Home > Tech Explained

The Differences Between PPTP, L2TP/IPSec, SSTP and OpenVPN Connection

By JJ

Most of you will have heard of virtual private networks, or VPNs. Many businesses utilize VPNs to create secure links between offices, or to allow employees to connect into the office server remotely. Many internet users also utilize VPNs to get around their country’s restrictive internet firewalls or in order to bypass geographical limitations of online streaming applications (like Netflix). This article will explore the different types of VPN connections, and what they all mean. Each protocol has distinct advantages and disadvantages – generally related to the level of encryption, device compatibility and their ease of use / configuration.

vpn

PPTP

Point-To-Point-Tunneling Protocol (PPTP) is the most popularly VPN protocol and is supported by the most devices. PPTP stands for point to point protocol, is by far the easiest to configure and has low overhead that makes it faster than other VPN protocols. Firewalls such as ISA Server, Cisco PIX and Sonic Wall recognize the protocol.

PPTP encrypts data using a 128-bit key which puts it in the “weakest” category of VPN protocols. It has also had other weaknesses in the past, such as clear-text authentication prior to a connection being established and as such it is rarely used in sensitive business environments. However, the most recent implementations of this protocol have resolved some of the security issues – for example, the implementation of EAP authentication.

L2TP/IPSec

Layer 2 Tunneling Protocol (L2TP) came about through a partnership between Cisco and Microsoft with the intention of providing a more secure VPN protocol. L2TP is considered to be a more secure option than PPTP, as the IPSec protocol which holds more secure encryption algorithms, is utilized in conjunction with it. It also requires a pre-shared certificate or key. L2TP’s strongest level of encryption makes use of 168 bit keys, 3 DES encryption algorithm and requires two levels of authentication.

L2TP has a number of advantages in comparison to PPTP in terms of providing data integrity and authentication of origin verification designed to keep hackers from compromising the system. However, the increased overhead required to manage this elevated security means that it performs at a slower pace than PPTP.

SSTP

Secure Socket Tunneling Protocol (SSTP) is viewed as the VPN protocol with the highest security due to authenticating with 2048 bit key certificates and encrypting with 256 bit key. SSTP can be used in place of other VPN protocols (PPTP, L2TP), and is effective in locations where network access is restricted as it uses TCP port 443, the same port used by Secure Socket Layer (SSL) transmissions.

SSTP VPN is viewed as quicker and more reliable than OpenVPN. However, your operating system needs to be relatively up to date in order for it to function properly with SSTP.

The major disadvantage of SSTP is that since it was developed by Microsoft it only functions on Windows Vista / Windows 7 / Windows 8. Currently, there are no intentions to make the protocol available to users of Mac OS, Linux and older versions of Windows.

OpenVPN

OpenVPN was developed by Open Source software as a free alternative to Microsoft’s SSTP protocol. One major advantage of this particular protocol is that it functions on a variety of operating systems, such as, Mac OS, Windows, Linux and some IP phones. Similar to SSTP, OpenVPN has a higher encryption level than L2TP as it operates on both Layer 2 and Layer 3. Furthermore, it is accompanied with extra features such as transporting Ethernet frames, IPX packets and providing NETBIOS functionality.

A minor disadvantage with OpenVPN is that it provides insufficient support for mobile devices and the requirement to install a 3rd party client. This is not the case for SSTP.

A major disadvantage with VPN is the high overhead associated with the protocol due to its level of encryption. It may also be quite challenging to configure.

Final thoughts

The VPN protocols illustrated above all have distinct advantages and disadvantages. The easiest protocol to configure with the best device compatibility would be PPTP. SSTP and OpenVPN are the protocols least likely to be blocked by servers or firewalls and generally thought to be the most secure. In terms of speed, generally speaking, less encryption means greater speed but at the cost of less security. However, if your devices are of reasonable speed this should not be a major factor. Best to consider your security requirements and pick a protocol accordingly.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

JJ Avatar
JJ
JJ runs a company that specialises in IT Support and cloud IT Solutions in Australia. He also moonlights as a tech blogger.

Read next

When the SS Great Eastern laid the first working transatlantic telegraph cable in 1866, a message that had taken ten days by steamship suddenly crossed the ocean in minutes, and the financial markets of London and New York were forced, within a single trading week, to invent the modern concept of synchronised global price.
Flat lay of travel essentials including a passport, map, smartphone, and pop camera.
Masahiro Hara and Denso engineers built the QR code in 1994 to help Toyota suppliers scan car parts from any angle, then kept the patent open until phone cameras and a 2020 pandemic turned the factory square into a daily ritual on restaurant tables
In 1965, Mary Allen Wilkes wrote LAP6 for the LINC computer from her parents’ Baltimore home, testing an interactive operating system on a 250-pound machine in the living room and becoming the first known person to use a personal computer at home, twelve years before the Apple II reached buyers
Hands manipulating wires on breadboards for electronic prototyping.
When Grace Hopper wanted to explain a nanosecond to admirals who kept asking why satellites were slow, she handed each of them a piece of wire 11.8 inches long, the exact distance light travels in a billionth of a second, and told them to keep it in their pocket as a reminder that physics, not laziness, sets the limit.
From below of blue starry sky over radio telescope and trees with leaves
The Big Ear telescope was scanning at 1420.4056 megahertz on the night of 15 August 1977, the exact frequency at which hydrogen atoms vibrate across the universe, because Giuseppe Cocconi and Philip Morrison had argued years earlier that any species trying to be found would broadcast on that channel — and then, for 72 seconds, something did.
An astronaut in a spacesuit ventures across a barren, Mars-like desert landscape.
When Doug Wheelock came home after 163 days in space, he said he had craved the aroma of leaves, grass, flowers, and trees, the rush of Earthiness that reaches astronauts only when the hatch opens back onto the living planet
Scenic view of snow-covered mountains with ancient petroglyphs on rocks under a clear blue sky.
When Frank Maixner’s team reconstructed Ötzi the Iceman’s 5,300-year-old stomach bacterium in 2016, the Helicobacter pylori strain looked less like modern Europe’s hybrid form than Asian lineages common today in South and Central Asia, leaving a migration signal no pot or stone tool could have shown
When Cingular chief Stan Sigman backed the original iPhone before its 2007 unveiling, he accepted terms American carriers usually refused: no logo on the device, no control over its software, no preloaded apps, and a share of monthly subscriber revenue flowing back to Apple, after signing on without seeing a prototype