Which VPN Protocol to use?VPN Protocols Explained and Compared
2017-05-06 (updated: 2022-02-18) by Philip
Tags: VPN, IPSec, OpenVPN, P2P
VPN, or a Virtual Pricate Network, is a privacy technology that allows you to secure your data while online and surf anonymously. VPNs encrypting all your online traffic at the IP level, providing a private network for a group of computers over a public network (namely, the Internet). VPNs allow you to protect confidential information such as banking info, passwords, accounts, business communications, etc. so that it can be safely transferred over the public internet without being visible to your ISP, their backbone providers, and any node in the middle of a connection.
As an end user, once you've decided to use VPN you should probably not worry much about the different encryption protocols (PPTP, L2TP/IPsec,SSTP, SSL/OpenVPN), as most of them have their benefits and drawbacks. It is probably enough to say that there have been some vulnerabilities found in the PPTP protocol, however, the most widely used ones are IPSec and SSL.
That said, depending on your use of the internet and hardware capabilities, there will be differences in security, and variations in speed between the VPN protocols. We will try to explain the advantages, disadvantages and compare the different protocols in use today below. Keep in mind some protocols may require a bit more processing power, so you should consider the balance between efficiency and security if you are working with older/slower hardware.
It is important to also note that if you're planning on using the same VPN protocol under multiple different OSes, you should consider using SSL/OpenVPN, as OpenVPN works with Windows, Linux, Android and iPhone devices, unlike SSTP VPN, for example. Below is a bit more detailed look at the different VPN protocols in use today.
The Point-to-Point Tunneling Protocol (PPTP) is an older method of VPN encryption designed by Microsoft. It uses a 128-bit key, however it is susceptible to the ASLEAP dictionary attack. The protocol is integrated into Windows, Linux and macOS, uses TCP port 1723 and General Routing Encapsulation (GRE). Despite its popularity, fast speeds, and simple setup, it is best avoided for modern use because of its age.
The Layer Two Tunneling Protocol (L2TP) is a more modern extension of PPTP that uses a 256-bit key, and is considered complex enough for secure communications. It combines PPTP with L2F (Layer 2 Forwarding Protocol) designed by Cisco. L2TP it also adds IPsec (Internet Protocol security) as an encryption method, as it does not contain its own. L2TP has been supported since Windows XP, macOS 10.3 or newer, and mobile OSes. The 256-bit encryption and double encapsulation requires more overhead than PPTP, and it may be a bit more complex to implement and configure. L2TP may still be vulnerable to some more obscure recent attacks if using pre-shared keys, however, it is generally considered secure.
Like L2TP/IPsec, IKEv2/IPsec is a combination of tunneling protocols combined with the Cisco IPsec suite for encryption. This VPN variant was developed by Microsoft in collaboration with Cisco, it supports 256-bit encryption, and is not open source. IKEv2 (Internet Key Exchange version 2) is one of the newest protocols, designed to consume less bandwidth than IKEv1, while being more secure, and adding to reliability of the connection. IKEv2 uses UDP port 500. It is efficient, it is faster than L2TP, slightly faster than OpenVPN, much better choice than the outdated PPTP, and it is generally secure.
The Secure Socket Tunneling Protocol (SSTP) is a Microsoft protocol, and is not open source. The name is derived from the traffic being routed through the Secure Sockets Layer (SSL) protocol, using TCP port 443. This allows it to pass through firewalls and proxy servers more easily without the need to set special rules and port-forwarding. If you believe in security through obscurity, the proprietary nature of the protocol makes it somewhat more "secure". It is available in Windows Vista SP1 and later. SSTP is designed for remote client access, and does not generally support site-to-site VPN tunnels.
OpenVPN is a popular open source security protocol, giving the community access to the source code, reducing the possibility of potential security flaws and backdoors. OpenVPN uses OpenSSL with up to 256-bit encryption. SSL/TLS is used for pre-shared key exchange, adding to the security.
OpenVPN TCP uses TCP (Transmission Control Protocol) and IP (Internet Protocol), the most common protocols on the internet. One of the advantages of TCP is that it is a "stateful protocol" in that it has integrated error correction and recovery mechanism. This means each packet of transmitted data is acknowledged, and any lost packets are resent. TCP also guarantees the order of packets. Use this if reliability is more important than speed. Important characteristics of using TCP for VPN are:
OpenVPN UDP is a stateless variant of OpenVPN, using the UDP (User Datagram Protocol). UDP transmits data without all the redundancy and checks required by TCP, making it more efficient. UDP is commonly used for video/audio streaming, or gaming where current data is more important than a stale lost packet.
WireGuard is a newer set of protocols that is extremely fast, with very little overhead, and strong cryptography. It has the potential to offer a simpler, more secure, efficient, and easier to use VPN over older technologies. It is built on top of Chacha20 symmetric encryption (RFC7539), Curve25519 for Elliptic-Curve Diffie-Hellman (ECDH) anonymous key agreement, BLAKE2s for hashing (RFC7693), SipHash24 for hashtable keys, HKDF for key derivation (RFC5869).
WireGuard makes use of UDP-based handshake and the key exchange uses perfect forward secrecy while avoiding both key-compromise impersonation and replay attacks. WireGuard is relatively new, and hasn't seen the thorough vetting of time, but it has no known significant vulnerabilities and its code base is very small, so full audits are possible. WireGuard is included in Linux kernel 5.6.
All information transferred over VPN is encrypted. The higher the encryption (128 or 256 bits), the more processing power is required, i.e. it may be slower with older/slower hardware. Choose a secure, yet efficient/fast protocol.
If your VPN protocol of choice allows for either UDP or TCP, consider using UDP for the faster speeds and lower protocol overhead. Even though UDP is a stateless protocol (no guarantees of data being received), keep in mind that VPN tunnels encapsulate other traffic. What that means is, you can have TCP traffic (guaranteed delivery) encapsulated into UDP VPN, and still have the reliability offered by TCP (packet order and acknowledgements or receipt), there is no need for redundant double TCP encapsulation. That said, UDP VPN traffic can sometimes be blocked by corporate firewalls and ISPs, so you may still be forced to use TCP VPN over common ports.
We generally recommend using IKEv2/IPsec (UDP), or OpenVPN.
Too Long, Didn't Read? Use either WireGuard, IKEv2/IPsec, or OpenVPN. WireGuard is one of the best choices if available, it is very fast, efficient and secure. IKEv2/IPsec is also fast and secure, designed by collaboration of Cisco and Microsoft. If you prefer a comparable open-source variant that may be slightly slower, use OpenVPN.