While most of us know what a VPN is, and why many people decide to use one, going more in-depth and finding out what VPN protocols are and learning about each one separately is a different story.
If you’ve been looking for the best VPN protocols, OpenVPN is definitely a name that popped up. If you’re wondering “what is OpenVPN”, or “how does OpenVPN work?”, then you’ve come to the right place.
Table of contents
- 1 What is OpenVPN?
- 2 OpenVPN technical details
- 3 About OpenVPN protocols (TCP & UDP)
- 3.1 Transmission Control Protocol
- 3.2 User Datagram Protocol
- 4 OpenVPN security, speed, compatibility, and setup process
- 4.1 Is OpenVPN secure?
- 4.2 Does OpenVPN offer good Internet speeds?
- 4.3 Compatibility features for the OpenVPN protocol
- 4.4 The OpenVPN setup process. How to use OpenVPN
- 5 OpenVPN vs other VPN protocols
- 5.1 OpenVPN vs PPTP
- 5.2 OpenVPN vs L2TP
- 5.3 OpenVPN vs IKEv2
- 5.4 OpenVPN vs SSTP
- 5.5 OpenVPN vs SoftEther
- 7 Bottom line
What is OpenVPN?
OpenVPN is a point-to-point VPN protocol that offers a secure tunnel from the client to the server (the two points). The software was designed by James Yonan and released in the early 2000s. The software was launched as an open-source program, meaning that anyone could download and use it free-of-charge, while also being able to bring beneficial adjustments to it.
To this day the software is still open-source, although the OpenVPN team does have its own project using the OpenVPN technology. In fact, multiple VPN providers have adapted and internalized this protocol into their services.
Today, OpenVPN is generally considered to be one of the best, if not the best, VPN protocol. Offering a high level of security, decent network speeds, and even customizable options for the knowledgeable consumer, OpenVPN is currently the most popular protocol around.
The founder, James Yonan, explains in this interview that he wanted to find a way through which he could access his office’s network while being in a different country and without having to rely on a colleague to be in the office to help him with the connection. Thus, he came up with the OpenVPN protocol, which went on to become the market leader today.
OpenVPN technical details
Now that we’ve clarified what OpenVPN is we can move on to more detailed specifics. While understanding which VPN protocol is the best one, it’s important to know why it is considered the best.
So basically, what is a protocol? It’s simply a set of rules and guidelines coded into the VPN software which decides how the program will work and react in various situations. In simpler terms, the protocol describes the way in which your information is transported and handled from one point to the next.
The OpenVPN protocol uses the OpenSSL toolkit, a complex library containing tools for ensuring network security for the SSL and TSL protocols. OpenVPN protocols use 256-bit encryption, which basically means your encrypted information should be nearly impossible to crack. In fact, it is estimated that with 256-bit encryption it would take billions of years for a contemporary computer to crack the encryption.
Encryption is important because it ensures your information is kept safe while traversing internet networks. If your information were to accidentally, or through hacker intervention, end up in the wrong person’s hands, you wouldn’t want them to be able to access it. That is why encryption is used, and the OpenVPN encryption is pretty tough to crack considering their 256-bit format.
Another aspect to keep in mind about using OpenVPN is that it may be more capable to avoid VPN blocking. VPN blocking happens when businesses or even governments notice encrypted traffic on their websites and decide to block this traffic.
Another tactic is to block IP addresses known to be used by VPN providers. However, OpenVPN is known for being able to bypass VPN blocking. The reason for this is because OpenVPN can use port 443, the port used when your computer connects to a website through HTTPS.
About OpenVPN protocols (TCP & UDP)
Customers don’t have to worry too much about the question “is OpenVPN secure?”. However, some people may have doubts with regard to the browsing speed offered by OpenVPN. As we will see, this speed depends on whether the TCP is used or the UDP.
Transmission Control Protocol
About now you may be wondering, “Hold on, what’s a TCP protocol?” Well, for starters, TCP (transmission control protocol) and UDP (user datagram protocol) are protocols used for data transmission by VPN protocols. The TCP is more commonly used because of its reliability. It was designed from UDP and is basically the safer of the two.
When a user connects to a VPN server using the TCP, both sides begin the session with a 3-way TCP handshake, a security measure that allows the two points of contact to check each other. The transmission control protocol awaits confirmation after every packet exchange.
When a packet of data is sent by the sender, the receiver emits a confirmation of receipt. This is possible because of the constant connection between the two points, as opposed to the UDP, where there is no connection.
Also, if any information packet is lost on the way, the receiving end will request the missing information so as to piece it all back together. Because of this, users will occasionally experience delays in commands and system lag. This is unfortunately one of the downsides of TCP and comes as an exchange for the impressive OpenVPN security.
User Datagram Protocol
The UDP is a possible alternative to the TCP, and generally offers much better speeds than the TCP. The reason for this is that the information sent is in no way registered and confirmed, as was the case with the TCP, and is simply sent in groups of packets. The user datagram protocol sends information without waiting for confirmation of receipt. If information is not received completely, the server will not ask for it again, and it will basically become lost.
Moreover, the UDP doesn’t actually establish a continuous connection to the server. Data packets are simply sent back and forth. Because of this, and the lack of receipt confirmation, the UDP protocol makes for a considerably faster VPN service. People who use VPNs for streaming or for online gaming will probably have a better user experience while using the UDP rather than the TCP.
Fortunately, many VPN clients supporting the OpenVPN protocol allow users to manually switch from TCP to UDP and vice-versa. If you notice you’re encountering delayed responses from the server, you can try switching to the UDP. Likewise, if you notice bugs and glitches during your internet activity, this may be caused by incomplete information being sent, in which case you might want to consider changing to the TCP. Also, remember that the TCP is basically the more reliable of the two protocols, since no packet loss occurs.
OpenVPN security, speed, compatibility, and setup process
Now that we’ve discussed the nitty-gritty aspects of the OpenVPN protocol, let’s take a closer look at some of the more casual aspects regarding this software. The following information can help you have a better idea about OpenVPN.
Is OpenVPN secure?
The OpenVPN protocol is currently one of the most trusted VPN protocols. It is used by many VPN providers. One of the main reasons for its superior security is the fact that the software is open-source, meaning that anyone can bring new improvements to it.
As mentioned previously, the protocol also uses 256-bit encryption, pretty much the best encryption there is. This fact, combined with the open-source capability, has made OpenVPN one of the most trusted VPN protocols out there. Another strong point for OpenVPN is that it is impressively adjustable.
Users are able to select different encryption systems, change which port is used, and even more. While doing these things doesn’t necessarily mean better security, it is certainly convenient to have such customizable software.
Does OpenVPN offer good Internet speeds?
Generally, the internet speed offered by the OpenVPN protocol is not too bad. While the average user will probably deem it acceptable, it is quite possible that you will find yourself feeling low on patience occasionally. As I mentioned earlier, there are things you can do about this, such as changing from the TCP to the UDP, however, keep in mind that this switch can compromise your online security.
OpenVPN definitely doesn’t reach the same speed as the PPTP protocol. However, the security offered by the second drastically fades away in comparison to the one ensured by OpenVPN. And yet, the speed offered by OpenVPN, even when using the TCP, should be satisfactory.
Compatibility features for the OpenVPN protocol
OpenVPN is quite a versatile protocol, being designed to work on all of the classic operating systems such as Windows XP and higher, MacOS, Linux, as well as on many of the less well-known operating systems, making it basically universal. Surprisingly, OpenVPN is designed to be compatible even with Android and iOS systems, making it available to pretty much any device.
The OpenVPN setup process. How to use OpenVPN
If you purchased a VPN plan from a provider, and they already have OpenVPN included in their service, the setup process may be as simple as installing the VPN client, and perhaps, if necessary, choosing the OpenVPN protocol. However, if your provider doesn’t offer OpenVPN, things can be more tricky.
Generally, so that you can connect to the servers used by your provider, you’ll need to download configuration files usually found in the downloads section of your provider’s webpage. You need to find, download and extract the ovpn files as well as the crt certificate files. For Windows users, the crt certificate files are not necessary since the Windows OpenVPN configuration files already have the certificates in the ovpn files. Linux users will need both the ovpn and crt certificate files.
The next step in this tricky process is to install the OpenVPN client from openvpn.net. Open the configuration folder found in the OpenVPN folder, and copy the ovpn files here. For Windows devices, this should basically cover it. But remember, for those of you who don’t want to know how OpenVPN works, you can opt for a VPN provider that already has the OpenVPN protocol implemented in its services.
OpenVPN vs other VPN protocols
As stated previously, OpenVPN is one of the best VPN protocols available at the moment. This doesn’t mean, however, that there are no other good VPN protocols. Sure, we won’t recommend using the PPTP protocol which is notorious for its poor security features, but there are other decent options such as the L2TP.
OpenVPN vs PPTP
OpenVPN is a clear winner between the two. While PPTP can offer slightly better internet speeds, OpenVPN can offer comparable performance in terms of speed, but also adds the value of the 256-bit encryption it can support. PPTP’s encryption is notoriously easy to exploit.
Here are just a few issues of PPTP protocol:
- - MPPE is vulnerable to bit-flipping attacks.
- - MPPE can’t encrypt NCP (Network Control Protocol) PPP (Point-to-Point Protocol) packets.
- - The cipher doesn’t usually check if the server is authentic.
- - MPPE is vulnerable to the Reset-Request attack (a form of Man-in-the-Middle Attack)
- - Also, PPTP can use MS-CHAP-v1 (which isn’t secure) or MS-CHAP-v2 (again, not safe at all) for authentication. OpenVPN is much more secure since it can use better encryption for authentication, such as SHA-256, SHA-384, or SHA-512.
Furthermore, PPTP is pretty easy to block with a firewall. OpenVPN can’t really be blocked by the network admin since it uses the HTTPS port.
OpenVPN vs L2TP
While L2TP on its own offers no encryption, pairing it with IPSec makes it comparable with OpenVPN in terms of security. While L2TP is natively available on many devices making OpenVPN the one that is a bit more difficult to set up, OpenVPN has the advantage of being open-source. This makes it more trustworthy than L2TP, which is owned by Microsoft and Cisco.
Not less important, L2TP/IPSec is very resource-intensive too (depending on how powerful your device is) because it encapsulates data twice. This is why you will most likely get better performance with OpenVPN instead.
OpenVPN vs IKEv2
Both are pretty similar in terms of speed and security, with IKEv2 having a slightly better speed and OpenVPN being a bit more difficult to block. While IKEv2 is usually the protocol of choice for mobile devices, being natively available on Blackberry phones, OpenVPN has the edge when it comes to cross-platform compatibility.
On the plus side, IKEv2 tends to offer better stability than OpenVPN because it can resist network changes. What does that mean? What if, for example, you were to switch from a WiFi connection to your data plan connection on the go, IKEv2 could handle that without dropping the connection.
As for ISP blocking, OpenVPN protocol is also the winner as it's much easier for network administrators to block UDP port used by IKEv2 than HTTPS protocol on their network.
OpenVPN vs SSTP
SSTP is believed to be slightly faster than the two, but not much evidence actually supports that. The main differences have to do with how much easier to detect and block by network admins SSTP is when compared to OpenVPN. As mentioned earlier, the fact that OpenVPN is open-source gives it an advantage over SSTP as well, which is also owned by Microsoft.
OpenVPN is the most cross-platform compatible VPN on this list. It works with Windows, Linux, and Android devices along with some routers. SSTP has better compatibility for natively built into Windows operating systems so you don't have to install any other software or apps onto your device first before setting up the connection if that's all available on your computer already as well as being accessible from Linux and Android phones too!
SSTP is usually the easier choice when you go for Windows platforms due to their natively built in client.
OpenVPN vs SoftEther
The SoftEther VPN client has a number of features that make it stand out from the OpenVPN client. For one, while they both have open-source code and can be used on various platforms, SoftEther is an academic technology created by researchers rather than a company like OpenVPN which was started as part of Science Applications International Corporation.
Unlike OpenVPN, which only supports its own protocol, SoftEther works with SSTP, L2TP/IPsec, SSTP and more. Speed is an area in which a significant difference between the two can be found. OpenVPN only manages to reach 100Mbps, but SoftEther is capable of going up to 900Mbps and in some cases, it can even reach higher speeds.
If you prefer to stick to a traditional solution to keep your online data protected, OpenVPN is still a recommended choice.
This pretty much covers the details about the OpenVPN protocol. Although it is sometimes considered a little slow, it is widely accepted as being the safest protocol out there. Moreover, its capacity for customization makes it greatly appreciated and frequently used among VPN providers.
And if you’re convinced that this is the right VPN protocol for your browsing needs, let me tell you a bit about HideIPVPN. Not only does our VPN client offer the option to use the OpenVPN protocols, but you can also actually take your pick from a variety of other protocols.
On top of this, we take great care of your internet speed and security. That is why our servers are strategically located all around the world for the best performance and we use AES-256 encryption, which is considered to be the industry standard at the moment.
Our VPN client is user-friendly, it works on most operating systems, it can be installed and operated on up to 5 devices simultaneously and has a plethora of functions for a safe and enjoyable browsing experience.