This post summarizes the most common Virtual Private Network (VPN) protocols.
List of VPN Protocols
VPN (Virtual Private Network) protocols:
- PPTP
- L2TP
- SSTP
- OpenVPN
- IPSec
- L2F
RADIUS AAA protocol can also establish a VPN.
PPTP
Deprecated
Point to Point Tunneling Protocol (PPTP) is a legacy solution, and it has some security issues.
PPTP uses port 1723.
It uses sometimes the Shiva Password Authentication (SPAP).
L2TP
Layer Two Tunneling Protocol (L2TP) is an extension of PPTP.
The L2TP protocol alone does not offer encryption security for your data packets. For this reason, it often pairs up with the Internet Protocol Security (IPSec) protocol, which allows encryption and enhances security. This is why it is common to describe a VPN as LT2P/IPSec.
L2TP can be configured digital certificate instead instead of pre-shared keys.
L2TP uses port 1701.
SSTP
Secure Socket Tunneling Protocol (SSTP) is a protocol developed by Microsoft.
It requires that a digital certificate is installed in the devices connecting to the VPN.
OpenVPN
OpenVPN is a tunneling protocol by the company of the same name.
It is not compatible with lPSec, IKE, PPTP or L2TP.
IPSec
Internet Protocol Security (IPSec) is a standard that comprises collection of protocols used as an add-on for IPv4 and integratied into IPv6.
You can read more about IPSec on thist post.
L2F
Layer 2 Forwarding Protocol (L2F)
VPN technologies
VPN technologies:
- VRF
- VRF-Lite (Multi-VRF)
- VP6
What is NOT VPN?
SSL is a networking protocol that is used at the transport layer to provide a secure connection between the client and the server over the internet. The SSL connection is to an endpoint, not a whole network.
In conclusion SSL, is not a a VPN.
On the other hand, TLS is also used in an increasingly large percentage of VPN connections.
SSH is used for tunneling, not for VPN, and only works on the application layer (OSI layer 7).
You might also be interested in…
External References
- Chapple et al; “CISSP 9th Edition”, Chapter 12 “Secure Communications and Network Attacks”, Section “Common VPN Protocols”, pp. 607-609
- Cisco; “VPN and VRF“; Cisco
- archlinux; “VPN over SSH“; archlinux
- “Difference between IP Sec and SSL“
- Chris Hoffman; “Which Is the Best VPN Protocol? PPTP vs. OpenVPN vs. L2TP/IPsec vs. SSTP“, HowtoGeek
- Microsoft; “How to troubleshoot a Microsoft L2TP/IPSec virtual private network client connection“; Microsoft