A virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables a computer or network-enabled device to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security and management policies of the private network.[1] A VPN is created by establishing a virtual point-to-point connection through the use of dedicated connections, virtual tunneling protocols, or traffic encryption. Major implementations of VPNs include OpenVPN and IPsec. A VPN connection across the Internet is similar to a wide area network (WAN) link between websites. From a user perspective, the extended network resources are accessed in the same way as resources available within the private network.[2] One major limitation of traditional VPNs is that they are point-to-point, and do not tend to support or connect broadcast domains. Therefore communication, software, and networking, which are based on layer 2 and broadcast packets, such as NetBIOS used in Windows networking, may not be fully supported or work exactly as they would on a real LAN. Variants on VPN, such as Virtual Private LAN Service (VPLS), and layer 2 tunneling protocols, are designed to overcome this limitation. VPNs allow employees to securely access their company's intranet while traveling outside the office. Similarly, VPNs securely connect geographically separated offices of an organization, creating one cohesive network. VPN technology is also used by individual Internet users to secure their wireless transactions, to circumvent geo restrictions and censorship, and to connect to proxy servers for the purpose of protecting personal identity and location


VPNs in mobile environments
Main article: Mobile virtual private network Mobile VPNs are used in a setting where an endpoint of the VPN is not fixed to a single IP address, but instead roams across various networks such as data networks from cellular carriers or between multiple Wi-Fi access points.[27] Mobile VPNs have been widely used in public safety, where they give law enforcement officers access to mission-critical applications, such as computer-assisted dispatch and criminal databases, while they travel between different subnets of a mobile network.[28] They are also used in field service management and by healthcare organizations,[29] among other industries. Increasingly, mobile VPNs are being adopted by mobile professionals who need reliable connections.[29] They are used for roaming seamlessly across networks and in and out of wireless coverage areas without losing application sessions or dropping the secure VPN session. A conventional VPN cannot survive such events because the network tunnel is disrupted, causing applications to disconnect, time out,[27] or fail, or even cause the computing device itself to crash.[29] Instead of logically tying the endpoint of the network tunnel to the physical IP address, each tunnel is bound to a permanently associated IP address at the device. The mobile VPN software handles the necessary network authentication and maintains the network sessions in a manner transparent to the application and the user.[27] The Host Identity Protocol (HIP), under study by the Internet Engineering Task Force, is designed to support mobility of hosts by separating the role of IP addresses for host identification from their locator functionality in an IP network. With HIP a mobile host maintains its logical connections established via the host identity identifier while associating with different IP addresses when roaming between access networks.


VPN on Routers
 With the increasing use of VPNs, many have started deploying VPN connectivity on routers for additional security and encryption of data transmission by using various cryptographic techniques. Setting up VPN services on a router will allow any connected device(s) to use the VPN network while it is enabled. This also makes it easy to set up VPNs on devices that do not have native VPN clients such as Smart-TVs, Gaming Consoles etc. Provisioning VPN on the routers will also help in cost savings and network scalability. Many router manufacturers like Cisco Linksys, Asus and Netgear supply their routers with built-in VPN clients. Since these routers do not support all the major VPN protocols, such as OpenVPN, many tend to flash their routers with alternative open source firmwares such as DD-WRT, OpenWRT and Tomato which support multiple VPN protocols such as PPTP and OpenVPN. Limitations: Not every router compatible with open source firmware which depends on the built-in flash memory and processor. Firmwares like DD-WRT require a minimum of 2 MiB flash memory and Broadcom chipsets. Setting up VPN services on a router requires a deeper knowledge of network security and careful installation. Minor misconfiguration of VPN connections can leave the network vulnerable. Performance will vary depending on the ISP and their reliability.