This article explains the different types of protocols that Internet Shield VPN offers.
We offer several different VPN options. Below are some differences and caveats to using them that will help you decide which one is best for you.
Different Connection Types (Protocols)
| Protocol / Connection Type |
Description |
Device / OS Availability |
| PPTP(Point-to-Point Tunneling Protocol) |
- Recommended for low-risk, speed intensive browsing, like video streaming
- Typically used on older operating systems and older mobile devices
- There are some known security vulnerabilities
- Not recommended for very sensitive information.
|
Not available for macOS or iOS devices |
| L2TP w/ IPSEC(Layer 2 Tunneling Protocol with Internet Protocol Security) |
- Recommended for mobile devices that will not allow you to use the OpenVPN Protocol
- Fixes vulnerabilities seen in PPTP, but as a result, the connection could be a little bit slower than OpenVPN
- Can be more difficult to configure on a router because it uses multiple ports
|
- Windows
- macOS
- Android
- iOS
|
| OpenVPN |
- Most recommended for use when possible
- An open-source project that allows for multiple types of authentication methods, but ultimately uses SSL/TLS (similar to your web browser)
- Typically offers faster access speeds than L2TP but does require third-party software and certificate files to be installed in order to use it if you are not using the IPVanish software.
- UDP
- Often faster due to having no error correction
- Recommended use when the target server is on the same continent and the end-user is not in a rural area
- TCP
- Uses error correction so that lost packets don't have to be retransmitted as often
- Recommended for connections to servers that are far away and/or if the end-user shows packet loss when connecting to the server
|
Support for mobile devices is limited |
| IPSec |
- Often available in mobile devices
- Tends to connect faster than traditional VPN protocols
- May have some problems connecting over wireless routers or any other devices that use NAT
|
iOS mobile devices |
| IKEv2 |
- Often available in newer mobile devices
- Typically just as fast as IPSec and generally more secure
|
iOS mobile devices |
Ports used for Firewall Configuration
- For OpenVPN, we allow connections via TCP or UDP on ports 443 or 1194. The Internet Shield VPN software uses port 443.
- Both PPTP and L2TP need the PPTP & L2TP pass-through options in the firewall/router's management interface to be enabled (if applicable). Routers without these options may not support PPTP or L2TP traffic.
- To allow PPTP traffic, open TCP port 1723.
- To allow L2TP w/ IPSec traffic, open UDP ports 500, 1701 & 4500.
- Both IPSec and IKEv2 use UDP port 500.
