Apple has removed several apps offering virtual private network (VPN) services from the Russian AppStore, following a request from Roskomnadzor, Russia’s media regulator, independent news outlet Mediazona reported on Thursday.
You won’t be “on a different local network,” you’ll be accessing specific networks (or subnets) via the VPN tunnel rather than some other network interface on your machine.
So if you’re at home with a 192.168.0.0/24 network and you want to access an office resource on the 192.168.141.0/24 network, likely what will happen is your machine with have a route to 192.168.131.0/24 via the network the VPN provides (let’s just say 10.0.0.1).
Depending on how everything’s configured, the server you’re accessing might see it coming from the VPN server (masquerade) or it could very well be passed on as-is (which would only work if the server has a routing table back to you via the VPN).
Typically when people use VPNs for internet access, the traffic is sent out masqueraded so that it appears to come from the VPN’s WAN IP address.
To access a different LAN, e.g. a network at work, or your NAS at home. You configure it so your internet traffic still goes over your normal connection but only the LAN requests to the specific subnet goes over the VPN. This was the original use case they were built for (roadwarrior businessmen logging into their corporate portal from a hotel or whatever)
Yes but this isn’t the point I’m getting at — VPN doesn’t always mean you’re sending all your Internet traffic down the tunnel. You can choose to configure only specific networks to use the VPN tunnel.
Yes but this isn’t the point I’m getting at — VPN doesn’t always mean you’re sending all your Internet traffic down the tunnel. You can choose to configure only specific networks to use the VPN tunnel.
I don’t get it, why else would you use VPN if not to spoof your IP address?
when you want to be on a different local network?
You won’t be “on a different local network,” you’ll be accessing specific networks (or subnets) via the VPN tunnel rather than some other network interface on your machine.
So if you’re at home with a 192.168.0.0/24 network and you want to access an office resource on the 192.168.141.0/24 network, likely what will happen is your machine with have a route to 192.168.131.0/24 via the network the VPN provides (let’s just say 10.0.0.1).
Depending on how everything’s configured, the server you’re accessing might see it coming from the VPN server (masquerade) or it could very well be passed on as-is (which would only work if the server has a routing table back to you via the VPN).
Typically when people use VPNs for internet access, the traffic is sent out masqueraded so that it appears to come from the VPN’s WAN IP address.
To access a different LAN, e.g. a network at work, or your NAS at home. You configure it so your internet traffic still goes over your normal connection but only the LAN requests to the specific subnet goes over the VPN. This was the original use case they were built for (roadwarrior businessmen logging into their corporate portal from a hotel or whatever)
This is the right answer.
To not disclose to your internet provider the sites you are visiting.
Yes but this isn’t the point I’m getting at — VPN doesn’t always mean you’re sending all your Internet traffic down the tunnel. You can choose to configure only specific networks to use the VPN tunnel.
That’s the case of corporate VPN I believe
To ensure your unecrypted data(which is rare these days) is not clear-text in an untrusted network such as public wifi.
Yes but this isn’t the point I’m getting at — VPN doesn’t always mean you’re sending all your Internet traffic down the tunnel. You can choose to configure only specific networks to use the VPN tunnel.