Вы находитесь на странице: 1из 12


A virtual private network (VPN) extends a private network across a public

network, and enables users to send and receive data across shared or public
networks as if their computing devices were directly connected to the private
network. ("In the simplest terms, it creates a secure, encrypted connection,
which can be thought of as a tunnel, between your computer and a server
operated by the VPN service."[1]) Applications running across the VPN may
therefore benefit from the functionality, security, and management of the
private network.

VPNs may allow employees to securely access a corporate intranet while

located outside the office. They are used to securely connect geographically
separated offices of an organization, creating one cohesive network. Individual
Internet users may secure their wireless transactions with a VPN, to circumvent
geo-restrictions and censorship, or to connect to proxy servers for the purpose of
protecting personal identity and location. However, some Internet sites block
access to known VPN technology to prevent the circumvention of their geo-

A VPN is created by establishing a virtual point-to-point connection through the

use of dedicated connections, virtual tunneling protocols, or traffic encryption.
A VPN available from the public Internet can provide some of the benefits of a
wide area network (WAN). From a user perspective, the resources available
within the private network can be accessed remotely.

Traditional VPNs are characterized by a point-to-point topology, and they do

not tend to support or connect broadcast domains, so services such as
Microsoft Windows NetBIOS may not be fully supported or work as they would on
a local area network (LAN). Designers have developed VPN variants, such as
Virtual Private LAN Service (VPLS), and layer-2 tunneling protocols, to overcome
this limitation.
Example of VPN
Health Care Company Intranet Deployment

Here we have a health care company that's deploying an intranet.

Well, why would they care so much about security? Your health records are
something that you want to be secure. This is information that you don't want
non-authorized personnel to have access to. So you can see on the figger, the
company has a number of remote centers.

In this case, these are like doc-in-the-box, those little new medical clinics that
are springing up. So those are relayed back to a primary network and back to
the association where the primary hospital that these different medical centers
are associated with resides.

So a lot of more sophisticated databases, etc., can be back at the hospital, and
they can share the Internet and, with confidence, share medical data that they
don't want to have published to the outside world.

Branch Office or Telecommuters

Another example would be branch offices or perhaps telecommuters.

So the challenge is getting a cost-effective means to connect those small

offices that maybe can't afford a leased line or a leased line wouldn't be
appropriate for. And so with IPSec, you can encrypt the traffic from the remote
sites to the enterprise.


This is the simplest network topology to construct using SoftEther VPN. A PC-to-PC
VPN is most useful under the following conditions:

Only one to a few dozen computers will connect to the VPN.

VPN Client can be installed on each of the client computers.
The VPN network does not need to be able to connect to a physical LAN.
(When you want the entire network to be the VPN only.)

In order to connect to the VPN using this method you must install VPN Client on
each client computer. VPN Client will then directly connect to the layer 2
network created by the Virtual Hub on a VPN Server connected to the Internet.

Using this method you can set up a VPN which will allow only those computers
connected to the Virtual Hub via a physical network such as the Internet to
communicate with each other. Therefore, as long as functions such as local
bridging or routing on a client computer are not used the physical network will
not affect the VPN and vice-versa.

Furthermore, once you have VPN Client installed you can use the startup
connection feature explained in 4.4 Making Connection to VPN Server to stay
connected to a specified VPN server's Virtual Hub whenever the computer is on.
By installing VPN Client on a server computer and having it stay connected to a
specified VPN at all times, you can set up a server which can only be accessed
by computers connected to that VPN.

Please refer to section 10.3 Build a PC-to-PC VPN for more detailed information
on how to build a PC-to-PC VPN.

Setting up a server which can only be accessed via the VPN.


A remote access VPN is used to allow remote access from an external location
to a physical layer 2 network.

Using this type of VPN it is possible to connect to a company LAN from outside
the office (for example, from an employee's house or from a hotel on a business
trip) just as if they were connected by an extremely long Ethernet cable.

To use a remote access VPN you will make a connection between the network
adapter connected to the LAN and the VPN Server's Virtual Hub. This is achieved
via a local bridge, which is explained in section 3.6 Local Bridges. As a result, a
VPN Client connected to the proper Virtual Hub will automatically be
connected to the LAN connected by the local bridge, and will be able to
operate through the VPN as if it was right there inside the office.

Please refer to section 10.4 Build a Generic Remote Access VPN for more
detailed information on how to build a remote access VPN.

Remote Access VPN.


A LAN-to-LAN VPN links existing physical layer 2 networks at different sites

together into a single network.

By using SoftEther VPN you can create a faster, more flexible, and more stable
LAN-to-LAN network compared to current layer 3 based LAN-to-LAN
connections such as private network services, frame relay services, or older VPN
protocols such as L2TP/IPSec and layer 2 based connections such as wide area

To connect more than 2 LANs together you must install VPN Server on one LAN
(such as at your company's main office) and VPN Bridge on all the others. Now
you have two options. On each LAN, connect the Virtual Hub to the physical
network adapter via a local bridge connection or create a cascade
connection to the VPN Server from VPN Bridge. This will allow layer 2 segments at
different sites to function as a single segment.
You can also use layer 3 routing instead of layer 2 bridging. To do this, use the
Virtual Layer 3 Switching function described in section 3.8 Virtual Layer 3

Please refer to sections 10.5 Build a LAN-to-LAN VPN (Using L2 Bridge) and 10.6
Build a LAN-to-LAN VPN (Using L3 IP Routing) for more detailed information on
how to build a LAN-to-LAN VPN.

A flowchart is a type of diagram that represents an algorithm, workflow or
process, showing the steps as boxes of various kinds, and their order by
connecting them with arrows. This diagrammatic representation illustrates a
solution model to a given problem. Flowcharts are used in analyzing, designing,
documenting or managing a process or program in various fields.

Flowcharts are used in designing and documenting simple processes or

programs. Like other types of diagrams, they help visualize what is going on and
thereby help understand a process, and perhaps also find flaws, bottlenecks,
and other less-obvious features within it. There are many different types of
flowcharts, and each type has its own repertoire of boxes and notational
conventions. The two most common types of boxes in a flowchart are:

a processing step, usually called activity, and denoted as a rectangular

a decision, usually denoted as a diamond.

A flowchart is described as "cross-functional" when the page is divided into

different swimlanes describing the control of different organizational units. A
symbol appearing in a particular "lane" is within the control of that
organizational unit. This technique allows the author to locate the responsibility
for performing an action or making a decision correctly, showing the
responsibility of each organizational unit for different parts of a single process.

Flowcharts depict certain aspects of processes and they are usually

complemented by other types of diagram. For instance, Kaoru Ishikawa defined
the flowchart as one of the seven basic tools of quality control, next to
the histogram, Pareto chart, check sheet, control chart, cause-and-effect
diagram, and the scatter diagram. Similarly, in UML, a standard concept-
modeling notation used in software development, the activity diagram, which is
a type of flowchart, is just one of many different diagram types.

Common alternative names include: flow chart, process flowchart, functional

flowchart, process map, process chart, functional process chart, business
process model, process model, process flow diagram, work flow diagram,
business flow diagram. The terms "flowchart" and "flow chart" are used

The underlying graph structure of a flowchart is a flow graph, which abstracts

away node types, their contents and other ancillary information.

Am I Admitted to No.1 High School?

Entering into No.1 High School is the dream of most students. This simple
flowchart tells them the basic requirement of No.1 High School. Students can
make out the study plan according to their own situation to realize their dream.
Should I do My Homework Now?

This funny flowchart vividly shows that doing homework is an unavoidable and
annoying thing for almost all the students. They usually never do it until to the last
What Kind of TV Should I Watch?

Watching TV is a common entertainment activity after school, but it is hard to

choose what kind of TV to watch cause there are so many types of TV plays.
And below flowchart graphically depicts the dilemma.
What to Eat for Lunch on Sunday?

This flowchart vividly describes a common Sunday when mom is not at home
and you are wondering what to eat.
Choose a Favorite Fruit

Do not know which fruit is your favorite fruit? Creating a flowchart like below to
find out your answer.