Remote Network Access: Which VPN Protocol Should I Use?
As we try to find a balance among home, work and recreational activities, there comes an increased need to manage data and systems from anywhere, and using any device (phone, tablet, laptop). But how to securely access and manage the network remotely, without worrying about who has access to the data?
The Internet can be a dangerous place for those who don’t carefully consider data security. While there are many options for connecting remotely, my preferred method is using a Virtual Private Network (VPN).
What is a VPN?
A VPN is a virtual network that uses a public network connection (the Internet) to provide a remote client with a secure connection to a private network. VPNs provide an encrypted connection to a private network—not just securing the initial login, but also protecting the data passed over the connection.
What is the difference between Port Forwarding and a VPN?
While Port Forwarding is commonly used for remote access, it has some major drawbacks in terms of security. VPNs offer better security by encrypting the data transferred between the client device and the private network.
What are the different VPN Types?
The three most common VPN types are PPTP, L2TP and IPsec. Each offers different advantages.
• PPTP (Point-to-Point Tunneling Protocol) uses a TCP-based control channel to initiate and control a GRE (Generic Routing Encapsulation) tunnel that encrypts packets using PPP (Point-to-Point Protocol). This type of VPN typically runs at 128-bit encryption and is relatively easy to set up, only requiring a username and password combination to connect.
PPTP only operates at Layer 3, which means that the user must know the IP addresses of private network resources in order to gain access to those resources.
• L2TP (Layer 2 Tunneling Protocol) is an extension of PPTP that combines the ease of management inherent in PPTP with the Layer 2 traffic capabilities of Cisco’s L2F protocol.
This type of VPN requires a secondary encryption method such as SSL or IPsec. Depending on the type of encryption used with L2TP, a range of 128 to 1,024 bits of encryption is available. (With our Luxul routers, for example, L2TP runs over IPsec at 1,024-bit encryption).
• IPsec (IP Security) is an end-to-end security protocol that operates at the Internet Layer of the IP suite. The most secure VPN type of the three, it requires a username, password and share secret to allow connection. IPsec typically runs at 1,024-bit encryption and rekeys every few hours. It also offers a Layer 2 connection to the remote private network.
When selecting the type of VPN to implement, there are a few considerations.