Types of VPN Tunneling

Voluntary and compulsory tunneling are both supported and widely used by VPN (a Virtual Private Network). 

  • Voluntary Tunneling

With voluntary tunneling the connection is managed online by the VPN client. What this means is that the client will make a connection primarily to their ISP (internet service provider) or carrier network provider and the VPN client application in the next step creates a “tunnel” to a secured VPN server. This tunnel is created over the live connection.

  • Compulsory Tunneling

The primary difference between the voluntary and the compulsory tunneling is that with compulsory tunneling the VPN connection setup is managed by the carrier network provider.  Initially the client makes their usual connection to the internet via their carrier (ISP). This carrier then immediately forges a secure VPN connection between the VPN server and the client.

  • What is the Difference?

The difference between these two connections from a client point of view is that a with a compulsory tunneling setup the VPN connection is made with just one step as opposed to a two-step connection procedure as with the voluntary tunneling.

With compulsory VPN tunneling the details of a VPN server’s connection remains hidden from the VPN client and the management of the connection over the tunnel is transferred from the client to the ISP. Service providers are then responsible for taking on the task of installing and maintaining all FEP devices (the Front End Processor which is also referred to as the Network Access Server or Point of Presence Server). These devices have built-in logic which enables compulsory tunneling to recognise and associate a client with their specific server.

  • VPN Tunneling Protocols

As VPN is a popular solution these days several computer network protocols have been designed and implemented purely for the use of VPN tunnels. Of the numerous protocols in place the following three, which are generally incompatible with each other remain the popular choice and as such work continually to compete for the top spot and acceptance in the industry.

  • Point-to-Point Tunneling Protocol (PPTP)

The PPTP specification is the brainchild of several corporations who collaborated on its creation. PPTP is generally accepted as being associated with Microsoft as Windows do include a recognised built-in client which offers support for PPTP. Microsoft reports that they are continuing to work on and improve PPTP as initial findings by many in the industry found that it has some security features that weren’t up to the task required of them for on-going and constant serious use.

  • Layer Two Tunneling Protocol (L2TP)

PPTP’s original competitor in terms of VPN tunneling was L2F which was initially and predominately implemented into Cisco products. To develop L2F further the most successful elements of it and PPTP were spliced together in order to form the newer and some say more robust L2TP which, much like PPTP exists in the OSI model at data link layer (two).

  • Internet Protocol Security (IPsec)

IPsec may be used as a simple encryption scheme within L2TP or PPTP, or as a whole VPN protocol solution in its own right. IPsec is formed out of a collection of related protocols and is found on the third layer (the network layer) of the OSI model.