A Comprehensive Guide to PPTP, L2TP, and Other VPN Protocols
What is L2TP/IPsec?
L2TP stands for Layer 2 Tunneling Protocol. L2TP was first proposed in 1999 as an upgrade to both L2F (Layer 2 Forwarding Protocol) and PPTP (Point-to-Point Tunneling Protocol). Because L2TP does not provide strong encryption or authentication by itself, another protocol called IPsec is most often used in conjunction with L2TP.
IPsec stands for Internet Protocol security. IPsec is a very flexible protocol for end-to-end security that authenticates and encrypts each individual IP packet in a given communication. IPsec is used in a wide range of applications at the Internet Layer of the Internet Protocol suite.
Used together, L2TP and IPsec are much more secure than PPTP (Point-to-Point Tunneling Protocol) but are still more suited for anonymization than for security.
L2TP sometimes has problems with firewalls because of its use of UDP port 500, which some firewalls have been known to block.
What is IKEv2?
IKEv2 stands for Internet Key Exchange Version 2. While IKEv2 is technically not the name of the VPN protocol, you will find it as a separate option in the ExpressVPN apps. In these cases, IKEv2 refers to a L2TP/IPsec implementation that uses this newer, more secure key exchange protocol instead of the older IKE.
ExpressVPN recommends you to use the OpenVPN and IKEv2 protocols. While L2TP/IPsec still offers encryption, there may be ways for an attacker to decrypt the VPN session.
More secure than L2TP/IPsec
Slower than OpenVPN