One distinguishing component of current VPNs is the use of a variety of transport protocols to establish connections. This is helpful not only because the protocols have different capabilities, encryption strengths, and authentication mechanisms, but because each can run at different layers of the Open Systems Interconnection (OSI) Reference Model. The OSI model is the standard seven-layer conceptual tool that describes protocols and their corresponding functions. Each layer communicates with its peer layer on the other end of a communication session. Although the OSI model is helpful in discussing protocols, most protocols are not in full compliance with it.

In the case of VPNs, the protocols used by the vast majority of solutions work at Layers 2 and 3 of the OSI model.

Layer 2 of the OSI model is the Data Link Layer. The Data Link Layer is the protocol layer that transfers data between adjacent network nodes. In the case of a VPN, this protocol transfers data from one VPN endpoint to the other. Layer 2 Transport Protocol (L2TP) is an example of a protocol that communicates using Layer 2. Layer 3 of the OSI model is the Network Layer. The Network Layer is responsible for end-to-end packet delivery and includes the ability to route packets through intermediate hosts. IPSec is an example of a VPN protocol that communicates at Layer 3.