I’ve read for years that a VPN creates an encrypted tunnel to the server, and from there your traffic goes to wherever you’re going.
A proxy server just sends all your traffic to the server and from there to wherever you’re going.
But if the connection to the proxy is encrypted… isn’t that the same thing as a VPN?
I’m thinking of the shadowsocks protocol, mostly. I have a DIY setup I made with Outline on a vps I pay for. The official outline app for Android doesn’t work very well, yet a shadowsocks app using the same access key works flawlessly. Wouldn’t they have to be connecting the same way…?
The idea that they work differently is a conventions thing, not a technical difference.
At the end of the day, you’re rerouting traffic through a server.
By convention:
a proxy (a server) is a thing you specifically tell a piece of software to reroute through. You may or may not encrypt the traffic.
a vpn tunnel is a thing you setup to reroute all/most traffic through for a device to a proxy. Encryption is assumed.
A VPN is called a “virtual private network” cause it’s really just a collection of interconnected proxy servers using encryption to communicate and reroute traffic. This is where “private” and “network come from and it’s “virtual” cause the rerouting is “faking” stuff.
Communicating via an encrypted proxy (assuming the proxy server is a separate machine) than it’s not really that different other than the fact how many hops and where those hops are located.
VPN services make use of distributed data centers and may enforce a minimum number of hops for privacy reasons.
Sounds like you’re deep into tech stuff, bro. VPNs and encrypted proxies both cloak your online activity, but they work a bit differently under the hood. VPNs create a secure, encrypted connection from your device to a remote server, while encrypted proxies just encrypt the data sent between your device and the proxy server. So yeah, they’re similar, but not exactly the same.
…And then there are “proxifier” apps that create a VPN connection on a phone to redirect all its traffic through the proxy. By the way: which part of phone traffic is an exception to VPN redirection?
Except you can do split tunneling with VPNs which effectively means only some defined traffic is using the tunnel and thus isn’t that different from the encrypted proxy
A VPN is typically a layer3 or layer2 tunnel. So it is operating at the networking layer, or in some cases the Internet layer. Because of this basically anything that can speak standard internet protocol, can usually operate over a VPN.
A proxy is working at the application layer, or data layer. So the software you are using must be designed to work with a proxy. If your software doesn’t support communicating over a proxy, then it might not work, or you might have to do some extra helper software.
Another pretty big difference is that a proxy usually is only useful in one direction. So you have software that uses the proxy to make outbound connections. But the opposite doesn’t work. Of course there is one big exception here for HTTP, where there is support for ‘reverse proxies’. This is possible because HTTP includes some metadata in the HTTP protocol that actually allows the reverse proxy to work. But you can’t really have a reverse proxy for other protocols unless the protocol specifically supports it.
Anyway if your goal is just encrypting your traffic between two points, and all your software supports using a proxy, then there really isn’t much difference.
But VPNs can be used for other things. VPNs are often uses in enterprises and businesses to build virtual networks over untrusted links. These virtual networks need to supports lots of clients, and lots of protocols that simply wouldn’t and/or couldn’t be configured to use a proxy. These networks need full bidirectional communication. VPNs give you a lot more flexibility, but as with pretty much everything that greater flexibility makes them more complicated to use.
I am once again reviving this thread because you are wrong, just read this.
Main use-case difference is you can’t reverse proxy the same way you can “reverse” VPN (it’s only reverse in the sense it’s the opposite direction as a proxy connection, nothing about the VPN is reversed because unlike a proxy, VPNs support their functionality bidirectionally)