| Virtual private networks (VPNs) are gaining in popularity, yet many administrators aren't sure |
| which protocol to use: Point-To-Point Tunneling Protocol (PPTP) or Layer Two Tunneling Protocol |
| (L2TP). Here's a quick comparison of the two: |
| Uses TCP and a modified version of Generic Routing Encapsulation (GRE). |
| Requires an IP network between a PPTP client and a PPTP server. |
| Can encapsulate other network protocols, such as IP, IPX, and NetBEUI. |
| Uses the same authentication as PPP, such as EAP, MS-CHAP, CHAP, SPAP, and PAP. |
| Can use Microsoft Point-to-Point Encryption (MPPE), but only in combination with EAP or |
| Supports Windows 9x and Windows NT/2000/XP clients. |
| PPTP server uses TCP port 1723. |
| PPTP is an older protocol. |
| Combines the best features from Layer Two Forwarding (L2F) developed by Cisco Systems, Inc., |
| Uses UDP and can be used over ATM, Frame Relay, and X.25 networks. Currently, only L2TP over |
| Encryption is provided by IPSec ESP, rather than by MPPE. |
| Also supports authentication mechanisms EAP, MS-CHAP, CHAP, SPAP, and PAP. Computer can |
| authenticate with IPSec ESP Security Association (SA). |
| Provides better security than PPTP. |
| L2TP client and server in Windows 2000 always use UDP port 1701. |
| L2TP over IPSec is not translatable by a NAT because the UDP port number is encrypted. |
First Previous Next Last |