IKEv2
Internet Key Exchange version 2 is an IPsec tunneling protocol developed jointly by Microsoft and Cisco. It is included in Windows 7 and later versions, and is supported by Blackberry and Apple mobile devices.There are open source solutions available for Linux.
Data is transmitted via UDP ports 500 and / or 4500, with 3DES and AES cryptographic algorithm data encryption. Using UDP provides a good speed of operation and does not create problems for working behind NAT and firewalls.
Thanks to a number of its features, IKEv2 is especially relevant for mobile users - IKEv2 allows you to automatically reinstall the VPN tunnel in the event of a temporary Internet connection break, for example, during a trip to the subway. The protocol is also highly susceptible to frequent network changes — such as switching between Wi-Fi points, or between Wi-Fi and a mobile network. This is one of the few protocols supported by Blackberry devices.
PPTP
Point-to-Point Tunneling Protocol (Point-to – Point Tunneling Protocol) is a protocol invented by Cisco Systems for organizing VPNs over dial-up networks. PPTP has been the standard protocol for building a VPN for many years - its support was first implemented in the Windows NT 4.0 and Windows 95 OSR2 operating systems.
Currently, PPTP is available as a standard VPN protocol in almost all operating systems and communication devices, which allows you to use it without the need to install additional software. Its advantage is also that it uses a small amount of computing resources, therefore, it has a high speed of operation.
PPTP works by establishing a normal PPP session with the opposite party using the Generic Routing Encapsulation protocol. A second connection on TCP port 1723 is used to initiate and manage the GRE connection. Due to the need to establish two network sessions, it may be difficult to set up a PPTP connection behind the firewall. In addition, some Internet service providers block the GRE protocol, which makes it impossible to use PPTP.
PPTP relies on various authentication methods to ensure the security of the connection, the most common of which is MS-CHAP v.2. Data transmitted via PPTP is encrypted using the MPPE protocol, which includes the RSA RC4 encryption algorithm with a key length of a maximum of 128 bits.
During its existence, various vulnerabilities were discovered in the implementation of the PPTP protocol, the most serious of which was the vulnerability of the MS-CHAP v. 2 authentication protocol, which allows you to recover the encryption key within a day. Due to security concerns, the PPTP protocol can only be used in VPN solutions where there are no requirements for ensuring the confidentiality of the transmitted data.
Server IKEv2
| address | ebosh.space |
| vpn type | IKEv2 |
| username | ebosh |
| password | la5as |
Server PPTP
| address | ebosh.space |
| vpn type | PPTP |
| username | ebosh |
| password | megk5 |