Code-Memo

VPNs & Private Networking

What VPNs do

• Create an encrypted tunnel over an untrusted network (Internet) to connect endpoints privately.
• Protects traffic in transit and can extend private addressing across sites.

Site-to-site vs client VPN

• Site-to-site: connects two networks (on‑prem ↔ cloud VPC) via gateways.
• Client VPN: connects an individual user/device into a private network.

Tunnels

• Typically built with IPsec (IKE + ESP) or SSL/TLS-based VPNs.
• Key concerns: routing, MTU/MSS issues, split tunneling, rekeying, high availability.

Private connectivity in cloud

• Options include VPN, private peering, dedicated circuits, and private endpoints to services.
• Choose based on bandwidth/latency needs, compliance, and operational complexity.