VPN Types

PPTP(point to point tunneling protocol)

-low security
-it’s recommanded to implement PEAP-MS-CHAP v2 with PPTP for more security
-GRE encapsulation, MS-CHAP v2 encryption
-it uses TCP 1723 and protocol 47(GRE)

L2TP(layer 2 tunneling protocol)

-good security
-IPSec encapsulation, AES/3DES encryption
-it uses UDP 1701 and protocol 50(IPSec)

SSTP(secure socket tunneling protocol)

-simmilar to HTTPS
-SSL encapsulation and encryption
-it uses TCP 443

IKEv2(internet key exchange)

-good security
-encapsulation IPSec ESP, encryption using keys from IKE
-it uses UDP 500

Authentication Protocols:

MS-CHAP v2 – uses password, not certificates; has been hacked; it’s an extension that can be added to PPTP,L2TP,SSTP
EAP – uses certificates; EAP-TLS is an extension that can be added to PPTP,L2TP,SSTP
PEAP – only the VPN server needs a certificate; not a form of  EAP; creates encrypted channel; PEAP is a TLS wrapper around EAP-TLS and EAP-MS-CHAP v2 (also known as MS-CHAP v2)

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s