🌐

VLANs and VPNs

Aug 21, 2025

Overview

This lecture covers the fundamentals of local area networks (LANs), virtual LANs (VLANs), and virtual private networks (VPNs), focusing on network segmentation, efficiency, and secure remote access.

Local Area Networks (LANs)

  • A LAN (local area network) is a group of devices within the same broadcast domain.
  • Separate physical switches can be used to create distinct broadcast domains for security or traffic management.
  • Connecting devices to different switches can be inefficient due to unused switch ports and higher costs.

Virtual LANs (VLANs)

  • VLANs (virtual LANs) allow logical segmentation of networks on a single physical switch.
  • Switch interfaces are assigned to different VLANs, preventing direct communication between devices on separate VLANs.
  • VLANs are identified by numbers instead of colors (e.g., VLAN 1 for red, VLAN 2 for blue).
  • Using VLANs reduces hardware costs and simplifies network management.
  • Multiple VLANs (e.g., red, blue, green) can be managed on a single switch by configuring specific ports for each VLAN.

Virtual Private Networks (VPNs)

  • A VPN (virtual private network) securely transmits data across public networks using encryption.
  • VPNs use software and/or hardware to create an encrypted tunnel between a client device and a concentrator.
  • VPN concentrators can be standalone devices or integrated into firewalls.
  • Most modern operating systems offer built-in VPN clients or support third-party applications.
  • VPNs enable secure communication even on open or unencrypted wireless networks.
  • Data is encrypted before leaving the device, decrypted by the VPN concentrator, and vice versa for return traffic.

Key Terms & Definitions

  • LAN — Local Area Network; devices sharing the same broadcast domain.
  • VLAN — Virtual LAN; a logical grouping of devices on a single physical network, separated by configuration.
  • Broadcast Domain — Area where devices receive each other's broadcast frames.
  • VPN — Virtual Private Network; encrypted connection over a public network.
  • VPN Concentrator — Device or service managing VPN connections and encryption.
  • Encryption — Process of encoding data to prevent unauthorized access.

Action Items / Next Steps

  • Review VLAN configuration on a single switch.
  • Practice setting up a VPN connection using a client and concentrator.

Full transcript