Organizations, Internet Service Providers (ISPs), and countries often block
their internal users from accessing certain external sites. This is called
egress filtering.
For example, to prevent work-time distraction, many companies set up their egress firewalls
to block social network sites, so their employee cannot access those sites
from inside their network. For political reasons, many countries set up egress filtering at their
ISPs to block their people from accessing
selected foreign web sites. Unfortunately, these firewalls can be easily
bypassed, and services/products that help users bypass firewalls are widely
available on the Internet. The most commonly used technology to bypass
egress firewalls is Virtual Private Network (VPN).
In particular, this technology is widely used by smartphone users that are affected by
egress filtering; there are many VPN apps (for Android, iOS, and other
platforms) that can help users bypass egress firewalls.
The learning objective of this lab is for students to see how VPN works in action and how VPN can help bypass egress firewalls. We will implement a very simple VPN in this lab, and use it to bypass firewalls. A typical VPN depends on two pieces of technologies: IP tunneling and encryption. The tunneling technology is the most essential one to help bypass firewalls; the encryption technology is for protecting the content of the traffic that goes through the VPN tunnel. For the sake of simplicity, we will only focus on the tunneling part, so the traffic inside our tunnel is not encrypted. We have a separate VPN lab, which covers both tunneling and encryption. If readers are interested, they can work on our VPN lab to learn how to build a complete VPN. In this lab, we only focus on how to use VPN tunnel to bypass firewalls.
| Please give us your feedback on this lab using this feedback form. | |
| The SEED Labs project is open source. If you are interested in contributing to this project, please check out our Github page: https://github.com/seed-labs/seed-labs. |