Choosing Between PPTP and L2TPIPSec

Choosing Between PPTP and L2TP/IPSec

One of the choices to make when you're deploying Windows Server 2003 “based VPNs is whether to use L2TP/IPSec or PPTP. Windows XP and Windows 2000 VPN client and server computers support both L2TP/IPSec and PPTP by default. Both PPTP and L2TP/IPSec use PPP to provide an initial envelope for the data and then append additional headers for transport through the Internet. PPTP and L2TP also provide a logical transport mechanism to send PPP payloads and provide tunneling or encapsulation so that PPP payloads based on any protocol can be sent across the Internet. PPTP and L2TP rely on the PPP connection process to perform user authentication and protocol configuration.

There are a few differences between the PPTP and L2TP protocols. First, when using PPTP, the data encryption begins after the PPP connection process is completed, which means PPP authentication is used. With L2TP/IPSec, data encryption begins before the PPP connection process by negotiating an IPSec security association. Second, PPTP connections use MPPE, a stream cipher that is based on the Rivest-Shamir-Aldeman (RSA) RC-4 encryption algorithm and uses 40-, 56-, or 128-bit encryption keys. Stream ciphers encrypt data as a bit stream. L2TP/IPSec connections use the Data Encryption Standard (DES), which is a block cipher that uses either a 56-bit key for DES or three 56-bit keys for 3-DES. Block ciphers encrypt data in discrete blocks (64-bit blocks, in the case of DES). Finally, PPTP connections require only user-level authentication through a PPP-based authentication protocol. L2TP/IPSec connections require the same user-level authentication as well as computer-level authentication using computer certificates.

Advantages of L2TP/IPSec over PPTP

Although PPTP users significantly outnumber L2TP/IPSec users, because of a higher level of security in L2TP/IPSec and several other benefits of L2TP/IPSec, organizations that seek to improve secured remote connectivity are beginning to implement L2TP/IPSec VPN as their remote and mobile access standard. The following are the advantages of using L2TP/IPSec over PPTP:

• IPSec provides per packet data authentication (proof that the data was sent by the authorized user), data integrity (proof that the data was not modified in transit), replay protection (prevention from re-sending a stream of captured packets), and data confidentiality (prevention from interpreting captured packets without the encryption key). PPTP provides only per packet data confidentiality.

• L2TP/IPSec connections provide stronger authentication by requiring both computer-level authentication through certificates and user-level authentication through a PPP authentication protocol.

• PPP packets exchanged during user-level authentication are never sent unencrypted, because the PPP connection process for L2TP/IPSec occurs after the IPSec security associations are established. If intercepted, the PPP authentication exchange for some types of PPP authentication protocols can be used to perform offline dictionary attacks and determine user passwords. If the PPP authentication exchange is encrypted, offline dictionary attacks are possible only after the encrypted packets have been successfully decrypted.

Advantages of PPTP over L2TP/IPSec

Although L2TP/IPSec is perceived to be more secure than a PPTP VPN session, there are significant reasons why organizations choose PPTP over L2TP/IPSec. The following are advantages of PPTP over L2TP/IPSec:

• PPTP does not require a certificate infrastructure. L2TP/IPSec requires a certificate infrastructure for issuing computer certificates to the VPN server computer (or other authenticating server) and all VPN client computers.

• PPTP can be used by all Windows desktop platforms (Windows XP, Windows 2000, Windows NT 4.0, Windows Millennium Edition [ME], Windows 98, and Windows 95 with the Windows Dial-Up Networking 1.3 Performance and Security Update). Windows XP and Windows 2000 VPN clients are the only clients that support L2TP/IPSec and the use of certificates.

IPSec functions at a layer below the TCP/IP stack. This layer is controlled by a security policy on each computer and a negotiated security association between the sender and receiver. The policy consists of a set of filters and associated security behaviors. If a packet's IP address, protocol, and port number match a filter, the packet is subject to the associated security behavior.