πŸŒ™ LATE NIGHT MODE ACTIVATED β€” THE CLOWN IS WATCHING πŸŒ™
Home β†’ Resources β†’ Basics β†’ Types Of VPN

Types Of
VPN.

"VPN" covers five distinct categories that solve different problems. Most articles only describe consumer/personal VPNs. Here's the full taxonomy.

1. Personal VPN (the consumer kind)

The category most people mean by "VPN" today. A subscription or free service that gives you an app, which encrypts your device's traffic and routes it through the provider's servers. The product is privacy + IP masking for individuals.

Examples: ClownVPN, NordVPN, ExpressVPN, ProtonVPN, Surfshark, Mullvad, IVPN, TunnelBear, Windscribe.

Best for: public WiFi safety, stopping your ISP from logging your destinations, hiding your IP from random websites you visit.

Sub-flavors of personal VPN

  • Standard server-based (what we do): provider runs servers, you connect to them. Most consumer VPNs work this way.
  • Peer-to-peer "VPN" (Urban VPN, Hola): user devices route each others' traffic. Different trust model, covered in detail here.
  • Self-hosted personal VPN: you run a WireGuard or OpenVPN server on a $5/mo VPS. Powerful but you only have one IP (your server's) and you're responsible for ops.

2. Remote-access VPN (the corporate kind)

The original VPN use case from the 1990s. A company has an internal network with file servers, intranet sites, ticket systems, etc. Employees who work remotely need access. The company runs a VPN server that lets authenticated employees connect to the internal network as if they were physically in the office.

Examples: Cisco AnyConnect, Palo Alto GlobalProtect, Fortinet FortiClient, OpenVPN Access Server, your company's custom deployment.

Best for: employees accessing internal company resources. Not designed for personal privacy.

Key differences from personal VPN:

  • Goal is access to a specific network, not "hide my IP".
  • You authenticate with corporate credentials.
  • Traffic to non-company destinations might still go out your local internet, not through the VPN (split tunneling is common in corporate setups).
  • Your employer can monitor traffic that goes through the corporate VPN. Don't do personal stuff on it.

3. Site-to-site VPN (network engineering)

Connects two entire networks together, not individual devices. A company with offices in San Francisco and London might use a site-to-site VPN so devices on the SF network can directly reach servers on the London network, all encrypted.

Examples: Cisco DMVPN, AWS VPN Gateway, Azure VPN Gateway, generic IPsec tunnels between routers.

Best for: infrastructure-level connectivity between offices, data centers, or cloud regions. Not a consumer product.

You as an end user never directly interact with a site-to-site VPN β€” it's between network devices. But it might be the reason a device on your work network can reach a server in another office without going through the public internet.

4. Mesh VPN (modern)

A newer architecture: each device runs the VPN software and forms a peer-to-peer encrypted network with other devices in the same "tailnet" or "mesh". No central server is in the middle of every connection. Your phone in NYC can directly reach your laptop in Berlin, through their shortest network path, all encrypted end-to-end.

Examples: Tailscale, ZeroTier, NordVPN's Meshnet feature, Cloudflare WARP+Connector (sort of), Nebula by Slack.

Best for: connecting your own devices across the public internet (home server, file server, personal cloud). Some businesses also use mesh VPNs to replace traditional remote-access setups because they're simpler to operate.

Mesh VPNs don't typically replace personal VPNs β€” they solve the "connect my devices to each other" problem, not the "hide me from the public internet" problem. Though you can set up an exit node in your mesh and route through it.

5. Cloud VPN

Generic term for VPN services hosted in cloud infrastructure. Two flavors:

5a. Consumer cloud VPN

Personal VPN services that happen to run servers in cloud datacenters (AWS, Linode, OVH). Most consumer VPNs are "cloud" VPNs in this loose sense. The marketing label doesn't change the product.

5b. Enterprise cloud-vendor VPN

Services like AWS Client VPN, GCP Cloud VPN, Azure VPN Gateway. You bring your own infrastructure, set up the VPN endpoint in a cloud region, and use it as a remote-access or site-to-site VPN to your cloud resources.

Examples: AWS Client VPN, Azure VPN Gateway, GCP Cloud VPN.

Best for: companies that operate primarily in cloud infrastructure and want VPN connectivity into their private cloud networks.

Which one are you actually looking for?

I want to…The right tool
Hide my IP / encrypt my browsingPersonal VPN (us)
Access my company's internal appsRemote-access VPN (set up by IT)
Connect my home server to my laptop whereverMesh VPN (Tailscale)
Encrypt traffic between my two office networksSite-to-site VPN (network engineer territory)
Securely access cloud resourcesCloud-vendor VPN (AWS / GCP / Azure)
Be anonymous on the webTor (not a VPN)

Related reading

πŸŽͺ FAQ

Which type of VPN is ClownVPN?
Personal VPN. We run servers in our infrastructure and provide an Android app that tunnels your device's traffic through them. Same category as NordVPN, ExpressVPN, ProtonVPN, etc. We aren't a remote-access VPN for corporate networks or a site-to-site VPN for connecting offices.
Can I use a personal VPN for work?
Sometimes. If your employer requires a corporate VPN to access internal resources, that's a remote-access VPN β€” different from us. A personal VPN can be used on top (for privacy on public WiFi while doing work) but you'd run both at once, which Android allows but each individual VPN session blocks others. Check your IT team's policy.
What's a 'mesh VPN'?
A mesh VPN (Tailscale, NordVPN's Meshnet, etc.) lets your devices form a private network with each other β€” no central server in the middle. Your phone can directly reach your home PC even from a different city, all encrypted. Useful for personal infrastructure (file servers, home labs). Different problem than 'hide me from the public internet'.
What about 'VPN routers'?
A router with built-in VPN client capability. Instead of running the VPN app on each device, the router tunnels all home traffic through a VPN provider. Convenient for whole-home coverage but slower (router CPU bottlenecks) and inconvenient for situations where you want VPN sometimes (some sites break behind VPN).
Is 'cloud VPN' the same as 'personal VPN'?
Overlapping. 'Cloud VPN' can mean: (a) the VPN provider runs servers in cloud infrastructure (most do) β€” in which case it's a personal VPN architecturally, or (b) a cloud-provider service like AWS Client VPN where you BYO infrastructure. The marketing usage is fuzzy; pay attention to what the product actually does.

πŸŽͺ Personal VPN, Free

If "personal VPN" is what you needed, that's what we ship.

πŸ€– Get It On Google Play