Overview

A Virtual Private Network (VPN) is a private network built on top of a public network, usually the Internet. Computers inside a VPN can communicate securely, just like if they were on a real private network that is physically isolated from outside, even though their traffic may go through a public network. VPN enables employees to securely access a company's intranet while traveling; it also allows companies to expand their private networks to places across the country and around the world.

The objective of this lab is to help students understand how VPN works. We focus on a specific type of VPN (the most common type), which is built on top of the transport layer. We will build a very simple VPN from the scratch, and use the process to illustrate how each piece of the VPN technology works. A real VPN program has two essential pieces, tunneling and encryption. This lab only focuses on the tunneling part, helping students understand the tunneling technology. The tunnel in this lab is not encrypted. There is another SEED lab that focuses on the encryption part.

Tasks (PDF)

• VM version: This lab has been tested on our SEED Ubuntu-20.04 VM
• Lab setup files
  • Labsetup.zip
  • Labsetup-arm.zip (for Apple Silicon machines)
• Manual:: Docker manual

Time (Suggested)

• Supervised (closely-guided lab session): 2 - 3 hours
• Unsupervised (take-home project): 1 week

SEED Videos

• Udemy: Internet Security: A Hands-on Approach (§ 8)
• Identical videos are available on NetEase (for Mainland China)

SEED Books (English) (Chinese)

• Computer & Internet Security: A Hands-on Approach, 3rd edition (§ 22)
• Internet Security: A Hands-on Approach, 3rd edition (§ 8)

Feedback and Help