VPN tunnel: What is it and how does it work?


A VPN tunnel — short for virtual private network tunnel — can provide a way to cloak some of your online activities. Learn more.

A Virtual Private Network (VPN) tunnel is an encrypted link between your computer or mobile device and an outside network. In 2015, CNET reported that around 16 per cent of Australians were using a VPN to protect their privacy online1.

A VPN tunnel allows for your IP address to be hidden and encrypts all data you generate while using the web.

But why is this so important?

Much like your home address, an IP address identifies your location while online. Whether you are using your smartphone, laptop, computer, or tablet, your online activity can easily be tracked by potential threats. This means without a VPN, businesses, government bodies, or even hackers, have access to your personal information and browsing activity.

Are you worried yet?

Don’t fret; if you are prepared, you can maintain your safety. A VPN acts similar to a shield, protecting you from harms way.

Using one is highly recommended when you’re logging onto the internet using public Wi-Fi at hotels, coffee shop, or library.

How does VPN tunnelling work?

To connect to the internet through a VPN tunnel, you'll first have to sign up with a virtual private network service, better known as a VPN. The VPN is the key to hiding your IP address and hiding your information from predators.

Before visiting websites, you'll log into your VPN provider’s service. When you then start searching online, the websites you visit and your internet service provider — ISP, for short — won't see your IP address. Instead, they'll see the IP address of your VPN provider, helping to protect your privacy.

Put simply, when you click on links or download files from a site, no one will be able to see this activity. Figuratively, your VPN provider has built a tunnel around your online activity, providing a barrier between it and everyone else.

Using a VPN alone may not be enough to protect your online privacy. That’s why you need a VPN provider that takes further measures to encrypt the data you send and receive while you are online. When your data is encrypted, it is scrambled, preventing external bodies from interpreting and deciphering it.

When you enable this added layer of protection, businesses, governments, or even hackers, won't be able to track your online activity.

Hiding your IP address and encrypting the data you send and receive is a powerful combination to help keep your online browsing sessions private.

VPN tunnel protocols

Not all VPN tunnels are equally effective in protecting your online privacy. The type of tunnelling protocol your VPN provider uses determines the strength of the tunnel.

Outdated protocols may provide weaker data encryption, reducing your defence against internet spies. It is imperative to choose a VPN provider that use adopts the most robust tunnelling protocol possible.

PPTP – A Hacker’s Prey

Point to Point Tunnelling Protocol (PPTP) is a dated version, that is still in use today. It may be incredibly fast, but this is at the expense of strength and protection.

The data encryption is weakened alongside its lightning-fast speed, meaning it is much easier for external parties to prey on your details.

This form is ‘dated’ for a reason; therefore, stronger levels of protection are encouraged.

L2TP/IPSec – Tortoise-speed Net Surfing

Layer 2 Tunnelling Protocol (L2TP), combined with Internet Protocol Security (IPSec), provides slightly stronger protection. This protocol offers two stages of protection - explaining its name. L2TP and IPSec portions of this protocol create their encryption, resulting in two layers of safety.

The downside? This type of tunnelling protocol, because of the two layers of encryption, can result in slower online connection speeds. Additionally, L2TP/IPSec used fixed ports, meaning it sometimes get blocked by firewalls.

SSTP – A Small Window of Opportunity

Secure Socket Tunnelling Protocol (SSTP) is unusual because it is only available on Windows operating systems. This type of tunnelling doesn’t use fixed ports, so can easily pass through firewalls. Its protocol is very secure, making it a safer choice. It also doesn't use fixed ports, so it's easier for SSTP to get through firewalls.

The problem, of course, is the ‘small window of opportunity’ in operating system choice. This protocol, being limited to Windows only, blocks out a lot of potential users.

OpenVPN – Your Best Bet

If you're looking for the most reliable protection while online, you should consider investing in a VPN service provider that relies on the OpenVPN protocol.

This protocol overcomes the limitations with SSTP by being able to use all major operating systems, Linux, Window, and Mac, on the mobile operating systems of Android and iOS. An Open VPN is suitable even for an independent operating system, such as FREEBSD, NetBSD, Solaris, or OpenBSD.

OpenVPN is considered the best form of VPN tunnelling protocol due to its ability to pass through firewalls and strong encryption capabilities. Depending on your provider, OpenVPN can also transfer information at fast speeds.

Protecting your privacy while online

The key to VPN tunnelling is to actually use the service. It is integral to first connect to your VPN provider before accessing the internet. Skipping this step will mean your identity or personal data at risk.

In 2015, the ABC (Australia Broadcasting Corporation) reported that Australian internet service providers (ISPs) are required to collect and store their customer’s metadata for a minimum of two years2. This metadata includes information such as all your personal details associated with your account, your IP address and the destination of all your communications.

To ensure you're completely protected, it is essential to enable VPN protection across all your devices. You may use the best VPN on your laptop, however, failing to utilise on your other devices will still leave you susceptible to internet threats.

The bottom line? VPN tunnelling is essential in this day and age to maintain online privacy (just make sure you’re logged into it first).


1 “VPN use skyrockets in Australia amid privacy concerns” cnet.com, April 13, 2015. https://www.cnet.com/news/vpn-use-increases-in-australia-amid-data-retention-and-piracy-concerns/

2 “Majority of ISPs not ready for metadata laws that come into force today” abc.net.au, October 13, 2015. https://www.abc.net.au/news/2015-10-13/majority-of-isps-not-ready-to-start-collecting-metadata/6847370.

Dan Rafter
  • Dan Rafter
  • Freelance writer
Dan Rafter is a freelance writer who covers tech, finance, and real estate. His work has appeared in the Washington Post, Chicago Tribune, and Fox Business.

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 


    Want more?

    Follow us for all the latest news, tips and updates.