Before describing the difference between two types of protocols that are used in one must know their individual entity.
L2TP or Layer 2 Tunneling Protocol was developed with the combined efforts of Microsoft and Cisco by combining the features of Cisco’s proprietary proprietary Layer 2 Forwarding (L2F) protocol with Microsoft’s PPTP. L2TP supports the protocols like ATM, SONET and Frame Relay as well as non-TCP/IP clients without providing any confidentiality or encryption on its own. Its functioning depends upon the passing of encryption protocol through the tunnel to maintain privacy of the client. Now-a-days Microsoft’s PPP encryption from Point-to-Point Encryption (MPPE) is not used by L2TP connections but Encapsulating Security Payload (ESP) header, Internet Protocol security (IPSec) and trailer are used to provide them encryption. This is done because PPTP is less resource intensive than IPsec which makes L2TP more efficient than PPTP.
PPTP or Point-to-point Tunneling Protocol was developed by Microsoft in collaboration with other IT companies to support the VPN system among the clients f Windows. PPTP is developed as an expansion of PPP (Point to point protocol) where the layer used to transmit IP packets is linked with other links in serial. The authentication which was used with PPP is also used in PPTP. A tunnel is established in PPTP without providing encryption. Encryption is provided to PPTP to create safe VPN by using Microsoft’s Point-to-Point Encryption (MPPE) protocol. Thus low overhead of PPTP had given it better speed than various other methods of supporting VPN.
L2TP vs PPTP
While comparing L2TP and PPTP one can find various similarities and dissimilarities among them.
Points of similarities
- Both of them send PPP payloads by providing a logical transport mechanism
- Both of them allow sending PPP payloads based on any protocol across an IP network by providing tunneling or encapsulation
- Both of them allow performing user authentication and protocol configuration by relying on the PPP connection process
Points of dissimilarities
PPTP can be deployed easily and uses TCP to allow the re-transmission of lost IP packets. But, alternatively, PPTP is less safe than MPPE as it provides data encryption only after completion of PPP connection process. Connections through PPTP are needed to be authenticated only through the authentication protocol based on PPP.
L2TP, on the other hand, starts data encryption before the completion of PPP connecting process. AES(up to 256bit) or DESU (up to three 56-bit keys) are used to establish L2TP connections. A stronger authentication is provided through L2TP connections as authentication is certified at computer level along with PPP based user level authentication. UDP is used by L2TP which makes it faster to be used in real time internet connections but unable to re-transmit lost packets. Its firewall friendly feature also makes it more efficient than PPTP.
After going through the negative and positive points of L2TP and PPTP one can not conclude on any one of them to be the best. On one hand PPTP can be given the advantage of being older and various other features whereas on the other PPTP is discarded by various countries against the features of L2TP.