Common VPN Protocols

hellolinux2021
·
(edited)
·
IPFS
·
Commonly used VPN protocols and some VPNs in the market

Introduction to common vpn protocols

VPN protocols work in a variety of ways, but they generally perform two basic functions: authentication and encryption. Authentication ensures that your device communicates with a trusted VPN server, while encryption makes the communication itself unreadable to outsiders.

Different encryption standards and authentication methods result in different speeds and security for VPN users. VPN protocols also have different rules on how to handle potential errors, which affects the stability and reliability of the VPN.

  • Secure Socket Tunneling Protocol (SSTP) : The SSTP VPN protocol was developed separately by Microsoft and was introduced with Windows Vista. It is very similar to a PPTP tunnel encapsulated in SSL, an early encryption protocol used to secure web pages. As such, SSTP initially only worked on Windows devices, and beyond that it never gained popularity. SSTP has limited configurability and is not prominent among existing protocols.
  • Layer 2 Tunneling Protocol (L2TP): Compared to pioneering but outdated protocols such as PPTP and SSTP, the Layer 2 Tunneling Protocol is a major step forward, offering better security at the cost of reduced speed. L2TP is often used in conjunction with the IPsec protocol to provide AES-256 encryption, and the combination of the two is called L2TP/IPsec.
  • IPsec: IPsec, short for Internet Protocol security, is a flexible VPN protocol that authenticates and encrypts each individual IP packet. It's often combined with protocols like L2TP that don't provide encryption on their own. L2TP/IPsec is better for anonymity than security, as there are other protocols, like OpenVPN, that provide a stronger level of security
  • openvpn : OpenVPN is a highly configurable open source protocol. It's free for all platforms, highly valued by the community, and widely adopted among consumer VPN services. OpenVPN is most easily configured to disguise itself as normal internet traffic, which helps it evade filters and firewalls. It has been extensively audited by trusted independent researchers, making it suitable for deployment even in sensitive environments. (Configurable with UDP or TCP and supports up to 256-bit encryption). Compared with passing the wall, OpenVPN is seen more in various gray industries, such as free flow, IPV6 authentication around WIFI, campus network authentication and so on.
  • Internet Key Exchange Version 2 (IKEv2): IKEv2 is one of the newest protocols with significant advantages, especially speed. It is perfect for mobile devices of all platforms. However, since it is primarily used in corporate environments, IKEv2 does not support Linux, and the lack of configurability is a disadvantage. In addition, IKEv2 is strictly authorized and difficult to audit. The open source implementation of IKEv2 is adopted to ensure the integrity of the protocol.
  • Point to Point Tunneling Protocol (PPTP): As one of the first companies to enter the protocol world, PPTP has a rich and storied history. It's been around since the Windows 95 days, but it relies on the outdated MS-CHAP v2 authentication suite, which means it's easy to crack. This inherent vulnerability has an advantage: the lack of encryption and authentication features means PPTP is the fastest VPN protocol. It also means the content of your internet connection can be seen by your ISP, your Wi-Fi carrier, and government surveillance agencies like the NSA.
  • wireguard: WireGuard® is a free and open source VPN protocol, originally written in C language by Jason a. Donenfeld et al. It is regarded as a next-generation VPN protocol and is currently developed by Edge Security LLC. Official repository .

WireGuard® is an extremely simple and fast modern VPN that utilizes state-of-the-art encryption technology. Its goal is to be faster, simpler, leaner, and more useful than IPsec, while avoiding a lot of headaches. Its performance is much higher than OpenVPN. WireGuard is designed as a general purpose VPN that can run on embedded interfaces and supercomputers, suitable for many different environments. Originally released in the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployed. It's currently under heavy development, but it's already considered the safest, easiest to use, and easiest VPN solution in the industry.

WireGuard uses state-of-the-art cryptography such as Noise Protocol Framework, Curve25519, ChaCha20, Poly1305, BLAKE2, SipHash24, HKDF and Secure Trusted Fabric. It makes conservative and reasonable choices and has been reviewed by cryptographers. Protocol description .

WireGuard securely encapsulates IP packets through the UDP protocol. You can add a WireGuard interface, configure it with your private key and your peer's public key, and send packets through it. All key distribution and push configuration issues are outside the scope of WireGuard;

v2ray vmess vless trojan: V2Ray uses WS + TLS, and its protocol is not much different from Trojan itself

Summarize

Speed: IKEv2, OpenVPN, WireGuard

PPTP, SSTP is not recommended

Relatively secure: IKEv2, L2TP, and OpenVPN, WireGuard

WireGuard has developed rapidly in recent years, and github has been updated to update applications on various platforms. This protocol is used by many VPNs.

other

ProtonVPN: Introduction , Taiwanese background, openly distinguish the relationship between the CCP, support TOR, support wireguard in 2022, the speed has been improved, another famous service is ProtonMail, the main anonymous and secure mail service, is relatively well-known in the circle .

tail : A portable operating system that prevents monitoring and censorship.

tailscale : A simple VPN with zero configuration. The project was founded and initiated by the original golang core developers. It has been around for two years, and the status quo has resolved the commercial stage.

outline: https://getoutline.org/ https://github.com/Jigsaw-Code/?q=outline

refer to

What is the best VPN protocol?

Privacy Tools: https://www.privacytools.io/#vpn

https://www.privacyguides.org/tools

CC BY-NC-ND 2.0

Like my work? Don't forget to support and clap, let me know that you are with me on the road of creation. Keep this enthusiasm together!

hellolinux2021欢迎拍手与交流,个人Channel:https://t.me/hellolinuxLab Sentinel DVPN中文社区管理,技术及使用支持 https://t.me/Sentinel_China 个人主页:https://hellolinux.uk/about
  • Author
  • More

20220820近况更新

费曼学习法

obsidian的annotator插件