements of the connection. Tunnelling mode protects information such as internal routing and encrypts the IP header of the original packet being sent, which is then encapsulated by another set of IP headers. For this reason, it is normally used at a site-to-site installation, where NAT traversal support is also required.
Transport mode operates differently from tunnelling mode in that it encrypts only the payload and the ESP trailer (Encapsulating Security Payload), meaning that the IP header of the original packet is not encrypted. NAT traversal is not supported in this mode, and it is used primarily for client-to-site VPN installations. Transport mode is generally used in conjunction with other VPN protocols such as GRE or L2TP, which pick up the encapsulation duties, leaving IPSec to encrypt the tunnelling packets.
L2TP is normally used in conjunction with another VPN protocol as mentioned in the above example. L2TP is seen by many as the next version of another VPN protocol, PPTP, which is used extensively by Microsoft. It can use 3DES or AES-256 bit as an encryption mechanism for the traffic that it directs. This gives L2TP the ability to run secure communications over an encrypted channel, making it ideal for keeping your information safe.
L2TP works very well in conjunction with PPP (Point-to-Point Protocol) as PPP connections are inherently open, meaning that L2TP can work in conjunction with the PPP protocol to create a more secure connection. Performance can take a hit when using multiple protocols because of the extra work that is required by the L2TP’s header information needing to be de-multiplexed, but the end result is a highly secure and stable connection.
PPTP is largely obsolete in today’s VPN environments, mainly due to the fact that is uses an insecure method of creating secure connections, which is done with a TCP control channel and a General Routing Encapsulation tunnel for transmitting PPP packets. The protocol has been shown to have some serious security flaws, many of which have been demonstrated and exploited in recent years, making this connection method unsafe for practical applications.
SSL/TLS is commonly used for securing connections to websites on the internet. This prevents information from being intercepted by cybercriminals, where it could otherwise be edited or rerouted to fool unsuspecting internet users. This is accomplished by using an algorithm that encrypts and secures data so that it cannot be read by outside parties.
Open VPN is an open source implementation of VPN and is a good way to setup Point-to-Point and Site-to-Site VPNs in both routed or bridged configurations. It can be a little tricky to setup if you are going the manual route, but there are plenty of resources available online to aid you in your OpenVPN setup.
Using SSH can have some benefits if you are more technically minded. It’s particularly useful if you wish to use it to tunnel HTTP traffic back to your home server or encrypt SMTP connections. (This could happen when you are having issues sending email because the connection that you are on is blocking your outgoing mail port.) Long-time Linux fans will be familiar with SSH, as it has been a secure method for connecting to remote hosts for a long time. You can learn more about SSH tunnelling here.
Learning the theory behind the most common VPN protocols is interesting for most users new to VPNs, but the real fun only truly begins when installing and running your own VPN. What follows is a brief explanation of how to install some of the most popular VPN services and clients that are available on popular OS platforms, and how you might go about configuring a VPN of your own. Not all of the steps mentioned here will be necessary for your particular setup, depending on what your device is and what product you intend on using. But after reading through this section, you will have an excellent idea of how to get set up all on your own. Let’s get started!
Setting up a VPN in Windows can be done either by installing an application or by installing the service manually. For those wishing to undertake this task manually, an excellent example of how this is done can be found on the Microsoft Support website here. For everyone else, we will be using the example of Hotspot Shield for Windows, which can be downloaded here. There is a free or a premium option for users to choose from, with the premium version offering more options and better speeds and latency.
Installing the Windows version of this software is probably one of the easiest VPN setups around. Simply download the installer, run it as administrator, and follow the on screen prompts. A brief guide can be found here.
Once you have finished installing the product, simply log in to the application, and you are all set. This guide will show you step by step how to log into your account.
Setting up a VPN on Mac OS is surprisingly easy to do, especially if you have a step by step guide. We will run through a manual setup to show you just how easy it is to get your VPN up and running on your Mac.
Step 1. First, navigate to the Apple menu and click on System Preferences, then click Network.
Step 2. Next, click on the Add button on the left inside the list, and then click the Interface menu. Inside that menu, choose VPN.
Step 3. Next, click the VPN Type option, and select the VPN connection that you want to set up. This will depend on the protocol that you intend on using. The following explanations are taken from the Apple Support Website:
Give the VPN a suitable name, and click Create.
Step 4. Next, input the server’s IP address or host name, as well as an account name for your VPN service.
Step 5. After you have done that, click on the Authentication Settings, and then enter the details that you got from your provider. Below is an example of what a CyberGhost VPN configuration looks like. A full CyberGhost setup tutorial can be found on their website here.
Step 6. Finally, click Apply and then click OK.
The last test is to select the option Show VPN status in menu bar. This will allow you to use the VPN status icon to establish a connection to the VPN.
The following is a manual guide for installing a VPN on an Android device using PureVPN as an example. PureVPN can be downloaded for all of the most common devices, including Android, iOS and Windows from here, but in this instance, we will be manually configuring a VPN on a Xiaomi Note 4X in a PPTP VPN. If you don’t have one of these devices, then a full list of guides can be found here on the PureVPN website for other Android devices and VPN protocols.
Step 1. Setup a PureVPN Premium Account here.
Step 2. Once you have your account details, go into your device’s settings(circled in red below).
Step 3. Next, scroll down and tap on the More button.
Step 4. Once inside the More menu, tap on the VPN button.
Step 5. Tap on the Add VPN profile button at the bottom of the screen.
Step 6. Next, enter in the name of your service, PureVPN. Then, select your VPN type, which in this case is the PPTP protocol. Next, deselect the PPP encryption (MPPE) radio button, and then enter in your PureVPN details into the username and password fields. Once that has been done, tap on the OK button at the top right hand side of the screen.
Step 7. Lastly, turn on the VPN by activating the VPN button. Once done, you will connect to the PureVPN server.
These images were taken from my own Xiaomi device, I did the setup step-by-step, and it was so easy!
Finding a VPN service for your iOS device has never been simpler, as there are so many players in the VPN market to choose from. We will take a look at the easy to install and use ExpressVPN for iOS. Express VPN also supports Windows, Mac OS and Android, but we’ll be focusing on the iOS version for this guide.
Step 1. Choose your VPN plan from the ExpressVPN site. Once you have selected the subscription type and entered in all of the relevant payment details, you will be taken to the download screen, where you can install the iOS app.
Step 2. Powering on the app is as easy as tapping the large power button in the centre of the main app screen. If you wish to change your location to a different country, simply tap on the circular Choose Location button on the bottom right side of the screen.
Step 3. Once you have tapped on the Choose Location button, you will be prompted with a list of available locations. Here you can filter by location, or select All to see every potential VPN location. This is especially useful if you find that you are experiencing higher than usual latency or lag when connected to a VPN location that you have selected.
Step 4. Once you have successfully connected to the VPN of your choice, you will be greeted by a green emblem on screen, showing that the VPN is on.
ExpressVPN is an excellent starting point for anyone that is looking for an easy-to-use VPN app on their mobile device. This app will give your single device the privacy and security that is needed to keep all of your private information safe. A full installation video for ExpressVPN can be found here.
Setting up a VPN on your router is the best way to secure your internet connection. This is because anybody that connects to your wifi or network will automatically be able to take advantage of the benefits that VPNs bring to the table. This means that client devices don’t have to configure any additional parameters, which keeps things simple.
There are a wide variety of routers on the market for different connectivity solutions, such as fibre and cable routers, or even DSL and ADSL routers. For this example, we have gone with NordVPN. They offer a comprehensive list of routers that support their VPN service, as well as setup guides for each one. Be sure to take a look and see if your device is supported before you take the plunge.
As we have seen, there are many different considerations to take into account when it comes to selecting the right VPN product for your particular needs. There are many providers available that offer world class VPN services at affordable subscription rates, making it a really affordable security feature to have as a part of your internet experience in the home or at your place of work.
Understanding the difference between protocols, as well as the benefits and drawbacks of each one will help you to choose the best product for your needs. Sometimes, having multiple VPN services is a good option, especially if you have more than one person in the family that needs to take advantage of VPN technology to protect their information and allow them access to streaming sites. We hope you have found this article useful, and we look forward to giving you more information about the excellent products on offer from the various VPN vendors from around the world.