As privacy advocates, our job is to educate people on this aspect of their digital life which is slipping away from their fingers. When we say that your privacy is at risk, we really mean it.
We have extensively covered the best VPNs in the market. But there are still some questions that we see lingering in the minds of VPN users. One of those questions is about the protocols that VPNs offer. So what exactly are VPN protocols? And does it affect the average VPN user? Before we answer that, let us walk through how a VPN works.
How VPNs Work
Virtual Private Network is a network that you establish to securely route your internet traffic. In a public network, devices are connected to the internet through the Internet Service Provider’s (ISP) server, which routes your traffic to the correct destination. Running a request for www.google.com in the web browser sends it to the ISP’s server which uses a DNS server to look up the destination before forwarding it to the correct address. The address is then returned back to you.
A virtual private network shifts that responsibility from the ISP to a VPN server. The immediate benefit is that the ISP can longer see what websites you are visiting. So this here is the privacy benefit of using a VPN – the other is security.
VPNs rely on encryption which is the process of converting data into an unreadable format. Decryption – The process of making it readable – requires a special which is only shared between the VPN client and the VPN server. Any third-party intercepting the communication cannot see the contents of the packets being sent. There are two types of encryption keys available, symmetric keys and asymmetric keys, and depending on the protocol being used, it can be either.
As you connect to the VPN server, it lends you an IP address that masks your actual IP address, thus giving you anonymity on the internet. It allows you to access unblocked websites and geo-restricted content on the internet because the destination server reads the masked IP address.
VPN Protocols – What They Are and Why They Matter
A protocol is a set of rules that dictate how a task is to be carried out. Internet communication takes place on several layers – from the link layer to the application layer. VPN protocols dictate how data flowing in-and-out of the VPN client and the server follows instructions. This includes establishing a connection or a “tunnel” which encapsulates data, exchanging secure keys, authentication, encryption, and decryption.
Learning about VPN protocols can help you get the most out of your VPN. VPN protocols vary in terms of effectiveness in different key areas of communication. One protocol may prioritize speed, one protocol may be slower but offer a higher level of security, and one may strike a balance between both. Continue reading as we explore what makes them different and which protocol is ideal for certain use-cases.
VPN Protocols Explained
With the brief introduction out of the way, let’s take a look at each VPN protocol.
Point-to-Point Tunneling Protocol (PPTP) was introduced back in 1999 by Microsoft, making it one of the oldest VPN protocols. Think of Windows 95 days, PPTP was introduced at a time when dial-up connections were mainstream.
Being an old protocol, it does not provide strong security, it does not have encryption capabilities suitable for use, and it’s used to as a tunneling protocol and for authentication. Though it is easy to set up and fast, which may make it suitable if security isn’t much of a concern.
Jointly developed by Microsoft and Cisco, the Internet Key Exchange protocol is another tunneling protocol leading the VPN space. IKEv2 is built with IPsec’s encryption.
One area where it’s prominent is mobile devices, primarily because IKEv2 can reconnect easily in the event of a disconnection, and retain stability as the device switches between Wi-Fi and cellular data, which is why it has native support on iOS. And because it comes from Microsoft, it plays nicely with the Windows operating system.
OpenVPN is an open-source protocol that is widely preferred for its balance of speed and security, supporting both UDP and TCP ports. The open-source nature allows the community to quickly report and close security risks. It’s the most common VPN protocol – so when you buy a VPN service, chances are that it’s running OpenVPN by default.
For encryption, it utilizes the OpenSSL library, giving up to AES 256-bit encryption. The only downside when you increase encryption strength is speed. But it will not matter to the average user because the speeds are still very good. OpenVPN can be implemented easily compared to some other protocols like SSTP, which serves just another reason why it is the most popular protocol in the industry.
L2TP stands for the Layer 2 Tunneling Protocol. This protocol only acts on the tunneling aspect of VPN communication, it doesn’t provide encryption and has to be paired with a protocol such as IPsec. LT2P uses the UDP port for transferring data, which makes it fast but also less reliable at the same time. UDP connections have a less strict check on the integrity of packets being transferred. Like PPTP, L2TP is considered a legacy VPN protocol that’s not recommended by many.
Although Internet Protocol Security (IPsec) is often paired with other VPN protocols for encryption, it’s a working VPN protocol on its own, providing both tunneling and encryption capabilities, it defines a framework for implementation rather than a set of rules.
Authentication is handled by Authentication Header (AH) and encryption is handled by Encapsulating Security Payload (ESP). ESP can also provide authenticate if it’s not used together with AH.
Developed and owned by Microsoft, Secure Socket Tunneling Protocol has native support for Windows since Windows Vista and can be used with other systems as well. It uses Port 443 to tunnel internet traffic, allowing you to bypass internet restrictions. So naturally, when it comes to authentication encryption, it uses the SSL/TLS protocol for authentication and supports up to AES 256-bit encryption.
Should You Change Protocol?
The average user wouldn’t feel the difference between varying performances of the protocols. Commercial VPN services such as FastestVPN are built to be convenient and easy-to-use. Several VPN services offered apps for major platforms. These apps are preconfigured out-of-box; they don’t require any manual configuration. This also includes the protocol that’s best suited for the platform in use. For example, IKEv2 is likely to be the default VPN protocol on iOS. Similarly, macOS lets you choose between different VPN protocols, such as “L2TP over IPsec.”
NordVPN discontinued the use of L2TP/IPsec and PPTP last year, leaving users with just OpenVPN and IKEv2/IPsec protocols.
If you are manually configuring the VPN in your router then you will have the option to choose between multiple protocols. Here are some of the uses and which VPN protocol best suits them.
In a nutshell, if you’re looking for the best VPN protocol, here’s the breakdown:
- PPTP and IKEv2 = Fastest VPN protocols
- SSTP = Most secure VPN protocol
Which Protocol is Best Suited for Torrenting?
If you’re using P2P/Torrenting then OpenVPN with UDP and IKEv2 are the best protocols. Unlike protocols like PPTP, the upside of OpenVPN is that it works on both TCP and UDP ports. UDP is faster than TCP because it forgoes the integrity checks on the packets received, it also makes it less reliable because packets are not checked for correct order and requested again.
But in the case of BitTorrent, where data is collected from different peers and stitched together, using UDP would not matter here.
PPTP is generally faster than other protocols because it has weak security, but it’s recommended that you keep your torrenting activities completely private from the ISP, hence, use OpenVPN on UDP or IKEv2 to encrypt the traffic. IKEv2 is more suited for Wi-Fi connections, such as when using mobile devices.
What Protocols do the Top VPN Services Offer?
Commercial VPNs come with several features baked in, including multiple VPN protocols. Here are our favorite VPN services and the respective VPN protocols they offer:
- OpenVPN (TCP and UDP)
- OpenVPN with UDP
- OpenVPN with TCP
- OpenVPN (TCP and UDP)
The aforementioned VPN services have been reviewed extensively by us. You can read the reviews by visiting our blog, they contain things that are not mentioned here, such as pricing.
For most people who are using commercial VPN services, protocols will be a non-issue. The average user is unlikely to be bothered by the varying speed. However, if you’re setting up a VPN yourself using a VPS or manually configuring a service in your router then picking certain protocols would yield better results. Certain uses like gaming benefit from UDP protocol over TCP.
VPN services put great consideration into making their apps as user-friendly as possible. This includes preconfiguring the app to settings best suited for the platform.