OpenVPN is an open-source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for key exchange. OpenVPN uses the OpenSSL library to provide encryption of both the data and control channels. It lets OpenSSL do all the encryption and authentication work, allowing OpenVPN to use all the ciphers available in the OpenSSL package. Currently our Openvpn server use Blowfish encryption algorithm (128 bit). Routed mode prevents client-to-client communication for security reasons.
Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets. PPTP is quite old and widely used and supported protocol. PPTP was the first VPN protocol that was supported by Microsoft Dial-up Networking. All releases of Microsoft Windows since Windows 95 OSR2 are bundled with a PPTP client. Nowadays pptp servers use MSCHAP auth and MPPE encryption (128 bit). To enable connection for old clients that do not support MPPE this was made optional on our servers.
Published in 1999 as proposed standard RFC 2661, L2TP has its origins primarily in two older tunneling protocols for point-to-point communication: Cisco's Layer 2 Forwarding Protocol (L2F) and Microsoft's Point-to-Point Tunneling Protocol (PPTP). Because of the lack of confidentiality inherent in the L2TP protocol, nowadays it's implemented along with IPsec. This was referred to as L2TP/IPsec and because almost no one use plain L2TP now, when you read L2TP usually it means "L2TP with IPsec". In case you choose L2TP data will be encrypted using AES128-SHA1 algorithm and keys will be changed automatically each 4 hours.
Secure Socket Tunneling Protocol (SSTP) is a form of VPN tunnel that provides a mechanism to transport PPP or L2TP traffic through an SSL 3.0 channel. SSL provides transport-level security with key-negotiation, encryption and traffic integrity checking. The use of SSL over TCP port 443 allows SSTP to pass through virtually all firewalls and proxy servers except for authenticated web proxies. SSTP is supported in Microsoft systems starting from Windows Vista SP1. During connection initialization stage encryption algorithm will be chosen depending on client/server SSL library versions. Possible choices are RC4 or AES.