Skip to main content
Tech Radar
  • Tech Radar Pro
  • Tech Radar Gaming
Tech Radar Pro TechRadar IT Insights for Business
Subscribe
RSS
(opens in new tab) (opens in new tab) (opens in new tab) (opens in new tab)
Asia
flag of Singapore
Singapore
Europe
flag of Danmark
Danmark
flag of Suomi
Suomi
flag of Norge
Norge
flag of Sverige
Sverige
flag of UK
UK
flag of Italia
Italia
flag of Nederland
Nederland
flag of België (Nederlands)
België (Nederlands)
flag of France
France
flag of Deutschland
Deutschland
flag of España
España
North America
flag of US (English)
US (English)
flag of Canada
Canada
flag of México
México
Australasia
flag of Australia
Australia
flag of New Zealand
New Zealand
Technology Magazines
(opens in new tab)
Technology Magazines (opens in new tab)
Why subscribe?
  • The best tech tutorials and in-depth reviews
  • Try a single issue or save on a subscription
  • Issues delivered straight to your door or device
From$12.99
(opens in new tab)
View (opens in new tab)
  • News
  • Reviews
  • Features
  • Opinions
  • Website builders
  • Web hosting
  • Security
Trending
  • Best standing desk deals
  • Best cloud storage 2023
  • What is Microsoft Teams?
  • Windows 11 for business

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

  1. Home
  2. Features
  3. Computing
Supported (opens in new tab)

VPN Tunnels explained: what are they and how can they keep your internet data secure

By Desire Athow
Contributions from
Rob Clymo

See which type of tunneling protocol is best for your security

In Association with

ExpressVPN logo (opens in new tab)
An abstract of data moving in a tunnel
(Image credit: Pixabay)

Growing censorship and stiffer regulations are seen by many as two of the biggest threats to our global internet freedom and security. The good news for fans of online activities is that we’ve seen an increasing number of services become available to protect our internet web browsing time and fend off snooping by organizations.

One of the biggest growth areas for beefing up online security has been the use of Virtual Private Networks (or VPN). The humble VPN has become increasingly popular in recent years, mainly because they have the ability to bypass government censorship and geo-blocked websites and services. Better still, a reputable VPN will allow you to do this without giving away who is doing the bypassing.

In order for a VPN to do this, it creates what is known as a tunnel between you and the internet. Doing this means your internet connection is fully encrypted and it lets you stop ISPs, hackers and even the government from nosing through your browsing activity.

What is a VPN Tunnel?

When you connect to the internet with a VPN, it creates a connection between you and the internet that surrounds your internet data like a tunnel, encrypting the data packets your device sends.

While technically created by a VPN, the tunnel on its own can’t be considered private unless it’s accompanied with encryption (opens in new tab) strong enough to prevent governments or ISPs from intercepting and reading your internet activity.

The level of encryption the tunnel has depends on the type of tunneling protocol used to encapsulate and encrypt the data going to and from your device and the internet.

Types of VPN tunneling protocols

There are many types of VPN protocols that offer varying levels of security and other features. The most commonly used tunneling protocols in the VPN industry are PPTP, L2TP/IPSec, SSTP, and OpenVPN - and the world's best VPN services should offer most or all of them. Let’s take a closer look at them.

1. PPTP

Point to Point Tunneling Protocol (PPTP) is one of the oldest protocols still being used by VPNs today. Developed by Microsoft and released with Windows 95, PPTP encrypts your data in packets and sends them through a tunnel it creates over your network connection.

PPTP is one of the easiest protocols to configure, requiring only a username, password, and server address to connect to the server. It’s one of the fastest VPN protocols because of its low encryption level.

While it boasts fast connection speeds, the low level of encryption makes PPTP one of the least secure protocols you can use to protect your data. With known vulnerabilities dating as far back as 1998, and the absence of strong encryption, you’ll want to avoid using this protocol if you need solid online security and anonymity – government agencies and authorities like the NSA have been able to compromise the protocol’s encryption.

2. L2TP/IPSec

Layer 2 Tunneling Protocol (L2TP) is used in conjunction with Internet Protocol Security (IPSec) to create a more secure tunneling protocol than PPTP. L2TP encapsulates the data, but isn’t adequately encrypted until IPSec wraps the data again with its own encryption to create two layers of encryption, securing the confidentiality of the data packets going through the tunnel.

L2TP/IPSec provides AES-256 bit encryption, one of the most advanced encryption standards that can be implemented. This double encapsulation does, however, make it a little slower than PPTP. It can also struggle with bypassing restrictive firewalls because it uses fixed ports, making VPN connections with L2TP easier to block. L2TP/IPSec is nonetheless a very popular protocol given the high level of security it provides.

3. SSTP

Secure Socket Tunneling Protocol, named for its ability to transport internet data through the Secure Sockets Layer or SSL, is supported natively on Windows, making it easy for Windows users to set up this particular protocol. SSL makes internet data going through SSTP very secure, and because the port it uses isn’t fixed, it is less likely to struggle with firewalls than L2TP.

SSL is also used in conjunction with Transport Layer Security (TLS) on your web browsers to add a layer to the site you’re visiting to create a secure connection with your device. You can see this implemented whenever the website you visit starts with ‘https’ instead of ‘http’.

As a Windows-based tunneling protocol, SSTP is not available on any other operating system, and hasn’t been independently audited for potential backdoors built into the protocol.

4. OpenVPN

Saving the best for last, we have OpenVPN, a relatively recent open source tunneling protocol that uses AES 256-bit encryption to protect data packets. Because the protocol is open source, the code is vetted thoroughly and regularly by the security community, who are constantly looking for potential security flaws.

The protocol is configurable on Windows, Mac, Android, and iOS, although third-party software is required to set up the protocol, and the protocol can be hard to configure. After configuration, however, OpenVPN provides a strong and wide range of cryptographic algorithms that will allow users to keep their internet data secure and to even bypass firewalls at fast connection speeds.

Which tunneling protocol should I use?

Even though it’s the fastest, you should steer clear of PPTP if you want to keep your internet data secure. L2TP/IPSec provides 256-bit encryption but is slower and struggles with firewalls (opens in new tab) given its fixed ports. SSTP, while very secure, is only available on Windows, and closed off from security checks for built-in backdoors.

OpenVPN, with its open source code, strong encryption, and ability to bypass firewalls, is the best tunneling protocol to keep your internet data secure. While it requires third-party software that isn’t available on all operating systems, for the most secure VPN connection to the internet, you’ll want to use the OpenVPN protocol.

A good VPN service should offer you the choice of at least these four types of tunneling protocols when going online.

Your best options

When it comes to the best VPN to sign up for there are plenty of options to choose from. Of course, if money is tight and you’re not too keen on spending anything more than you have to, trying the best cheap VPN could be an alternative. Got a budget even more limited than that? Another option could be to enlist the services of the best free VPN, of which there are numerous variants to pick from. 

The main issue with opting for a free VPN is that you generally won’t get the same value as that provided by a paid-for rival. What’s more, if you’re using a VPN then one of the main considerations is going to revolve around security. By choosing a less well-known VPN, as opposed to the major players such as ExpressVPN (opens in new tab), NordVPN (opens in new tab), Surfshark (opens in new tab) or IPVanish (opens in new tab) to name but four, you might not get the same level of protection.

Free can be limited

Even if you have managed to find a free or cheap VPN you’re happy with, remember that there may be limitations on the way you can use the software service. Free VPNs can be a little miserly when it comes to the amount of data you can use, with the operating speed frequently being less impressive than paid-for alternatives too. If you’ve got a desire to stream video or are torrenting on a regular basis, this might be false economy.

More corners can be cut because of the free aspect too, with low-budget options potentially offering less in the way of protection. This is made worse by the way some free VPNs will feature advertising incorporated into the program, which can get old very quickly. Worse still, your data might get sold on too, which defeats the object of the exercise if you’re looking for a more secure life online.

Affordable VPN benefits

In fact, you’ll find the cheap VPN arena also features many of the same names found in the premium VPN marketplace, including the likes of ExpressVPN, NordVPN, Surfshark and PureVPN (opens in new tab). Alongside employing tunneling protocols, you should also be able to enjoy the likes of fast connection speeds, beefy no-logging security, easy connectivity and the back-up of 24/7 customer support too. You’ll probably want to compare and contrast before signing up for a package, but the VPN arena offers a range of options to suit any kind of budget.

Naturally, if you’re looking for VPNs that call on the most commonly used tunneling protocols in the industry including PPTP, L2TP/IPSec, SSTP and OpenVPN, those top names are always going to be the best bet. However, there are solid middle ground options to consider too. A cheap VPN provider will often have many of the same features and functions found in those premium editions, but you’ll make some savings too.

We've listed the best business VPN.

TechRadar Pro created this content as part of a paid partnership with ExpressVPN. The contents of this article are entirely independent and solely reflect the editorial opinion of TechRadar Pro.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

By submitting your information you agree to the Terms & Conditions (opens in new tab) and Privacy Policy (opens in new tab) and are aged 16 or over.
Desire Athow
Desire Athow
Social Links Navigation
Managing Editor, TechRadar Pro

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website builders and web hosting when DHTML and frames were in vogue and started narrating about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium.

With contributions from
  • Rob Clymo
More about computing
Google Bard being used on a phone

Google promises to unleash more of Bard’s potential in the 'next week'

A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.

Watch out - Microsoft Defender is flagging some legitimate URLs as harmful

Latest
karcher wv6 cleaning window

Karcher Window Vac WV 6 Premium review: great for windows and more

See more latest ►
Most Popular
Three tips for extended comfort in your office chair

By Kim L. BeaudoinMarch 30, 2023

Forget about ray tracing – physics is how gaming will take its next big leap forward

By Phil IwaniukMarch 30, 2023

Spotify Niche Mixes got me addicted to pagode, goblincore, and funeral doom

By Becky ScarrottMarch 30, 2023

GTA 5 rival Crime Boss is a sexist mess

By Cat BussellMarch 30, 2023

What to do when ChatGPT is down

By Muskaan SaxenaMarch 29, 2023

Elden Ring one year later - is it still the best game FromSoftware ever made?

By Phil IwaniukMarch 29, 2023

The Evercade EXP's unique selling point made me feel like a kid again

By Rhys WoodMarch 29, 2023

Hot Wheels Unleashed is the best racer on Game Pass that you’ve never played

By Phil IwaniukMarch 29, 2023

Persona's journey from PS2 hidden treasure to global phenomenon

By Francisco DominguezMarch 28, 2023

Two years after PS5 and Xbox Series X, we’re still not in the next generation

By Phil IwaniukMarch 28, 2023

Sonos home theater guide: the Sonos surround setups actually worth buying

By Dave MeiklehamMarch 28, 2023

  1. Trojan
    1
    A VoIP service used by some of the world's biggest firms has been hacked
  2. 2
    HBO Max's streaming successor will be revealed very soon
  3. 3
    Forget about ray tracing – physics is how gaming will take its next big leap forward
  4. 4
    Bang & Olufsen Beoplay EX review: All other earbuds have now been ruined
  5. 5
    7 new movies and TV shows on Netflix, Prime Video, Apple TV Plus and more this weekend (March 31)
  1. Apple TV 4K 2022 and Siri remote on white background
    1
    Apple TV 4K gets promised Quick Media Switching feature to eliminate 'HDMI bonk'
  2. 2
    Microsoft’s mission to make Windows 11 worse continues with ads in the Start menu
  3. 3
    Netflix's Scott Pilgrim TV show reunites the film's cast – and I couldn't be happier
  4. 4
    Netflix Games could be coming to your TV, and I can’t believe I'm excited about it
  5. 5
    Microsoft announces Diablo IV Xbox Series X Bundle and disappoints everyone
Technology Magazines
(opens in new tab)
  • ●
Technology Magazines (opens in new tab)
  • The best tech tutorials and in-depth reviews
From$12.99
(opens in new tab)
View (opens in new tab)

TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site (opens in new tab).

  • About Us (opens in new tab)
  • Contact Future's experts (opens in new tab)
  • Contact Us (opens in new tab)
  • Terms and conditions (opens in new tab)
  • Privacy policy (opens in new tab)
  • Cookies policy (opens in new tab)
  • Advertise with us (opens in new tab)
  • Web notifications (opens in new tab)
  • Accessibility Statement
  • Careers (opens in new tab)

© Future US, Inc. Full 7th Floor, 130 West 42nd Street, New York, NY 10036.