When you enlist a VPN service, your VPN connection will be implemented using one of the more popular VPN protocols including PPTP (Point-to-Point Tunneling Protocol), OpenVPN, L2TP (Layer 2 Tunneling Protocol), IPSec (Internet Security Protocol) and Softether VPN (Not popular for this Protocol ) . Most VPN providers offer OpenVPN and PPTP by default. However, sometimes you may be faced with a decision to choose between PPTP
VPN and OpenVPN. If you find yourself in that situation, us
e this guide to learn the difference between PPTP VPN and
OpenVPN and choose the best protocol for your Internet needs.
PPTP is a basic VPN protocol created in 1999 by Microsoft working with Ascend Communications. It was an ‘extension’ of some other old protocols notably PPP (Point-to-Point Protocol) and GRE (Generic Routing Encapsulation).
OpenVPN was a creation of James Yonan back in 2002 but over the years, it has morphed into a robust, feature-rich VPN protocol built on OpenSSL.
With PPTP VPN, encryption of IP traffic is implemented with the MPPE protocol (Microsoft Point-to-Point Encryption) after the data has been encapsulated into PPP. There are three encryption levels supported by MPPE, including 40-bit, 56-bit, and 128-bit. However, only 128-bit is acceptable by the current security standards.
On the other hand, OpenVPN uses OpenSSL for encrypting IP traffic. This means that OpenVPN can utilize any of the encryption algorithms in the OpenSSL library and this makes it very versatile. In addition, OpenVPN supports 160-bit and 256-bit session keys, making it extremely reliable security-wise.
As far as overall security goes, OpenVPN is very dependable and can even be increased depending on configuration. On the other hand, the early implementations of PPTP VPN were very weak security-wise although current implementations are somewhat improved for many basic applications, although they are not as strong as OpenVPN implementations.
PPTP VPN uses PAP, CHAP v1/v2 and EAP-TLS. PAP is more common but weak and easy to break while CHAP v1/v2 is not commonly used.
OpenVPN uses strong server authentication enabled by certificates. The chances of a man-in-the-middle attack are greatly diminished.
Flexibility of Operating Ports
PPTP VPN utilizes TCP connection port 1723 that is fixed to initiate and handle another GRE tunnel. OpenVPN can use any port to send encrypted data packets over TCP or UDP.
PPTP is a native technology in many operating systems, so you don’t have to install custom-built client software. However, OpenVPN usually requires custom-made client software from the VPN provider. That said, some implementations of OpenVPN don’t require special software.
- Mac OS – Tunnelblick
- Linux – OpenVPN
- iOS – OpenVPN for iOS
- Android – OpenVPN for Android
PPTP VPN supports Windows, Linux, Mac OS X, iOS, Android, and DD-WRT while OpenVPN supports all the aforementioned systems except iOS. DD-WRT may work with difficulty. Because of its easy implementation, PPTP is the most widely used VPN protocol for mobile devices.
ISP Blocking Traversal
Because OpenVPN can work on any port on TCP and UDP, It’s not easy to block connections that implement that protocol although it is possible. However, an ISP can easily block connections using PPTP and there’s typically no workaround a blockage. So the only option to prevent ISP blockage is using OpenVPN.
Essentially, choose OpenVPN if:
- You need a highly secure connection
- You need more advanced features such as exclusive tunneling
- You want to workaround ISP blockages
Use PPTP VPN if:
- You need basic Internet security
- You want an easy setup without additional custom-built software
You want to use a personal VPN on a mobile device