Is VPN a layer 3 concept?Cisco ASA site-to-site VPN failoverWhat are the reasons for choosing separate or combined VPN and Internet routers?Placement of firewall for VPN RA and L2L tunnelsHow to failover static ipsec vpn tunnels?Routing from IPSec VPN1 to IPSec VPN2 through HQIPsec tunnel configuration questionVPN connecting offices vs hiding only VPNs (privacy) and their settingsHow to configure a distributed network for the replication?Packets are not being de-capsulated on the ASA end of a VPNWhich VPN Types/Protocols inherently support Multicast Traffic?
Have any astronauts/cosmonauts died in space?
Norwegian Refugee travel document
Exit shell with shortcut (not typing exit) that closes session properly
pipe commands inside find -exec?
Writing in a Christian voice
What are rules for concealing thieves tools (or items in general)?
How to find the largest number(s) in a list of elements?
Do I need to convey a moral for each of my blog post?
Hackerrank All Women's Codesprint 2019: Name the Product
Print last inputted byte
Do I need an EFI partition for each 18.04 ubuntu I have on my HD?
Why does Surtur say that Thor is Asgard's doom?
Should I be concerned about student access to a test bank?
Help with identifying unique aircraft over NE Pennsylvania
Why is participating in the European Parliamentary elections used as a threat?
Is VPN a layer 3 concept?
Difficulty understanding group delay concept
"Marked down as someone wanting to sell shares." What does that mean?
Why didn’t Eve recognize the little cockroach as a living organism?
Error in master's thesis, I do not know what to do
Don't understand why (5 | -2) > 0 is False where (5 or -2) > 0 is True
Jem'Hadar, something strange about their life expectancy
How do researchers send unsolicited emails asking for feedback on their works?
Unfrosted light bulb
Is VPN a layer 3 concept?
Cisco ASA site-to-site VPN failoverWhat are the reasons for choosing separate or combined VPN and Internet routers?Placement of firewall for VPN RA and L2L tunnelsHow to failover static ipsec vpn tunnels?Routing from IPSec VPN1 to IPSec VPN2 through HQIPsec tunnel configuration questionVPN connecting offices vs hiding only VPNs (privacy) and their settingsHow to configure a distributed network for the replication?Packets are not being de-capsulated on the ASA end of a VPNWhich VPN Types/Protocols inherently support Multicast Traffic?
From Tanenbaum's Computer Network
This demand soon led to the invention of VPNs (Virtual Private Networks),
which are overlay networks on top of public networks but with most of the properties of private networks.
One popular approach is to build VPNs directly over the Internet. A
common design is to equip each office with a firewall and create
tunnels through the Internet between all pairs of offices. ... When
the system is brought up, each pair of firewalls has to negotiate the
parameters of its SA, including the services, modes, algorithms, and
keys. If IPsec is used for the tunneling, it is possible to aggregate
all traffic between any two pairs of offices onto a single
authenticated, encrypted SA, thus providing in- tegrity control,
secrecy, and even considerable immunity to traffic analysis. Many
firewalls have VPN capabilities built in. Some ordinary routers can do
this as well, but since firewalls are primarily in the security
business, it is natural to have the tunnels begin and end at the
firewalls, providing a clear separation between the company and the
Internet. Thus, firewalls, VPNs, and IPsec with ESP in tunnel mode are
a natural combination and widely used in practice. Once the SAs have
been established, traffic can begin flowing. To a router within the
Internet, a packet traveling along a VPN tunnel is just an ordinary
packet. The only thing unusual about it is the presence of the IPsec
header after the IP header, but since these extra headers have no
effect on the forwarding process, the routers do not care about this
extra header.
Another approach that is gaining popularity is to have the ISP set up
the VPN. Using MPLS (as discussed in Chap. 5), paths for the VPN
traffic can be set up across the ISP network between the company
offices. These paths keep the VPN traffic separate from other Internet
traffic and can be guaranteed a certain amount of bandwidth or other
quality of service.
Is VPN a layer 3 or 5 concept? (seems to me yes?)
Do both approaches in the quote to build VPNs are layer 3
approaches? (Seems to me yes, because the technologies involved to built VPNs seem to be layer 3)Does openvpn use the server-client model and therefore a layer
5 approach to build VPNs? How do a openvpn server and client work
together to build a VPN? I can't figure it out based on the two
approaches in the book.Similar questions for SSH VPN to those for openvpn.
Thanks.
vpn
asked 4 hours ago
TimTim
423416
add a comment |
From Tanenbaum's Computer Network
This demand soon led to the invention of VPNs (Virtual Private Networks),
which are overlay networks on top of public networks but with most of the properties of private networks.
One popular approach is to build VPNs directly over the Internet. A
common design is to equip each office with a firewall and create
tunnels through the Internet between all pairs of offices. ... When
the system is brought up, each pair of firewalls has to negotiate the
parameters of its SA, including the services, modes, algorithms, and
keys. If IPsec is used for the tunneling, it is possible to aggregate
all traffic between any two pairs of offices onto a single
authenticated, encrypted SA, thus providing in- tegrity control,
secrecy, and even considerable immunity to traffic analysis. Many
firewalls have VPN capabilities built in. Some ordinary routers can do
this as well, but since firewalls are primarily in the security
business, it is natural to have the tunnels begin and end at the
firewalls, providing a clear separation between the company and the
Internet. Thus, firewalls, VPNs, and IPsec with ESP in tunnel mode are
a natural combination and widely used in practice. Once the SAs have
been established, traffic can begin flowing. To a router within the
Internet, a packet traveling along a VPN tunnel is just an ordinary
packet. The only thing unusual about it is the presence of the IPsec
header after the IP header, but since these extra headers have no
effect on the forwarding process, the routers do not care about this
extra header.
Another approach that is gaining popularity is to have the ISP set up
the VPN. Using MPLS (as discussed in Chap. 5), paths for the VPN
traffic can be set up across the ISP network between the company
offices. These paths keep the VPN traffic separate from other Internet
traffic and can be guaranteed a certain amount of bandwidth or other
quality of service.
Is VPN a layer 3 or 5 concept? (seems to me yes?)
Do both approaches in the quote to build VPNs are layer 3
approaches? (Seems to me yes, because the technologies involved to built VPNs seem to be layer 3)Does openvpn use the server-client model and therefore a layer
5 approach to build VPNs? How do a openvpn server and client work
together to build a VPN? I can't figure it out based on the two
approaches in the book.Similar questions for SSH VPN to those for openvpn.
Thanks.
vpn
asked 4 hours ago
TimTim
423416
add a comment |
From Tanenbaum's Computer Network
This demand soon led to the invention of VPNs (Virtual Private Networks),
which are overlay networks on top of public networks but with most of the properties of private networks.
One popular approach is to build VPNs directly over the Internet. A
common design is to equip each office with a firewall and create
tunnels through the Internet between all pairs of offices. ... When
the system is brought up, each pair of firewalls has to negotiate the
parameters of its SA, including the services, modes, algorithms, and
keys. If IPsec is used for the tunneling, it is possible to aggregate
all traffic between any two pairs of offices onto a single
authenticated, encrypted SA, thus providing in- tegrity control,
secrecy, and even considerable immunity to traffic analysis. Many
firewalls have VPN capabilities built in. Some ordinary routers can do
this as well, but since firewalls are primarily in the security
business, it is natural to have the tunnels begin and end at the
firewalls, providing a clear separation between the company and the
Internet. Thus, firewalls, VPNs, and IPsec with ESP in tunnel mode are
a natural combination and widely used in practice. Once the SAs have
been established, traffic can begin flowing. To a router within the
Internet, a packet traveling along a VPN tunnel is just an ordinary
packet. The only thing unusual about it is the presence of the IPsec
header after the IP header, but since these extra headers have no
effect on the forwarding process, the routers do not care about this
extra header.
Another approach that is gaining popularity is to have the ISP set up
the VPN. Using MPLS (as discussed in Chap. 5), paths for the VPN
traffic can be set up across the ISP network between the company
offices. These paths keep the VPN traffic separate from other Internet
traffic and can be guaranteed a certain amount of bandwidth or other
quality of service.
Is VPN a layer 3 or 5 concept? (seems to me yes?)
Do both approaches in the quote to build VPNs are layer 3
approaches? (Seems to me yes, because the technologies involved to built VPNs seem to be layer 3)Does openvpn use the server-client model and therefore a layer
5 approach to build VPNs? How do a openvpn server and client work
together to build a VPN? I can't figure it out based on the two
approaches in the book.Similar questions for SSH VPN to those for openvpn.
Thanks.
vpn
asked 4 hours ago
TimTim
423416
From Tanenbaum's Computer Network
This demand soon led to the invention of VPNs (Virtual Private Networks),
which are overlay networks on top of public networks but with most of the properties of private networks.
One popular approach is to build VPNs directly over the Internet. A
common design is to equip each office with a firewall and create
tunnels through the Internet between all pairs of offices. ... When
the system is brought up, each pair of firewalls has to negotiate the
parameters of its SA, including the services, modes, algorithms, and
keys. If IPsec is used for the tunneling, it is possible to aggregate
all traffic between any two pairs of offices onto a single
authenticated, encrypted SA, thus providing in- tegrity control,
secrecy, and even considerable immunity to traffic analysis. Many
firewalls have VPN capabilities built in. Some ordinary routers can do
this as well, but since firewalls are primarily in the security
business, it is natural to have the tunnels begin and end at the
firewalls, providing a clear separation between the company and the
Internet. Thus, firewalls, VPNs, and IPsec with ESP in tunnel mode are
a natural combination and widely used in practice. Once the SAs have
been established, traffic can begin flowing. To a router within the
Internet, a packet traveling along a VPN tunnel is just an ordinary
packet. The only thing unusual about it is the presence of the IPsec
header after the IP header, but since these extra headers have no
effect on the forwarding process, the routers do not care about this
extra header.
Another approach that is gaining popularity is to have the ISP set up
the VPN. Using MPLS (as discussed in Chap. 5), paths for the VPN
traffic can be set up across the ISP network between the company
offices. These paths keep the VPN traffic separate from other Internet
traffic and can be guaranteed a certain amount of bandwidth or other
quality of service.
Is VPN a layer 3 or 5 concept? (seems to me yes?)
Do both approaches in the quote to build VPNs are layer 3
approaches? (Seems to me yes, because the technologies involved to built VPNs seem to be layer 3)Does openvpn use the server-client model and therefore a layer
5 approach to build VPNs? How do a openvpn server and client work
together to build a VPN? I can't figure it out based on the two
approaches in the book.Similar questions for SSH VPN to those for openvpn.
Thanks.
vpn
vpn
asked 4 hours ago
TimTim
423416
asked 4 hours ago
TimTim
423416
asked 4 hours ago
TimTim
423416
asked 4 hours ago
TimTim
423416
asked 4 hours ago
TimTim
423416
423416
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
There are layer-2 and layer-3 VPNs. "VPN" is a term used for a tunnel combined with encryption.
A tunneling interface encapsulates an inner packet (or frame) in an outer packet. This inner packet is then transported to the far tunnel end, according to the outer packet, and decapsulated again. For the inner packet the tunnel looks like a direct connection, regardless of the path of the outer packet.
Tunneling somewhat defies the strict OSI layering. Usually, layer-3 packets are tunneled over layer 3 (IPsec) or layer 4 (TCP or UDP). An L3 tunnel routes between two networks.
When layer-2 frames are tunneled, the networks are bridged together.
OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption. SSH has an inherent tunneling mechanism for arbitrary connections including port forwarding.
answered 3 hours ago
Zac67Zac67
31.2k21961
Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?
– Tim
1 hour ago
VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.
– Zac67
52 mins ago
Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?
– Tim
47 mins ago
If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).
– Zac67
11 mins ago
add a comment |
Is VPN a layer 3 or 5 concept? (seems to me yes?)
It's both. And it's others. The VPN software is layers 5-7, whilst commonly L3 routing is used to direct packets trough the VPN. Note that layers generally break down above layer 3; there's fuzzy boundaries.
Does openvpn use the server-client model and therefore a layer 5 approach to build VPNs?
Yes, but the result is a layer 3 tunnel. You have to differentiate between the tunnel and the software that builds it, and how traffic trough the tunnel is handled.
Note that OpenVPN may run in L2 mode as well, commonly known as tap device.
answered 2 hours ago
vidarlovidarlo
1416
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thanks. WHat is the tunnelling protocol provided by openvpn?
– Tim
1 hour ago
Many. As L2 tunnel? Whatever you care to throw at it.
– vidarlo
1 hour ago
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "496"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f57734%2fis-vpn-a-layer-3-concept%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
There are layer-2 and layer-3 VPNs. "VPN" is a term used for a tunnel combined with encryption.
A tunneling interface encapsulates an inner packet (or frame) in an outer packet. This inner packet is then transported to the far tunnel end, according to the outer packet, and decapsulated again. For the inner packet the tunnel looks like a direct connection, regardless of the path of the outer packet.
Tunneling somewhat defies the strict OSI layering. Usually, layer-3 packets are tunneled over layer 3 (IPsec) or layer 4 (TCP or UDP). An L3 tunnel routes between two networks.
When layer-2 frames are tunneled, the networks are bridged together.
OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption. SSH has an inherent tunneling mechanism for arbitrary connections including port forwarding.
answered 3 hours ago
Zac67Zac67
31.2k21961
Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?
– Tim
1 hour ago
VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.
– Zac67
52 mins ago
Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?
– Tim
47 mins ago
If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).
– Zac67
11 mins ago
add a comment |
There are layer-2 and layer-3 VPNs. "VPN" is a term used for a tunnel combined with encryption.
A tunneling interface encapsulates an inner packet (or frame) in an outer packet. This inner packet is then transported to the far tunnel end, according to the outer packet, and decapsulated again. For the inner packet the tunnel looks like a direct connection, regardless of the path of the outer packet.
Tunneling somewhat defies the strict OSI layering. Usually, layer-3 packets are tunneled over layer 3 (IPsec) or layer 4 (TCP or UDP). An L3 tunnel routes between two networks.
When layer-2 frames are tunneled, the networks are bridged together.
OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption. SSH has an inherent tunneling mechanism for arbitrary connections including port forwarding.
answered 3 hours ago
Zac67Zac67
31.2k21961
Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?
– Tim
1 hour ago
VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.
– Zac67
52 mins ago
Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?
– Tim
47 mins ago
If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).
– Zac67
11 mins ago
add a comment |
There are layer-2 and layer-3 VPNs. "VPN" is a term used for a tunnel combined with encryption.
A tunneling interface encapsulates an inner packet (or frame) in an outer packet. This inner packet is then transported to the far tunnel end, according to the outer packet, and decapsulated again. For the inner packet the tunnel looks like a direct connection, regardless of the path of the outer packet.
Tunneling somewhat defies the strict OSI layering. Usually, layer-3 packets are tunneled over layer 3 (IPsec) or layer 4 (TCP or UDP). An L3 tunnel routes between two networks.
When layer-2 frames are tunneled, the networks are bridged together.
OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption. SSH has an inherent tunneling mechanism for arbitrary connections including port forwarding.
answered 3 hours ago
Zac67Zac67
31.2k21961
There are layer-2 and layer-3 VPNs. "VPN" is a term used for a tunnel combined with encryption.
A tunneling interface encapsulates an inner packet (or frame) in an outer packet. This inner packet is then transported to the far tunnel end, according to the outer packet, and decapsulated again. For the inner packet the tunnel looks like a direct connection, regardless of the path of the outer packet.
Tunneling somewhat defies the strict OSI layering. Usually, layer-3 packets are tunneled over layer 3 (IPsec) or layer 4 (TCP or UDP). An L3 tunnel routes between two networks.
When layer-2 frames are tunneled, the networks are bridged together.
OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption. SSH has an inherent tunneling mechanism for arbitrary connections including port forwarding.
answered 3 hours ago
Zac67Zac67
31.2k21961
edited 2 hours ago
answered 3 hours ago
Zac67Zac67
31.2k21961
answered 3 hours ago
Zac67Zac67
31.2k21961
answered 3 hours ago
Zac67Zac67
31.2k21961
31.2k21961
Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?
– Tim
1 hour ago
VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.
– Zac67
52 mins ago
Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?
– Tim
47 mins ago
If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).
– Zac67
11 mins ago
add a comment |
Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?
– Tim
1 hour ago
VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.
– Zac67
52 mins ago
Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?
– Tim
47 mins ago
If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).
– Zac67
11 mins ago
Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?
– Tim
1 hour ago
Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?
– Tim
1 hour ago
VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.
– Zac67
52 mins ago
VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.
– Zac67
52 mins ago
Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?
– Tim
47 mins ago
Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?
– Tim
47 mins ago
If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).
– Zac67
11 mins ago
If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).
– Zac67
11 mins ago
add a comment |
Is VPN a layer 3 or 5 concept? (seems to me yes?)
It's both. And it's others. The VPN software is layers 5-7, whilst commonly L3 routing is used to direct packets trough the VPN. Note that layers generally break down above layer 3; there's fuzzy boundaries.
Does openvpn use the server-client model and therefore a layer 5 approach to build VPNs?
Yes, but the result is a layer 3 tunnel. You have to differentiate between the tunnel and the software that builds it, and how traffic trough the tunnel is handled.
Note that OpenVPN may run in L2 mode as well, commonly known as tap device.
answered 2 hours ago
vidarlovidarlo
1416
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thanks. WHat is the tunnelling protocol provided by openvpn?
– Tim
1 hour ago
Many. As L2 tunnel? Whatever you care to throw at it.
– vidarlo
1 hour ago
add a comment |
Is VPN a layer 3 or 5 concept? (seems to me yes?)
It's both. And it's others. The VPN software is layers 5-7, whilst commonly L3 routing is used to direct packets trough the VPN. Note that layers generally break down above layer 3; there's fuzzy boundaries.
Does openvpn use the server-client model and therefore a layer 5 approach to build VPNs?
Yes, but the result is a layer 3 tunnel. You have to differentiate between the tunnel and the software that builds it, and how traffic trough the tunnel is handled.
Note that OpenVPN may run in L2 mode as well, commonly known as tap device.
answered 2 hours ago
vidarlovidarlo
1416
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thanks. WHat is the tunnelling protocol provided by openvpn?
– Tim
1 hour ago
Many. As L2 tunnel? Whatever you care to throw at it.
– vidarlo
1 hour ago
add a comment |
Is VPN a layer 3 or 5 concept? (seems to me yes?)
It's both. And it's others. The VPN software is layers 5-7, whilst commonly L3 routing is used to direct packets trough the VPN. Note that layers generally break down above layer 3; there's fuzzy boundaries.
Does openvpn use the server-client model and therefore a layer 5 approach to build VPNs?
Yes, but the result is a layer 3 tunnel. You have to differentiate between the tunnel and the software that builds it, and how traffic trough the tunnel is handled.
Note that OpenVPN may run in L2 mode as well, commonly known as tap device.
answered 2 hours ago
vidarlovidarlo
1416
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Is VPN a layer 3 or 5 concept? (seems to me yes?)
It's both. And it's others. The VPN software is layers 5-7, whilst commonly L3 routing is used to direct packets trough the VPN. Note that layers generally break down above layer 3; there's fuzzy boundaries.
Does openvpn use the server-client model and therefore a layer 5 approach to build VPNs?
Yes, but the result is a layer 3 tunnel. You have to differentiate between the tunnel and the software that builds it, and how traffic trough the tunnel is handled.
Note that OpenVPN may run in L2 mode as well, commonly known as tap device.
answered 2 hours ago
vidarlovidarlo
1416
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 hours ago
vidarlovidarlo
1416
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 hours ago
vidarlovidarlo
1416
answered 2 hours ago
vidarlovidarlo
1416
1416
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thanks. WHat is the tunnelling protocol provided by openvpn?
– Tim
1 hour ago
Many. As L2 tunnel? Whatever you care to throw at it.
– vidarlo
1 hour ago
add a comment |
Thanks. WHat is the tunnelling protocol provided by openvpn?
– Tim
1 hour ago
Many. As L2 tunnel? Whatever you care to throw at it.
– vidarlo
1 hour ago
Thanks. WHat is the tunnelling protocol provided by openvpn?
– Tim
1 hour ago
Thanks. WHat is the tunnelling protocol provided by openvpn?
– Tim
1 hour ago
Many. As L2 tunnel? Whatever you care to throw at it.
– vidarlo
1 hour ago
Many. As L2 tunnel? Whatever you care to throw at it.
– vidarlo
1 hour ago
add a comment |
Thanks for contributing an answer to Network Engineering Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f57734%2fis-vpn-a-layer-3-concept%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
