0

Does anyone know how the traffic behaves if you configure a VPN natively through SSTP (WIN or MAC)?

Because most applications use the TCP, but Skype uses UDP.

I try to formulate more specific questions:

  1. Is it true that the VPN works over TCP or via UDP, but not both at the same time?
  2. If I set up VPN over TCP, is not there some kind of IP leakage in the case of using Skype (UDP)?
Anders
  • 64,406
  • 24
  • 178
  • 215
ideloxew
  • 497
  • 1
  • 5
  • 16
  • 2
    A properly configured VPN should tunnel both TCP and UDP (as well as any other transport layer protocols) equally. – Philipp May 12 '16 at 09:03

2 Answers2

3

VPN stands for Virtual Private Network. A real VPN works like a virtual network interface and transports any kind of traffic, i.e. TCP, UDP, ICMP.. . In this case it does not matter which protocol is used by the VPN itself.

But note that some products are called VPN even if they are not handling all network protocols but only deal with some protocols. For instance Opera VPN is just a proxy, which means that it only cares about traffic from the browser and not all the other traffic at the system (like traffic from Skype).

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
  • Does it mean that VPN use udp OR tcp just inside VPN? But when traffic go out from VPN - it's can be UDP and TCP, both at same time (In this case it comes out already encrypted)? I draw a scheme to show what I mean: http://imglink.ru/show-image.php?id=6c4f39b7e28611054229d99a83ec8c41 Is that correct? – ideloxew May 13 '16 at 12:49
  • @ideloxew: a VPN is like a container ship which transports various kind of goods. Which goods (i.e. UDP or TCP) it does not matter because it is all inside a container. The exact type and route of ship does not matter. It only matters how the goods get into the container and onto the ship (local VPN program providing a virtual network card) and how they got from board (at the VPN endpoint). So the schema you have drawn is correct. – Steffen Ullrich May 13 '16 at 12:56
1

Steffen already answered the VPN portion of this question, so I will answer the Skype portion of it. The latest versions of Skype have addressed "hiding your IP"

enter image description here

The reality is, even if Skype doesn't tell me your IP address, I can open up Wireshark or TCPDUMP to figure out who you are. So let's jump back to "leakage." Define what you mean by leakage. For example, this is how "true" leakage would work:

You (192.168.1.2) --> YourRouter (2.2.2.2) --> Skype --> Callee (person you call)
Callee --> Look at Skype --> I see 192.168.1.2

This is leakage since it goes beyond your router. Let's look at it with a VPN provider:

You (192.168.1.2) --> YourRouter (2.2.2.2) --> VPN_Provider (3.3.3.3) --> Skype --> Callee (person you call)
Callee --> Look at Skype --> I see 192.168.1.2

This is leakage because they're going behind your VPN Provider. If you're concerned with a potential aggressor seeing a connection from 3.3.3.3 you have little to worry about. Can you further define: "leakage" what is it you are concerned with someone seeing, that they would not be able to via Wireshark or TCPDUMP? There was a discussion on Reddit a while back on data leakage and hiding your IP on Skype, but someone with intent can potentially still get your address without seeing it in Skype.

munkeyoto
  • 8,682
  • 16
  • 31