What is the difference between PPTP, L2TP, SSTP, OpenVPN and SSH/Socks Protocols?


Point-to-Point Tunneling Protocol (PPTP) is a Microsoft invention for creating VPN over dialup networks, and as such has long been the standard protocol for internal business VPN for many years. It is a VPN protocol only, and relies on various authentication methods to provide security. Available as standard on just about every VPN capable platform and device, and thus being easy to set up without the need to install additional software, it remains a popular choice both for businesses and personal usage. It also has the advantage of requiring a low computational overhead to implement.

LimeVPN implements PPTP encryption with MPPE 128bit cipher, with or without compression and MS-CHAPv2 authentication.


Layer 2 Tunneling Protocol (L2TP) came about through a partnership between Cisco and Microsoft with the intention of providing a more secure VPN protocol. L2TP is considered to be a more secure option than PPTP, as the IPSec protocol which holds more secure encryption algorithms, is utilized in conjunction with it. It also requires a pre-shared certificate or key.

LimeVPN implements L2TP encryption with the standardized IPSec protocol with AES encryption algorithm. A 256 bit key will be used for encryption.


Secure Socket Tunneling Protocol (SSTP) works in situations where most VPN connections would be blocked. This includes countries which forbid the use of VPN technology, and certain companies that block VPN connections. It uses TCP Port 443, the same port used by Secure Socket Layer (SSL) transmissions. This combines with a special method to form the packets to allow SSTP transmissions to pass through most proxies and firewalls. It is considered the most secure of VPN tunneling protocols because it uses SSL, authentication certificates and 2048-bit encryptions.

The major downside to SSTP is that it was created exclusively by Microsoft and only works on Windows Vista SP 1 and Windows 7/8. Because it is proprietary, there are no known plans to make it officially available to users of Mac OS, Linux and older versions of Windows.

If you cannot connect with PPTP or L2TP protocol, and if you can browse https web sites most likely SSTP should work for you.


OpenVPN is a fairly new open source technology that uses the OpenSSL library and SSLv3/TLSv1 protocols, along with of other technologies, to provide a strong and reliable VPN solution. One of its major strengths is that it is highly configurable, and although it runs best on a UDP port, it can be set to run on any port, including TCP port 443. This makes it traffic on it impossible to tell apart from traffic using standard HTTP over SSL , and it is therefore extremely difficult to block.

LimeVPN implements OpenVPN protocol with AES cipher and 128bit and 256bit (Optional) encryption, hash algorithm is 160bit SHA1, control channel is TLSv1/SSLv3 DHE-RSA-AES256-SHA and 2048 bit RSA.

LimeVPN provides OpenVPN / SSL VPN protocol on TCP ports 80 (http), 443 (https), 992, 1194, 8888 and UDP ports 53 (DNS), 80, 992, 1194 and 8888.

If you cannot connect with PPTP or L2TP protocol you can try to connect with OpenVPN with different TCP and UDP ports.

Learn more

Check out our guide on How to select a VPN protocol which has basic recommendations and easy-to-compare VPN protocols table.