Typical VPN (OpenVPN, L2TP/IPSec, PPTP, SSTP) vs SSH2 Tunnels vs High Anonymity WEB Proxies

VPN In-depth, VPN Types Add comments

With the recent addition of SSH2 Tunnels, TUVPN is fast becoming one of the most complete VPN providers in the VPN ecosystem, offering a wide range of VPN protocols and security tools that can cover any possible user, from newbie to seasoned.

As we offer so many options/choices now, we have decided to summarize in this blog article the difference between the technologies offered so you can better decide which type is most appropriate to what you want to achieve. Primarily we want you to clearly understand how your traffic is protected, which traffic is protected and the level of anonymity provided by each technology. This of course applies to any VPN provider, not just TUVPN, so if you are not yet a TUVPN user it will be useful knowledge all the same!


Typical VPN Protocols (OpenVPN, L2TP/IPSec, PPTP, SSTP)

A common characteristic of these VPN protocols is that they modify the default gateway on your computer/device to redirect ALL INTERNET TRAFFIC over the VPN.

You can't choose which applications are routed over the VPN and which are not.

You can see it graphically here:

Typical VPN Protocols Communication Process

This of course has advantages, i.e. you don't have to worry about which traffic is protected and which not, all is by default.

But it also has some limitations i.e. you can't enjoy your full Internet connection speed for applications that don't require high security or anonymity. Using encryption and accessing the Internet through a remote VPN server instead of your local ISP will always add some extra burden to the communication process. The precise amount of extra burden, and so the difference of speed while running your applications, will depend on a number of factors – processor and memory of the client device, the distance to the VPN server with which you are connected, and the available resources at the VPN server level. By the way, you can test our server speeds with a new tool we have just added to the website – try it here.

Further, if you want to make sure that no traffic will reach the internet in the case of the VPN connection going down, you need to rely on third party products (i.e. firewalls) or have this feature integrated in the VPN client provided. By default and if nothing is done, when the VPN connection goes down, traffic will reach the Internet unprotected via your ISP.

With respect to anonymity, all typical VPN protocols will substitute your normal IP with the IP of the VPN server with which you have connected for ALL applications.


SSH2 Tunnels

SSH2 Tunnels offer more flexibility than the typical VPN Protocols for the people that need it.

The internal workings of an SSH2 tunnel are quite different from the typical VPN. Let's see it graphically and then we will go over it:

SSH2 Tunnel Communcation Process

To establish an SSH2 Tunnel first we will need, as with typical VPNs, a client e.g. MyEnTunnel for Windows.

Typically, this client once connected, will provide a LOCAL SOCKS5 PROXY (so a SOCKS5 Proxy running on our computer/device). But what on earth is this?! Plainly speaking, it is simply a program that will act as a broker for the Internet communications of the applications that we configure to use it.

So once our client is running and the SSH2 Tunnel is up, no application is protected by default, as happens with typical VPN protocols.

Now we need to configure the applications that WE WANT TO BE PROTECTED to use the provided SOCKS5 Proxy on our computer/device. This is fairly trivial and implies just changing a setting in the desired applications.

Now you see where flexibility comes into play. As long as an application supports using a SOCKS5 Proxy, we can protect it while leaving others outside of the SSH2 Tunnel and so without the extra burden that a VPN implies. This may be seen as a huge advantage by many users.

Moreover, you will clearly see that if the SSH2 Tunnel goes down (so the SOCKS5 Proxy goes down too), NO DATA FROM OUR SELECTED APPLICATIONS WILL EVER REACH THE INTERNET. This is quite obvious as they are configured to use the SOCKS5 Proxy to reach Internet and without it no data can be transmitted in any case. Again, this 'by default' behaviour is a strong plus for the SSH2 Tunnels.

When we look at anonymity with an SSH2 Tunnel, it will provide the same level as any typical VPN protocol for the SELECTED APPLICATIONS. For the rest of the applications that we are running outside the tunnel, no anonymity will be provided.


High Anonymity WEB Proxies

Finally we will discuss how High Anonymity WEB Proxies fit into this picture. Again let's see graphically their working:

High Anonymity WEB Proxy Communication

Everything is much simpler here. WEB Proxies as its name implies just work with WEB browsers (https/https traffic), no other application can use them.

Moreover, no traffic is protected (so no encryption is present in all the communication path). Just anonymity is provided by changing our IP with the IP of the proxy server.

You can read more about Proxies vs VPNs here.


And that should be it! Hope all of this is enough to let you choose your best vpn connection method and enjoy Internet in a more secure way! As always, we welcome your comments and thoughts.

Get the Fastest VPN NOW!

One Response to “Typical VPN (OpenVPN, L2TP/IPSec, PPTP, SSTP) vs SSH2 Tunnels vs High Anonymity WEB Proxies”

  1. djserge2k9 Says:

    Thanks again for adding SSH, now TUVPN fits all my needs. I ever prefered tunneling only few applications while reading my “regular” mails or websites using my real IP. One thing that makes SSH a little bit complicating is the risk of dns leaks (through java etc). Using a software like Proxifier is a must have to my opinion …

Leave a Reply


Get Your VPN NOW!

©2011 TUVPN.COM. All rights reserved.