SkipToMainContent

Privacy

VPN tunnel: What is it and how does it work?

A VPN tunnel is an encrypted link between your computer or mobile device and an outside network.

A VPN tunnel — short for virtual private network tunnel — can provide a way to cloak some of your online activity.

How? A VPN tunnel connects your smartphone, laptop, computer, or tablet to another network in which your IP address is hidden and all the data you generate while surfing the web is encrypted.

By connecting to websites through a VPN tunnel — and not directly — you can help keep businesses, government bodies, hackers, or other snoops from tracking your online activity or viewing your IP address — which, like your actual address, identifies your location — while you’re online.

A VPN tunnel is useful when you’re logging onto the internet using public Wi-Fi at hotels, coffee shop, or library.

How does VPN tunneling work?

To connect to the internet through a VPN tunnel, you'll first have to sign up with a virtual private network service, better known as a VPN. The VPN is the key to hiding your IP address and shielding your online activity from snoops.

Before visiting websites, you'll log into your VPN provider’s service. When you then start searching online, the websites you visit and your own internet service provider — ISP, for short — won't see your IP address. Instead, they'll see the IP address of your VPN provider, helping to protect your privacy.

In essence, when you click on links or download files from a site, no one will know it’s your activity. It’s as if your VPN provider has built a tunnel around your online activity, providing a barrier between it and everyone else.

Using a VPN alone may not be enough to protect your online privacy, though. That’s why VPN providers take one more step to encrypt the data you send and receive while you are online. When your data is encrypted, it is scrambled so snoops can’t intercept and decipher it.

When you enable this added layer of protection, hackers, businesses, governments, or others won't be able to track what sites you visit, files you download, videos you stream, or online games you play.

Hiding your IP address and encrypting the data you send and receive is a powerful combination to help keep your online browsing sessions private.

VPN tunnel protocols

Not all VPN tunnels are equally effective in protecting your online privacy. The strength of a tunnel depends on the type of tunneling protocol your VPN provider uses.

Some protocols are outdated and may not provide data encryption that is strong enough to deter online snoops so it’s a good idea for you to work with a VPN provider that relies on the strongest possible tunneling protocol.

PPTP

Point to Point Tunneling Protocol — better known as PPTP — is one of the oldest versions still in use today. The strength of this protocol is its speed: It features extremely fast connection speeds.

This speed comes at a cost, though. PPTP is fast partly because its level of data encryption is weak by today's standards. This means it's easier for outsiders to crack the encryption provided by this protocol. If you want more protection, investigate a stronger form of protocol.

L2TP/IPSec

Layer 2 Tunneling Protocol, when used with Internet Protocol Security, is a step up from basic PPTP. That's because this level of tunneling protocol offers two stages of protection: Both the L2TP and IPSec portions of this protocol create their own encryption. This results in two layers of protection for your online data.

The downside? This type of tunneling protocol, because of the two layers of encryption, can result in slower online connection speeds. L2TP/IPSec sometimes gets blocked by firewalls, too. That's because this type of VPN tunneling uses fixed ports.

SSTP

Secure Socket Tunneling Protocol is unusual because it is only available on Windows operating systems. This type of tunneling protocol is very secure, making it a safe choice. It also doesn't use fixed ports, so it's easier for SSTP to get through firewalls.

The problem, of course, is that this protocol isn't available for operating systems other than Windows. That shuts out many potential users.

OpenVPN

If you're looking for the strongest protection while online, you should consider investing in a VPN service provider that relies on the OpenVPN protocol.

This protocol works with all the major operating systems, Linux, Window, and Mac, on the mobile operating systems of Android and iOS.

Maybe you prefer an independent operating system? OpenVPN might have you covered, because it works with such systems as FreeBSD, NetBSD, Solaris, and OpenBSD.

OpenVPN is currently considered the top form of VPN tunneling protocol. That's because its encryption is especially strong. It's also adept at getting past firewalls.

Protecting your privacy while online

The key to VPN tunneling is to actually use the service. A VPN can’t keep your identity private or encrypt the data you send and receive if you skip that extra step of connecting to your VPN provider first before you access the internet.

Remember, too, that to truly protect your online privacy, you’ll need to enable VPN protection on any device you use to reach the web from public locations. It doesn’t help to have your laptop protected by a VPN only to log onto the internet with your smartphone while you’re relaxing at the coffee shop.

The bottom line? VPN tunneling is a must for online privacy. Just make sure you use your VPN service once you sign up with it.

The freedom to connect more securely to Wi-Fi anywhere

With Norton™ Secure VPN, check email, interact on social media and pay bills using public Wi-Fi without worrying about cybercriminals stealing your private information

Try Norton Secure VPN for peace of mind when you connect online


Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2020 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.