Ports and protocols are a confusing topic for many people who are new to VPNs. The basic question is whether or not to use TCP or UDP for the VPN connection. While there are plenty of resources on the topic, many of them are a little over the top and difficult to understand for somebody who is completely new to the subject.
In this article, we will walk you through the most popular VPN protocols and their corresponding ports.
The Point-to-Point Tunneling Protocol, or PPTP, is one of the most popular and most-misunderstood protocols when it comes to VPNs. The general consensus among IT professionals is that PPTP is a secure and decent protocol, but in order to get the most out of it, you need to use a hardware VPN device that is specifically designed for handling PPTP connections. Without one of these devices, your computer or smartphone will struggle to provide the kind of security that you expect when connecting to a remote network.
PPTP is actually a VPN solution that was developed and is supported by Microsoft. It is a tunneled VPN protocol, which means that all of the data that is transmitted over the VPN connection is encrypted. Because there is no central authority to verify the credentials of a VPN user, as there is with a Certificate Authority like Let’s Encrypt, ensuring the security of your VPN is more difficult. However, Microsoft has provided two tools, the PPTP Tool and the PPTP Server, which makes this protocol much easier to implement. These tools make installing and configuring a VPN pretty straightforward.
Tunneled VPN protocols like PPTP are simple and easy to set up and use, but they are extremely limited in the kind of networking they can perform. The more modern Layer Two Tunneling Protocol is similar to a VPN solution, but it has several advantages over its predecessor, including allowing for the encryption of all data packets, which makes the protocol itself a suitable replacement for a VPN. (In fact, L2TP is the basis for many VPN protocols that were developed later on.)
The IPsec protocol, the successor to the Secure Sockets Layer (SSL) and the IPSec protocol that was based on it, includes several features that enhance the performance and security of a VPN connection. One of the most important features is the use of X.509 Certificates to establish the identity of both the VPN endpoints. X.509 is a standard that was originally developed for trust and identity management within the financial services industry, so it comes as no surprise that VPN providers have started to implement it in recent years. (In case you’re wondering, X.509 is short for “Extensible Authentication Protocol”.)
OpenVPN is one of the most popular virtual private network (VPN) protocols. It was first released in 1999 and was developed as a successor to the PPTP protocol. Since then, the open source implementation of the protocol has been downloaded more than 500 million times, making it one of the most used free and open-source VPNs available today. (OpenVPN is also the most-used protocol among CyberGhost and Ivacy users, according to their website traffic.)
OpenVPN is a highly secure and flexible VPN protocol, which makes it suitable for use in a number of different situations. Its main advantage is that it is very easy to set up and use. Simply install the open-source OpenVPN software on both the client and server sides, and connect to the Internet via a VPN provider that offers open-source implementations of the protocol. You are good to go – no special hardware needed! (The only real disadvantage to using OpenVPN is that it does not perform as well as other VPN protocols when it comes to throughput.)
Another tunneled VPN protocol that is gaining popularity is the IPSec protocol. It was first developed and released back in 2000 and has since been included as part of the IETF standard since 2003. (IPSec is also referred to as IP Security or IP-Sec.)
Unlike L2TP and OpenVPN, IPSec is proprietary technology that was developed and is maintained by Cisco. It is one of the most flexible and commonly used VPN protocols, and it offers the same kind of strong encryption as its predecessor, the SSL protocol. Because of its strong encryption, IPSec can be used to secure communications between two private networks (i.e., corporate networks) in a way that is transparent to both parties. In addition, IPSec is considered to be more secure than PPTP and OpenVPN, due to the use of military-grade AES encryption in its algorithms. (The only major downside to IPSec is that it is not as fast as other protocols, like PPTP or L2TP.)
None Of The Above
There are other VPN protocols as well that deserve a spot on this list, including L2TP/IPsec (mentioned above) and the PPTP protocol that was mentioned above. If you try to run a VPN on your computer using any of these protocols, you will find that they require a little bit of research to figure out how to use properly. Some protocols, like L2TP/IPSec, are so new that they are still struggling to gain widespread adoption. (In case you’re wondering, NordVPN and IPVanish are two companies that have fully supported and implemented both L2TP/IPsec and PPTP for years now.)
In short, if you are looking for a simple and easy-to-use VPN solution then PPTP, OpenVPN, or L2TP/IPSec should be your next stop. If however, you would like to experiment with stronger encryption protocols then look into the IPSec family of protocols, specifically the new and improved version, which was released in 2017 and is called IPSec SHA256+. (Keep in mind that the only way to make sure the encryption strength is as high as it can be is to use a hardware VPN device.)