The subject of VPN itself already brings quite a lot of new vocabulary with it, and VPN routers more specifically bring the most new terms in front of your eyes. We wish to dissipate some unwanted clouds around this topic. Understanding routers and how they can interact with a VPN is not difficult, and by presenting some crucial terms and expressions, we hope to provide an even clearer picture. By going through this glossary and our FAQ about VPN routers, you will be well on your way to understanding these devices and how they can protect any and all devices in your household through secure VPN connections.
A flashed router refers to a router that is upgraded with specific software that is not necessarily a commercially manufactured one. Flashing a router is mostly done with open source firmware software, of which Tomato and DD-WRT are the most popular and worthwile ones. This way, the device’s performance improves a lot, or “flashes” to a better state, hence the name.
Firmware is software that is not necessarily manufactured. By installing it, a router’s performance generally improves and will be capable of uses that the previous manufacturers’ own software was not capable of. Routers are generally flashed with firmware programs. Two notable examples are DD-WRT and Tomato.
Tomato is a brand of firmware software. It is a free, Linux-based program that is constantly updated. Therefore, you will most likely find it in a beta version at all times – there is no need to put out a finalized product. Originally specializing for Linksys routers, Tomato is still the best choice for this brand. Its main strength is helping your router perform better, providing an opportunity to use it to its full potential. Device support or feature support is less strong, though.
DD-WRT is also a brand of firmware. Similarly, Linux-based and free to download, this is software recommended for a bit more adept router users. Its wealth of features and excellent device support makes it capable of expanding the usage of most routers today, but some versions of DD-WRT can be less stable than others. Both Tomato and DD-WRT enable their users to establish VPN connections.
Wireless-AC is the designation of today’s wireless networking standard. It is perhaps better known by the name: Wi-Fi. Its advantage is that it grants internet access without the need for direct contact between devices (which is usually done with cables).
Ethernet refers to almost all types of internet connections that are done with direct contact (via cables). There are numerous iterations of Ethernet, as it was first implemented in the early 80s.
Wi-Fi connections spread their signals via radio waves. Dual band refers to any device that can transmit its signals via two different frequency bands: 2.4GHz and 5GHz.
802.11a, b, c, g and n refer to different standards of wireless networking. Each letter represents a different iteration, starting from 1997. Each letter represents a more improved version than the last. Wireless-AC for example bears the designation 802.11ac.
Dynamic DNS is not a type of DNS (Domain Name System, essentially the “name” of a device). It refers to a process. Dynamic DNS is the process of automatically updating a DNS address, even while your device is actively running. This is advantageous because it makes your actions on the internet harder to follow and detect.
A DNS forwarder is a server of which’s purpose is to forward DNS queries. This means that whenever there is another device contacting this server to access content on the internet, this server will transmit the device’s query, so that it can reach its desired destination. DNS forwarders are commonly used by smart DNS companies . These organizations set up (or rent) DNS servers. They do so to help people access online content they otherwise cannot. For example, there are lots of websites only available in the USA. If you want to view such a site from outside the country, a smart DNS company (or a DNS forwarder) can help you get to it, as such a server has access both to the restricted content and to areas of the planet where it is restricted.
A VLAN (Virtual Local Area Network) is an idea that is based on LAN (Local Area Network). While the latter usually means a network of interconnected computers with cables, VLAN refers to a router-based solution of a similar concept. Routers can manage data traffic through different ports, “gateways”. VLAN designates certain ports to handle specific types of data only. For example, certain ports can send or receive information to one or more certain other devices exclusively. A VLAN, or a network of VLANs is useful if you want to create networking around the planet that is isolated from the rest of data traffic.
IPv4 is the second most recent type of identification protocol (IP). An IPv4 address serves as a “license plate” for a given device on the internet, or in any other network. It is the most widespread type of IP used today.
IPv6 is the most recent type of identification protocol (IP). Much more advanced than IPv4, it is safer, more efficient and generally a better option than IPv4. However, the majority of the planet’s countries have shown little support for it since its inception in 1998.
A router can have many different uses apart from internet access. One of these is being an access point. The main difference between a router used for internet access and used as an access point, is that the latter cannot be used to spread the signal of an internet connection. It is only useful in converting a cable connection into a Wi-Fi one. An access point plugged into a regular router is usually called a Wi-Fi router, which has better conditions for internet usage than its parent device.
Within the context of routers, an access restriction refers to any rule that defines how internet access is possible for the devices you use it with. Routers upgraded by firmware are especially adept at helping you exercise more control over your online connection.
A Local Area Network (LAN) usually means computers or other devices connected to each other via cables. This enables the machines to interact with each other. LAN does not have to include an internet connection. Also, a LAN is almost always set up locally, in one or a handful of rooms.
A Wide Area Network (WAN) is essentially a LAN that is more spread out geographically. For example, a WAN network could be three devices in China, France and Egypt, connected to each other via cable. The internet can be understood as a WAN, as it connects distant machines across long distances.
Network Address Translation (NAT) is a method of converting a given IP address into other types of designations. This enables a single IP address to be used by multiple devices. As stated above, there are two prevalent types of IP addresses used today: IPv4 and IPv6. The latter exists because IPv4 can only generate a certain number of addresses. Even though it is less advantageous, it is still used much more often, because of NAT. IPv4 identifiers are regularly shared, enabling multiple devices to have networking capabilities, despite the fact that all IPv4 addresses are in use today.
Dynamic Host Configuration Protocol (DHCP) is a protocol that is responsible for devices acquiring IP addresses and other parameters necessary for an internet connection. Such servers are useful because they hand out these data automatically.
A Stateful Packet Inspection (SPI) firewall is a type of safety program that monitors data passing through a network. A certain set of data usually comes and goes in packets; SPI is responsible for checking if a given packet is actually a part of the information that is supposed to be going through the network. It is used both in the TCP and UDP types of network connections.
A Short Service Set Identifier (SSID) is a unique set of 32 characters assigned to a certain data packet. An SSID is most often used in a Wireless Local Area Network (WLAN).
WPS (Wi-Fi Protected Setup)
A Wi-Fi Protected Setup (WPS) is a simple solution for those not that adept at networking to create a safe wireless home network. This is a protocol that can almost always be set up with the help of a router’s setup screen. Most firmware today provides opportunities to do WPS.
Wi-Fi Protect Access (WPA)
Wi-Fi Protected access (WPA) is a security protocol used to shield a Wi-Fi network from harm. First appearing in 2003, it has since lived through a newer version of itself, the WPA2.
Wi-Fi Protected Access 2 (WPA2)
Wi-Fi Protected Access 2 (WPA2) is a more improved version of WPA. Unlike its predecessor, this protocol supports AES-based encryptions, which are commonly used in VPN services.
Wired Equivalent Privacy (WEP)
Wired Equivalent Privacy (WEP) is a security protocol. It can be best understood as a weaker counterpart to WPA and WPA2. For example, a WEP-enhanced device can only communicate with other WEP devices.