Difference between Remote Access VPN and Site-to-Site VPN

Shashank Gidbidi 10 Dec, 2019

Information

Difference between Remote Access VPN and Site-to-Site VPN

VPNs are used by businesses to extend private networks over the public internet, allowing remote workers to connect to a company’s LAN (local area network).

There are two basic VPN types used to achieve this networking solution: Remote-Access VPNs and Site-to-Site VPNs.

What is a Remote-Access VPN?

Remote-access VPNs were originally introduced as a way for employees working anywhere in the world to securely connect with their company’s remote LAN. Remote workers can access secure resources on their company’s LAN as though they were plugged into the LAN.

As with all VPNs, remote-access VPNs aim to provide security for your data. With remote-access VPNs, the device of the remote user is in charge of encrypting and decrypting data that is either sent or received.

A remote-access VPN requires a NAS (network access server), or VPN gateway, to auhenticate the credentials of any device attempting to sign into the VPN. It’s actually the NAS or VPN gateway that you, a remote user, connect with when you want to use a remote-access VPN.

In general, remote access to a VPN also requires that your device be equipped with client software. This VPN client software communicates with the VPN gateway, which authenticates you as a remote user, and creates a secured “virtual” tunnel between the LAN and the gateway.

Once the tunnel is created, any data you send from this device is encapsulated and encrypted by your remote-access VPN, and then sent to the VPN gateway that sits just outside the remote LAN. The VPN gateway then decrypts your traffic and relays the data to the LAN.

Not only is all traffic sent through the virtual tunnel secured, but any traffic you receive from the local network (or its servers) also travels through this tunnel in reverse and is secured. The VPN gateway encrypts the incoming traffic (to you) which is then received by your VPN client.

What is a Site-to-Site VPN?

Whereas remote-access VPNs securely connect individual devices to a remote LAN, site-to-site VPNs securely connect two or more LANs in different physical locations. Site-to-site VPNs use the public internet to extend your company’s network across multiple office locations.

There are two common types of site-to-site VPNs: Intranet-based and Extranet-based. Intranet-based site-to-site VPNs are used to combine the LANs of multiple office locations into one single private network, which would then be known as a WAN (Wide Area Network).

Extranet-based site-to-site VPNs, on the other hand, allow your company to use the public internet to connect its LAN with those of other companies, customers, or communities. This allows your company to share information with its partners, while still securing its LAN (intranet). With a site-to-site VPN, the VPN gateway of one remote LAN communicates with the gateway of another LAN (or HQ network) to create a secure tunnel. Unlike remote-access VPNs, the remote devices don’t need a VPN client, but rather send normal traffic through the VPN gateways.

In the absence of VPN clients, the VPN gateways are in charge of authentication of the user and the network, encryption, and the integrity of the data. The gateway receives the encrypted data, decrypts it, and then sends the data to the target device in the network.

The tunnel created by the site-to-site VPN, allows your company to share its network and resources between its main and remote branches – no matter the distance. Devices on one LAN can communicate with devices on the other LAN as though they are part of the same network.

ePrompto - Your Tech Mitra.

Was this article helpful? Yes No