This post summarizes the most common Virtual Private Network (VPN) protocols.
VPN (Virtual Private Network) protocols:
Point to Point Tunneling Protocol (PPTP) is a legacy solution, and it has some security issues.
PPTP uses port 1723.
Layer Two Tunneling Protocol (L2TP) is an extension of PPTP.
The L2TP protocol alone does not offer encryption security for your data packets. For this reason, it often pairs up with the Internet Protocol Security (IPSec) protocol, which allows encryption and enhances security. This is why it is common to describe a VPN as LT2P/IPSec.
L2TP can be configured digital certificate instead instead of pre-shared keys.
Secure Socket Tunneling Protocol (SSTP) is a protocol developed by Microsoft.
It requires that a digital certificate is installed in the devices connecting to the VPN.
Internet Key Exchange version 2 (IKEv2).
OpenVPN is a tunneling protocol by the company of the same name.
- VRF-Lite (Multi-VRF)
What is NOT VPN?
SSL is a networking protocol that is used at the transport layer to provide a secure connection between the client and the server over the internet. The SSL connection is to an endpoint, not a whole network.
In conclusion SSL, is not a a VPN.
SSH is used for tunneling, not for VPN, and only works on the application layer (OSI layer 7).
- “CISSP 9th Edition”, Chapter 12
- Cisco; “VPN and VRF“; Cisco
- archlinux; “VPN over SSH“; archlinux
- “Difference between IP Sec and SSL“
- Chris Hoffman; “Which Is the Best VPN Protocol? PPTP vs. OpenVPN vs. L2TP/IPsec vs. SSTP“, HowtoGeek
- Microsoft; “How to troubleshoot a Microsoft L2TP/IPSec virtual private network client connection“; Microsoft