I am fresh vpn user and basically I use pptp protocol for streaming. On last weekend with my friends, I was using Facebook from my smartphone. In a while my smartphone is going hacked and all data that already stored in my phone was too. At that time, I said “What the fuck is this” but one of my friend suggest me to don’t use PPTP because it has zero level security.
Now, I have 3 different protocols option like l2tp, ikev2 and openvpn. Can anyone guide me which one is best for all purposes.
I did not say that ipsec / l2tp is generally better than openvpn but that, in the case of a mikrotik router, it is a better choice.
The implementation of openvpn on the routeros does not support udp and therefore it is not so fast.
Completely aside from the selection of a “best VPN”, please note that your original problem has absolutely nothing to do with the security of your VPN.
It is highly unlikely that someone, even when they have cracked your VPN, would be able to attack your smartphone from the outside.
Much more likely is that you visited content that infected your phone because it was not updated recently and it has a security issue.
Instead of focussing on changing your VPN, it is more advisable to re-install the phone and update it to the most recent state, and when there are no recent updates replace the phone.
PPTP should not be used anymore. Even Microsoft (which designed the protocol) has advised against using it.
One protocol which has not been mentioned is ‘OpenConnect’, which is quite simple to set up (you just need to make the keys and to edit a simple .conf file), but after that just works and OpenConnect works fast.
OpenConnect works fine on all OS and mobile platforms. OpenConnect was initially set up by Cisco (the makers of high quality routers), called ‘AnyConnect’ in Cisco-speak.
If I understand correctly, OpenVPN needs a third party client to work on Windows. L2TP/IPSec works fine on all my client types (Windows/Linux/Android/iPhone ++), so that is what I do use. There are also a nice view in my Splunk project that do show logs from the L2TP/IPSec logins. See my signature.
I lived in Dubai and here a lot of sites is a band and I don’t find and good VPN and here is something have the uae vpn law which I don’t have any clue if anyone has any information pls suggest me.
I do not understand why Mikrotik does not support openconnect. I think it is a hate Cisco thing. I wish vendors could keep politics out of their software.
Each VPN is needed for its own tasks, there are providers that break through ipsec and l2tp, then we give the client SSTP. You need a secure channel for mgmt traffic, then you can take openvpn, although slow, PPTP itself is outdated and its use is considered not secure, I personally use ipsec ike2 with certificates.
Its two flavours
.
Real (two way) VPN - where you control both endpoints or where both endpoints are trusted.
Work ( worksite to worksite, work laptop to worksite)
Home ( home to home, laptop to home etc.)
In which case Wireguard is friggin fast.
Fake (one way) VPN - where you only control one endpoint and put your trust into a THIRD PARTY provider, with no ability to 100% know if your data is being mined. If I was within agencies, I would be sure to have backdoors to all 3 party providers in my country (by law or by force) or own them outright. So think carefully where your third party provider is located. It doesnt have to be govt, it can be criminal enterprises owning these sites and selling your information.
Just a theory, I have no proof, but am naturally skeptical.
