This post summarizes the most common Virtual Private Network (VPN) protocols.
VPN Protocols
VPN (Virtual Private Network) protocols:
- PPTP
- L2TP
- SSTP
- IKEv2
- OpenVPN
PPTP
Point to Point Tunneling Protocol (PPTP) is a legacy solution, and it has some security issues.
PPTP uses port 1723.
L2TP
Layer Two Tunneling Protocol (L2TP) is an extension of PPTP.
The L2TP protocol alone does not offer encryption security for your data packets. For this reason, it often pairs up with the Internet Protocol Security (IPSec) protocol, which allows encryption and enhances security. This is why it is common to describe a VPN as LT2P/IPSec.
L2TP can be configured digital certificate instead instead of pre-shared keys.
SSTP
Secure Socket Tunneling Protocol (SSTP) is a protocol developed by Microsoft.
It requires that a digital certificate is installed in the devices connecting to the VPN.
IKEv2
Internet Key Exchange version 2 (IKEv2).
OpenVPN
OpenVPN is a tunneling protocol by the company of the same name.
VPN technologies
VPN technologies:
- VRF
- VRF-Lite (Multi-VRF)
- VP6
What is NOT VPN?
SSL is a networking protocol that is used at the transport layer to provide a secure connection between the client and the server over the internet. The SSL connection is to an endpoint, not a whole network.
In conclusion SSL, is not a a VPN.
SSH is used for tunneling, not for VPN, and only works on the application layer (OSI layer 7).
External references
- “CISSP 9th Edition”, Chapter 12
- Cisco; “VPN and VRF“; Cisco
- archlinux; “VPN over SSH“; archlinux
- “Difference between IP Sec and SSL“
- Chris Hoffman; “Which Is the Best VPN Protocol? PPTP vs. OpenVPN vs. L2TP/IPsec vs. SSTP“, HowtoGeek
- Microsoft; “How to troubleshoot a Microsoft L2TP/IPSec virtual private network client connection“; Microsoft