internet » Discussions


Which type of VPN is better

  • Leader
    March 20, 2020

    Which type of VPN is better
    Here I deal with the fact that it is better to choose a VPN Protocol, taking into account the fact that at both ends there are similar pieces of hardware, respectively, they can be made friends with each other in any combination. Accordingly, I read a lot about VPN types, and decided to share what I found out (without reprinting the same text from the wiki).


    PPTP
    A classical Protocol that works everywhere. On everything that moves. Very fast (only IPSec can compete with It under certain conditions). But there is one drawback — full of holes. The standard MSCHAPv2 allows you to find out the password if you intercept a session. But, apparently, the problem is only in the case of MITM. In other words, if you don't think that your traffic is being intercepted, then you can live. There are also protocols like EAP, but with their support, everything is quite sad.
    The second disadvantage is the use of the GRE Protocol as a transport (the same as TCP, UDP or ICMP, only GRE). Sometimes it cuts.
    In General, it is generally considered unsafe to use, but fast


    IPSec
    Not exactly a VPN, but something very cool and powerful that can encrypt either a single port between two computers, or link entire subnets in a secure way. Very well supported appartnoe encryption, and the whole encrypted, can even on certificates, even on PSK walk, works in Windows at a low level, in General, a miracle and not a Protocol. There are only a couple of fat cons: the initial setup can be very tedious (with sorting through ticks, and reading logs), a careless action can cut down the hardware (it will consider that traffic to it must go through IPSec, which is not configured), and configuring this through NAT — a mighty quest, for real Jedi.
    In General, I recommend connecting remote computers with fixed IP addresses to a secure pseudo-local network. Here it is magical. The rest is for the Amateur.
    It goes through UDP, EH, and ESP protocols, which is very good for transport, but a bit muddy for farivol. with NAT, UDP 4500 is added, and a bunch of Muti.


    L2TP/IPSec
    The slightly stupid name is due to the fact that the tunnel itself is unencrypted, so the tunnel rises on top of IPSec, which leads, according to many, to double encapsulation and a decent overhead. But since IPSec itself is good, it's not so bad. Live try not managed, perishing very big quest on configuring. I prefer bare IPSec. In General, as you can see, I don't really like this tunnel, but if someone set it up for you it works, it will be a very safe tunnel.
    Goes via UDP 1701, EH and ESP protocols, EH is not required.


    SSTP
    As a programmer, I really like this tunnel. Because this is a stupid SSL stream (by default on the 443-th port), which is wrapped in everything. Ie, everything is normal with cryptography TLS1. 2, all the buns. Checking server certificates, possibly client certificates. It works oak and stable. But one small nuance: it works well only on Windows starting with Vista and more or less on Microtiques. Under Linux something like under the Android out of the box there is nothing, well, in General, are not very common.
    However, if you can use it from the system — it will work.
    It is claimed that the Protocol is closed, so there may be holes, but from the outside it is a pure SSL stream (not distinguishable from a normal access to the site, except for the amount of data), so all security rules comply with https.
    Another drawback, in addition to limited support, is the TCP channel for the tunnel. What is the problem? On a bad network. Because TCP packets can be lost and re-requested. This results in a TCP over TCP situation, which leads to a lot of lower-level problems when the upper-level packets are lost. In other words, two levels begin to deal with attempts to re-send packets, which greatly slows the speed. However, with a good network, everything is fine.


    OpenVPN
    The last option I want to talk about, but not the worst. This is a separate OpenSource client called everything that moves, which allows you to do anything. At least to mix with the existing SSL traffic on the 443-th port of the server. In General, there is everything. Lots of algorithms, lots of options. There are only two minuses: you need to set it separately and configure it a little muddily. If you manage, everything will be fine, although users will have to write detailed instructions.
    And if possible, you should configure it to use UDP, not TCP, so that there are no problems similar to SSTP. The speed is approximately equal to SSTP.


    Speed
    Everything is very dependent, depends on fine-tuning, hardware support, and so on. But my tests have shown that in General, the speed is distributed as follows
    PPTP is the fastest. Very, very fast
    L2TP/IPsec-slightly slower (more serious protocols)
    SSTP-much slower
    OpenVPN-approximately corresponds to SSTP, but slightly slower (I only checked the TCP option, I think UDP will be much faster)

  • March 22, 2020

    Each VPN device supports PPTP by default, and since it is very simple to configure, this protocol continues to be the most popular among company owners and VPN providers. It is also the fastest protocol since it requires the least computation to implement it.

  • March 22, 2020

    the most promising and kind of cool VPN server. Free at the same time. Support for an incredible number of protocols in one server, including OpenVPN and others. Those. no need to keep zoo servers for various systems. And, as they say, the speed of tunnels on SoftEther is significantly higher than that of other servers.

  • March 22, 2020

    Personal VPN is a service offered by VPN Services - third-party companies that offer VPN functionality to any user on the Internet. The purpose of personal VPNs is to help you, an ordinary Internet user, safely browse sites and bypass any restrictions that you encounter.

  • March 22, 2020

    Using a VPN on computers is becoming an integral part of modern life. For some, this is a way to sit in social networks at work, and someone cares about their anonymity on the Internet and hides their real IP address in this way .


    newreleasedate2017.com


    Connecting to the Internet via the installed VPN extension for Yandex. Browser is an excellent and relatively simple way to solve the everyday tasks described above.
    We talked about the principle of VPN operation earlier and nothing changes in situations with browsers, with a few caveats.

  • March 22, 2020

    The Internet makes it possible to watch almost all television channels in the world. This means that you can watch original programs from ABC Discovery Channel and BBC on a computer and in most cases absolutely free. True, there is a restriction we must be in the country where the TV channel is located. To get around this obstacle we need a VPN