L2TP vs PPTP for VPN?

[rugger29]

ok, I'm setting up a VPN so employees can work from home and still access their network drives. I'm fairly new to this area. Windows 2000 clients can use L2TP and PPTP. Which is a better protocol to use? Are there any advantages/disadvantages to each protocol? Thanks for the info.

 

[lowtech1]

PPTP - UDP

L2TP - TCP & GRE is much more reliable/secure than the faster UDP.

IPsec - DES, Triple DES, IDEA, etc... which have stronger algorithms than the above.

 

[Saltin]

PPTP actually uses GRE (generic routing encapsulation).

Originally Microsoft developed PPTP (along with a few other vendors) while Cisco pushed a protocol called L2F which was primarily implemented in Cisco products. A combination of the best features of PPTP and L2F was formed to create L2TP.

L2TP (Layer Two Tunneling Protocol) supports non-TCP/IP clients and protocols (such as Frame Relay, ATM and SONET) but fails to define any encryption standard. That's why L2TP is used with IPsec. It is also important to note that IPsec is more resource intensive than PPTP, hence the overhead with a L2TP solution is higher than PPTP.
PPTP is also somewhat easier to get up and running. IPsec does not use DES or 3DES at all. It is a combination of a couple of seperate protocols (AH and ESP).
Authentication Header (AH): provides authenticity guarantee for packets, by attaching strong crypto checksum to packets.
Encapsulating Security Payload (ESP): provides confidentiality guarantee for packets, by encrypting packets with encryption algorithms

Although L2TP (Layer 2 Tunneling Protocol) is compatible with most network protocols it is not widely deployed but is common in certain Telco and ISP networks.

[