I have been spending quite some time lately comparing L2TP VPN on Linux versus OpenVPN. After doing a lot of testing I came to the conclusion that not only OpenVPN is faster than L2TP, but also much easier to set up and configure.
Pros and cons of each:
L2TP VPN Pros:
- Works with the Windows XP VPN client
- Because of native support allows a remote user to join a domain via “dial-ip” connection feature of XP
- Feature-rich backend allows complicated configurations with SSL or PSKs
L2TP VPN Cons:
- Unstable L2TP code; l2tpd requires heavy patching with the latest kernels; kernel recompilation with TTY support is preferable
- Unexpected crashes when the client connection is not closed properly
- Hard to configure; requires good linux skills along with solid understanding of networking and VPN technology
- Slower than OpenVPN
- Almost no support from the community
OpenVPN Pros:
- Easy to configure and install
- Does not require any kernel recompilation, works perfectly with the latest Linux distros
- Can be configured on any TCP or UDP port; excellent performance even when port forwarding
- Considerably faster than L2TP
- OpenVPN works on any version of Windows, Mac and Linux/Unix; a free GUI version is readily available for Windows
- Excellent support from the open source community
- Allows virtual point-to-point IP connections (tun) as well as virtual ethernet connections (tap)
OpenVPN Cons:
- Does not work with native Windows XP VPN client
As you can see, I couldn’t really find cons for OpenVPN, thanks to its speed and ease of use. I have also been very thankful to guys at DD-WRT who embedded an OpenVPN client into my Linksys WRT-54GL firmware. Now I have my workplace easily accessible from home, without having to manually connect via VPN :)
About Nasim Mansurov
can you tabulate the similarities of the two.
thank you
So that you don’t have to do a thing for your report? :)
Just to drop a line saying I have the similar conclusion in the year 2009. Only at some point I might be forced into L2TP over IPSec for mobile phone users…
tx Nasim, appreciated.
1 thing ..
“Does not work with native Windows XP VPN client”
.. I think there’s a way around that, no?
You’re welcome!
As far as OpenVPN not working with the native Windows XP client, there is no way around it. Is there a problem with installing the client on the machines? I have been using OpenVPN for a long time now and it works on everything, even on 64 bit Windows 7. In fact, I have dumped the L2TP approach for VPN completely and have been using OpenVPN for the last two years.
I highly recommend it!
aah, yes, thank you .. appreciate that.
and hey, I appreciate your Captcha thing too .. damn, I can actually read it, for once, and such a pleasant change to have to type something as basic as “CAR”!!
OpenVPN is the way to go as it support OpenSSL and you can control all the ports. The only Con is that you need to the installation of the client.
Open vpn on windows is slow only connects at 10mbs and don’t tell me it’s cosmetic I tested it. Got very frustated thanks to crappy win32 tap adapter tunnel. Could only get Around 10mbs from speed test servers all around country without openvpn I got around 40mbs down speed withe L2tp I get 32-36 down almost trible openvpn on windows and openvpn was even slower on the router. It might work alright for linux but for windows it sucks. Only because it is limited by the win32 tap adapter if they would fix that it would be far superior but operating 4-6 times slower than what my actual bandwidth is blows.
I have a custom mini-itx x86 router running m0n0wall I get 30+Mbs connected pptp 128-bit encryption, looking for l2tp client router software for it. But I double dog dare you to try and get even close to those speeds with openvpn heck I’ll even let you completely shut off the encryption and I bet you’ll only get about 1/3 of what I’m getting. Any takers.