VPN protocol Explained – PPTP vs L2TP vs SSTP vs IKEYv2 vs OpenVPN

When you install the VPN app on your computer or smartphone, you just have to open it, choose a country, and turn it ON. Viola, you now are connected to a VPN server. There is no need to change any complicated settings. 

Read: Free VPN to Unblock Netflix Geo Restriction

By default, most VPN providers, automatically uses the protocol best-suited to your network. But what if you want more control with your VPN?, 

Well, the good news is, most VPN providers let you configure your app to use one of other protocols be it PPTP, L2TP , SSTP, IKEv2, or OpenVPN. So, let’s find out what the pros and cons are for each VPN protocol and when to use what. 

vpn

PPTP vs L2TP vs SSTP vs IKEYv2 vs OpenVPN

1. PPTP

PPTP short for Point-to-Point Tunneling Protocol was developed by Microsoft for creating VPN over dial-up networks. For a long time, PPTP has long been the standard protocol for corporate VPN networks.

Platform – PPTP is easy to set up using the OS built-in VPN features. Their clients are built into many platforms, including Windows, macOS, Android, iOS and even some routers. So, you don’t need install additional software to setup PPTP.

Encryption – However, it’s not worth it. The protocol is old and vulnerable. It is not a secure VPN protocol and can be easily decrypted by malicious 3rd parties in man-in-the-middle attacks.

Firewall – PPTP requires both TCP port 1723, which makes it easy to block PPTP connections.

Bottom line: Avoid. Only use if absolutely necessary for compatibility.

2. L2TP

L2TP or Layer 2 Tunneling Protocol is a better version of PPTP.

Platform – It’s just as easy and quick to set up as PPTP, since it’s also built in to almost all modern operating systems.

Encryption – L2TP does not provide any encryption on its own, So it basically encapsulate the L2TP traffic in a IPsec tunnel to secure the L2TP traffic. Which, unlike PPTP, is usually considered secure.

Firewall – The problem with L2TP comes with Firewall. It uses UDP port 500 — that means it’s much easier to block and harder to get around firewalls with.

Bottom Line – L2TP/IPsec is theoretically secure, and easy to set up. There are some concerns, that the NSA could have weakened the IPsec standard, but nothing is confirmed. Also, it has trouble getting around firewalls. Overall, I wouldn’t say it’s the best protocol, but if you have to choose between PPTP and L2TP, definitely use this over PPTP.

3. SSTP

SSTP aka, Secure Socket Tunneling Protocol, is a proprietary standard owned by Microsoft.

Platform – Although it is now available for Linux, and even Mac OS X, it is still primarily a Windows-only platform.

Encryption – Unlike PPTP and L2TP, SSTP uses SSL 3.0 which means it’s highly secure. However, since it’s a proprietary protocol, it means that the code is not open to public and can’t be audited as fully.

Firewall – It includes the ability to use to TCP port 443, which is used by regular HTTPS traffic. Thus making it hard to block. As there is no way to tell VPN connections apart from the kind of secure connections used web browser, email services, and online retailers. firewalls

Bottomline – SSTP is a proprietary Microsoft protocol, and is best supported on Windows. Overall, if you have to choose between PPTP, L2TP and SSTP, for a windows computer.  it’s better to use than SSTP. The encryption is better and can circumvent firewall as well.

4. IKEv2

Internet Key Exchange version 2 ( or IKEv2) is relatively a new VPN protocol, developed by Microsoft and Cisco.

Platform – You might have not heard much about this protocol, as it is natively supported by Windows 7 and higher, Blackberry, and iOS devices.

Encryption – Like L2TP, IKEv2 is also paired with an authentication suite such as IPSec, to get encryption feature. So, if you provider say, IKEv2, it most probably mean, IKEv2/IPsec.

Bottomline – IKEv2 is not as common as the other protocol on this list, as it is supported on fewer platforms mostly Windows and iOS. However, mobile users may still consider it as it good at automatically re-establishing a VPN connection when users temporarily lose their internet connections. For example switching between  home WiFi and mobile connections, or who regularly move between hotspots.

5. OpenVPN

OpenVPN is an open source technology that uses the OpenSSL library,

Platform – Unlike PPTP and L2TP which are natively supported by most platform; to get OpenVPN you’ll have to use third party software. But most VPN providers have a custom OpenVPN setup guide, so setting it up shouldn’t be a problem. We have also done a video on how to setup OpenVPN,.

Encryption – As of now, OpenVPN is considered to be the strongest encryption, since it support AES, it’s highly secure. Also, as it’s open source, one can always check the source code and see what’s going on inside. Thus making OpenVPN best for security.

Firewall – OpenVPN can also run on TCP port 443, meaning it can bypass most firewalls. 

Bottomline – Compared to all the other VPN protocols, OpenVPN is arguably the most secure and versatile VPN protocol available.It works on every platform, bypass firewall and highly reliable. Only issue is, you need to know how to set it up, for which you can watch our other video.

Wrapping up: Which VPN protocol to use?

In a nutshell, don’t use PPTP, it’s outdated and insecure unless your not a millennial.

L2TP is fairly easy to implement, and has fairly good encryption with IPsec (theoretically) but has trouble getting around firewalls. So, I wouldn’t recommend it  either. But it’s definitely better than PPTP

SSTP is much more  secure than L2TP, but the downside is, it Mostly works for Windows.

So, the best choice is, OpenVPN. It’s secure, reliable and works on every platform.

About Mrinal Saha

Mrinal is a tech geek who spends half of his day reading and writing about tech. While the nights are spent on shooting or editing YouTube videos. Feel free to geek out with him on-