Layer 2 Tunnel Protocol (L2TP) is a VPN protocol that doesn’t offer any encryption. That’s why it’s usually implemented along with IPsec encryption. As it’s built into modern desktop operating systems and mobile devices, it’s fairly easy to implement. But it uses UDP port 500 — that means it can’t be disguised on another port as OpenVPN can. It’s thus much easier to block and harder to get around firewalls with.
IPsec encryption is secure. However, this is a slower solution than OpenVPN. The traffic must be converted into L2TP form, and then encryption added on top with IPsec. It’s a two-step process.
In Summary: It’s easy to set up, but has trouble getting around firewalls and isn’t as efficient as OpenVPN.
OpenVPN uses open-source technologies like the OpenSSL encryption library and SSL v3/TLS v1 protocols. It can be configured to run on any port, so you could configure a server to work over TCP port 443. The OpenSSL VPN traffic would then be practically indistinguishable from standard HTTPS traffic that occurs when you connect to a secure website. This makes it difficult to block completely.
It’s very configurable and will be most secure if it’s set to use AES encryption instead of the weaker Blowfish encryption. OpenVPN has become a popular standard. There have been no serious concerns that anyone has compromised OpenVPN connections.
OpenVPN support isn’t integrated into popular desktop or mobile operating systems. Connecting to an OpenVPN network requires a third-party application — either a desktop application or a mobile app. Yes, you can even use mobile apps to connect to OpenVPN networks on Apple’s iOS.
In Summary: OpenVPN is new and secure, although you will need to install a third-party application. This is the one you should probably use.
Comparison between OpenVPN and L2TP
| OpenVPN | L2TP/IPsec |
VPN Security | Authenticates data with digital certificates | Checks data integrity and encapsulates the data twice. |
Supported Environments | Windows
Mac OS X Linux Android iOS | Windows
Mac OS X Linux Android |
VPN Speed | Best performing protocol. Fast speeds, even on connections with high latency and across great distances | Requires more CPU processing to encapsulate data twice |
Stability | Most reliable and stable, even behind wireless routers, on non-reliable networks, and on Wi-Fi hotspots | Stable on NAT-supported devices |
Compatibility | Supported by most desktop computer operating systems and Android mobile and tablet devices. Requires applications. | Native in most desktop, mobile device, and tablet operating systems. |
Conclusion | OpenVPN is the recommended protocol for desktops. Highest performance and security. More configuration options. | A good choice when OpenVPN is not supported by a used device. Less configuration required. |