VPN protocols are an essential part of the initial VPN connection to the server. They negotiate encryption algorithms, connection rules and determine VPN stability and speed.
The most popular 5 protocols most likely to be encountered are PPTP, L2TP/IPSec, IKEv2/IPSec, OpenVPN, and SSTP. Of course, there are also a few less known ones, but one of these top 5 you probably will use with any VPN provider. These protocols vary in security, stability, and speed, so which one should you use?
PPTP (Point-to-point Tunneling Protocol) is one of the first VPN protocols ever developed and was introduced by Microsoft in the 1990s and was in-built in Windows OS since the launch of Win’95. These days you can find this protocol on every OS: Windows, Mac, Android, and iOS making it very easy to set up the connection with PPTP. A long time has passed since this protocol was released and, since technology advanced really fast, PPTP currently is considered outdated and insecure. Over time a few critical security flaws were found allowing eavesdroppers to decrypt VPN traffic and making connections established using this protocol vulnerable to man-in-the-middle attacks. Using PPTP makes it easy to spot and block VPN connections with firewalls since it uses UDP port 1723. Due to security flaws and basic encryption is not recommended to use PPTP and if you have a choice to use another protocol, by all means, use it.
2. L2TP / IPSec
L2TP / IPSec (Layer 2 Tunneling Protocol / Internet Protocol Security) – is said to be a better and upgraded version of PPTP. This protocol does not provide encryption on its own, therefore, it is used in pair with IPsec security suite for encrypting the payload inside the VPN tunnel. IPSec uses strong encryption algorithms, however, there are rumors that the NSA has weakened this protocol’s standards and added a backdoor making it possible to decrypt certain connections. Besides this rumor, which has no strong evidence whatsoever, this is a secure cross-platform protocol found on Windows, Mac, Android, and iOS. L2TP uses UDP port 500 meaning that it is easy to spot and block connections like with PPTP. Overall it is a good and secure protocol to connect with and should definitely be used instead of PPTP.
3. IKEv2 / IPSec
IKEv2 (Internet Key Exchange version 2) is one of the newer protocols out there and is not that widely used as the others, however, it is quickly gaining popularity and currently is available on Windows, iOS and on Mac since v10.11. Like L2TP it does not encrypt VPN payload and is used in combination with IPSec for securing the VPN tunnel. This protocol is praised for its very good speeds, stability and automatic VPN re-connection feature, which makes it an amazing choice for mobile devices. Switching networks from Wi-Fi to 4G or changing hotspots while on VPN makes it seamless while connected with IKEv2. This protocol is definitely a choice for mobile devices or for people who move a lot and switch their networks frequently and still want to stay safe and secure online.
OpenVPN is an open source VPN protocol that is by far the most popular protocol due to its wide range of available configurations, connection stability and very high level of security supporting AES-256 bit key encryption. Due to its open source code that can be investigated and audited, it makes OpenVPN even more secure by preventing any flaws or backdoors to be implemented. This cross-platform protocol is available as a third party software, but every VPN provider has its own configurations of it. OpenVPN uses not only UDP connections but also allows connections via TCP port 443, which is a very common TCP port making a VPN connection harder to spot or block. This protocol is widely popular on all platforms and is the best choice for those who care about security and stable VPN connection.
SSTP (Secure Socket Tunneling Protocol) is a protocol developed by Microsoft and is available since Windows Vista was released. This protocol is mainly a Windows-only protocol, however, you can find it implemented on Linux or even Mac. The code of this protocol is owned by Microsoft and therefore cannot be audited fully. SSTP is a highly secure protocol which uses SSL 3.0 encryption standards and has an ability to connect via TCP port 443 making it hard to notice and block like OpenVPN. This protocol is best suited if you have a windows device since this protocol is native in windows OS.
To sum things up we share an infographic with all the essential information about each protocol. Take a look again, the essential information about all protocols is there: