The existing network infrastructure of the corporation can be prepared for using the VPN both with the help of software and with the help of hardware. The organization of a virtual private network can be compared to laying a cable through a global network. Typically, a direct connection between the remote user and the tunnel end device is established via PPP.
The most common method for creating VPN tunnels is to encapsulate network protocols (IP, IPX, AppleTalk, etc.) in PPP and then encapsulate the generated packets into the tunneling protocol. Typically, the latter is to hide IP address or (much less often) ATM and Frame Relay. This approach is called second level tunneling since the “second person” is the “passenger” here.
An alternative approach is the encapsulation of the network protocol packets directly into the tunneling protocol (for example, VTP) is called a third layer tunneling. Regardless of which protocols are used or what goals are pursued in the organization of the tunnel, the basic methodology remains virtually unchanged. Typically, one protocol is used to establish a connection to a remote node, and the other is used to encapsulate data and overhead information for transmission through a tunnel.
NAT translates network addresses, not VPNs. And the VPN does not hide the IP address. The computer used 2 networks: local and VPN. To access the Internet, a VPN was used, correspondingly all traffic went through the VPN gateway and naturally the source IP was 213.h.h.h. If you turned to the computers of the local network, the source IP would be 10.h.kh.h. Depending on the path on which the traffic is going, this or that network source address will be selected.
Information about your traffic is transferred to a third party. VPN Client Software providers are often asked in an interview, “Do you keep logs?”. They answer: “No, no, of course not!”. But no one believes them. And there are reasons for that.
In the license agreements of many VPN providers, it is openly written that the user does not have the right to violate copyrights, run hacker programs, send out spam and in the case of violation the account is blocked without returning funds. Example: ExpressVPN Term of Service. It says that the user’s actions on the network are monitored.
And some smart VPN providers, for example, Astrill, require SMS confirmation to activate the account. Do you want to hide your IP and encrypt traffic? Ok, but just leave a phone number.
And questionnaires when registering accounts sometimes exaggerate unnecessary questions. For example, why should a VPN provider have a zip code of a person? To send gifts for Christmas?
The identity of the user can also be identified by bank cards (or through the purses of payment systems, through which the virtual cards are replenished). Some VPN providers lure users by accepting cryptocurrencies as payment. This is a plus to anonymity.