🌐

Understanding LAN, VLAN, and VPN Concepts

Apr 3, 2025

Local Area Network (LAN) and VLANs

Definition of LAN

  • A Local Area Network (LAN) is a group of devices within the same broadcast domain.
  • Example setup:
    • Two switches: Red switch and Blue switch.
    • Devices on the Red network are in one broadcast domain.
    • Devices on the Blue switch are in a separate broadcast domain.
    • Used for security and to limit broadcasts.

Inefficiencies in Traditional LANs

  • Requires multiple separate switches.
  • Increased cost and effort in maintenance (power, configuration, management).
  • Underutilization of switch interfaces due to buying more switch capacity than needed.

Virtual LAN (VLAN)

  • VLAN Concept: Logical grouping of devices in the same broadcast domain across a single physical switch.
  • Benefits:
    • Reduces need for multiple switches.
    • Offers same functionality in a cost-effective manner.
    • Manages network separation logically rather than physically.

VLAN Implementation

  • Can have multiple VLANs on a single switch (e.g., Red, Blue, Green networks).
  • Assigns specific ports on a switch to different VLANs:
    • Port 1: Red network (VLAN 1)
    • Port 9: Blue network (VLAN 2)
    • Port 17: Green network (VLAN 3)
  • Reduces costs by using a single switch for multiple networks.

Virtual Private Network (VPN)

Definition and Purpose

  • VPN: A technology to securely send information over a public network (internet).
  • Encrypts data to secure it from unauthorized access during transmission.

VPN Components

  • VPN Client: Software on a user device to connect to a VPN.
  • VPN Concentrator: Device that manages VPN connections, either standalone or integrated into another device like a firewall.
  • Encryption/Decryption Process:
    • Data sent by the client is encrypted.
    • VPN concentrator decrypts incoming data and forwards it to the corporate network.
    • Outgoing data from the network is encrypted by the concentrator before being sent to the client.

VPN Usage

  • Common in modern operating systems.
  • Ensures security on open networks (e.g., public Wi-Fi).
  • Provides an encrypted tunnel for data between client and concentrator.
  • Can be always-on or enabled manually by the user.
  • Automatic behind-the-scenes operation once activated.

Full transcript