Which is faster: OpenVPN UDP or TCP?

OpenVPN over UDP is generally faster and more resilient to loss. OpenVPN over TCP is useful to traverse restrictive firewalls or DPI, but TCP-over-TCP can suffer severe performance penalties on lossy links.

Why is IKEv2 recommended on iOS?

iOS has excellent native IKEv2 support. MOBIKE allows tunnels to survive network changes with minimal battery impact, making it stable and efficient on mobile.

Can a VPN protocol alone prevent leaks?

No. You also need a firewall-based kill switch, in-tunnel DNS, IPv6 handling, and WebRTC protections. The provider’s implementation and your client settings matter as much as the protocol.

What if my VPN connects but websites don't load?

Adjust MTU/MSS to avoid fragmentation, switch between UDP and TCP, prefer TCP/443 with obfuscation on restrictive networks, ensure DNS is tunneled, and clear captive portal logins before reconnecting.

Is PPTP acceptable today?

No. PPTP uses broken authentication (MS-CHAPv2) and weak encryption. It should not be used for security-sensitive purposes.

VPN Protocols Explained

Q: Is WireGuard too new to trust?

WireGuard uses a conservative cryptographic design (NoiseIK with modern primitives) and has a small codebase with extensive review. The main privacy caveat is server-side key/IP handling; choose providers with ephemeral keys and double-NAT designs.

Disclosure: Some links on this page are affiliate links. We may earn a commission if you make a purchase through them, at no additional cost to you.

Quick answer: In 2026, the best all-around VPN protocol for most people is WireGuard (or a well-implemented WireGuard-based variant like NordLynx or Lightway) thanks to fast handshakes, excellent throughput, and modern cryptography. For restrictive networks and deep packet inspection (DPI), OpenVPN over TCP 443 with obfuscation still punches through more reliably. IKEv2/IPsec shines on mobile due to MOBIKE and fast re-connects. L2TP/IPsec and PPTP are largely legacy; avoid PPTP for anything involving security.

Contents show

What Are VPN Protocols (and why you should care)?

A VPN protocol is the rule set that governs how your device creates a secure tunnel to a VPN gateway: how peers authenticate, which ciphers protect traffic, how packets are encapsulated (UDP/TCP/ESP), how the session survives network changes, and how it reacts to loss and congestion. Different protocols optimize for different goals: speed, stability, censorship resistance, battery life, and privacy posture. Choosing the right one can double your throughput, drop your latency by tens of milliseconds, or be the difference between working and being blocked behind a hotel firewall.

At a glance: protocol comparison

Protocol	Transport & Crypto	Strengths	Limitations	Best use cases
WireGuard	UDP; NoiseIK; ChaCha20-Poly1305; small codebase (~4–5k LOC)	Very fast handshakes and throughput; excellent roaming; low CPU/battery; simple config	Raw WG maps static keys to IPs (privacy considerations); UDP-only can be throttled/blocked; some captive portals dislike UDP	Daily use, streaming, gaming, mobile VPN, high-bandwidth links
OpenVPN (UDP/TCP)	TLS 1.2/1.3 encapsulation; AES-GCM/ChaCha20; runs over UDP or TCP	Highly compatible; mature; flexible; works over TCP/443; easy to obfuscate with stunnel/obfsproxy	Heavier than WG; TCP-over-TCP meltdown risk; more CPU overhead	Censorship/DPI evasion, enterprise compatibility, tricky Wi-Fi/hotels
IKEv2/IPsec	UDP 500/4500; IKEv2 + ESP; AES-GCM/ChaCha20; PFS; MOBIKE	Fast re-keys; stable on mobile; native clients on iOS/macOS/Windows; split-tunnel friendly	Some NATs/firewalls block ESP/NAT-T; config complexity; fewer consumer features (obfuscation)	Corporate/mobile deployments, consistent mobile data↔Wi-Fi handovers
L2TP/IPsec	UDP 1701 + IPsec ESP/NAT-T	Widely available; simple device support on older gear	Double encapsulation overhead; slower; struggles with NAT/DPI; largely legacy	Only when nothing else is available on older systems
SSTP	TLS over TCP/443 (Microsoft)	Traverses most firewalls (443); decent performance on Windows; simple to deploy in MS stacks	Closed protocol; patchy cross-platform support; niche in consumer VPNs	Windows-centric networks where 443 is the only open path
PPTP (legacy)	GRE + MPPE; MS-CHAPv2 auth (broken)	Very fast; ubiquitous on ancient devices	Insecure (broken auth/encryption); deprecated everywhere	Avoid for security; lab/testing only

Deep dives: how the major protocols behave

WireGuard

WireGuard is a lean, modern protocol using the NoiseIK handshake and ChaCha20-Poly1305 AEAD with Curve25519 for ECDH. It lives in kernel (Linux) or as a high-quality userspace port and emphasizes simplicity: tiny codebase, minimal knobs, and stateless roaming (peers are identified by public keys). The result: near-instant handshakes, consistent high throughput, and low CPU usage—great for battery life on iOS/Android and blazing on multi-Gbps links.

Roaming & NAT: Uses persistent keepalives and endpoint discovery; survives IP changes (Wi-Fi→LTE) seamlessly.
Privacy posture: Raw WG maps a static public key to an internal/static tunnel IP; naive server configs could leave short-term association data. Reputable providers implement ephemeral keying and double-NAT (e.g., NordLynx) to decouple accounts from internal IPs.
Censorship resistance: UDP can be throttled/blocked; obfuscation requires add-ons (e.g., UDP over DTLS/TLS, Shadowsocks, or proprietary “Stealth” layers).
When to use it: Default choice when networks aren’t actively hostile; streaming, gaming, day-to-day privacy.

OpenVPN (UDP and TCP)

OpenVPN is battle-tested, highly configurable, and open-source. It encapsulates traffic in TLS, typically with AES-GCM or ChaCha20-Poly1305 and ECDHE for PFS. Runs over UDP (preferred for speed) or TCP (helpful behind restrictive proxies and DPI).

Obfuscation: Easy to disguise as normal HTTPS with stunnel, obfs4, or XTLS/Reality-style fronting; TCP/443 blends into allowed traffic.
Performance considerations: OpenVPN-UDP is solid but has more overhead than WireGuard. OpenVPN-TCP risks TCP-over-TCP meltdown on lossy links (both layers retransmit/congest).
When to use it: On networks with DPI, authoritarian filters, enterprise proxies, or where UDP is blocked.

IKEv2/IPsec

IKEv2 negotiates security associations and keys for IPsec ESP. It supports MOBIKE for resilient mobility, making it fantastic on phones that hop between networks. Crypto is modern (AES-GCM or ChaCha20; ECDHE for PFS). It typically runs over UDP ports 500/4500 (NAT-T).

Pros: Very quick re-keys, stable long-lived tunnels, native clients on iOS/macOS/Windows, good for split tunneling.
Cons: Firewalls that block UDP 500/4500 or ESP will break it; less flexible obfuscation options than OpenVPN.
When to use it: Corporate deployments; mobile users who value stability more than obfuscation.

L2TP/IPsec (legacy)

L2TP provides the tunnel; IPsec provides encryption. Because you’re encapsulating twice, overhead is higher and performance is worse. It’s broadly available on old gear but fragile with NAT and offers weak resistance to DPI. Use only when modern options aren’t available.

SSTP (Microsoft)

SSTP rides over TLS on TCP/443, which helps it slip past most firewalls. It’s well integrated on Windows Server/Client but remains a closed protocol with patchy support elsewhere. Reasonable for Windows-only environments when OpenVPN isn’t feasible.

PPTP (do not use for security)

PPTP is fast because its crypto/auth stack is broken (MS-CHAPv2 can be cracked). Modern OSes warn or block it by default. It’s effectively deprecated; keep it out of production.

Provider-specific / proprietary protocols

NordLynx (NordVPN): A WireGuard-based protocol with double NAT to avoid mapping static keys to user identities or fixed internal IPs. Typically among the fastest; privacy-minded design addresses raw WireGuard’s linkage concerns.
Lightway (ExpressVPN): Lightweight, mobile-first protocol using wolfSSL; supports AES-GCM and ChaCha20-Poly1305. Quick resume and solid performance even on unstable Wi-Fi/4G; audited for implementation assurance.
Hydra (Hotspot Shield/Catapult Hydra): Focuses on throughput and censorship resistance with proprietary transport/obfuscation. Limited independent scrutiny compared with OpenVPN/WireGuard.
Stealth (various vendors, e.g., Proton VPN): Obfuscation layers that disguise WireGuard/OpenVPN as standard TLS/HTTPS to bypass DPI and national firewalls; expect a speed penalty due to extra wrapping.

Performance: where the speed comes from

Handshake latency: WireGuard’s NoiseIK is 1-RTT with minimal state → near-instant connections. OpenVPN + TLS needs more messages; IKEv2 is fast on re-key.
Cipher efficiency: ChaCha20-Poly1305 is excellent on mobile/ARM; AES-GCM benefits from CPU AES-NI on desktops/servers.
Transport: UDP avoids TCP’s head-of-line (HOL) blocking and is superior for lossy links. TCP hides better in enterprise but risks meltdown in TCP-over-TCP tunnels.
Encapsulation overhead & MTU: Tunnels add headers. If your MTU is too high, you’ll see fragmentation/black holes. Set MSS clamp to ~1360–1380 bytes for OpenVPN/WireGuard as a safe baseline; test and tune.

Censorship resistance & DPI evasion

Adversarial networks fingerprint protocols via packet sizes, timing, and TLS signatures. Strategies that work today:

OpenVPN-TCP 443 with stunnel (TLS inside TLS) or obfs4 to blend with HTTPS. Strong but slower.
WireGuard over TLS (a.k.a. “WG-over-TLS”/“Stealth WG”): encapsulate UDP in a TLS-looking stream; expect overhead.
Domain fronting / advanced pluggables (where legal): routes traffic through high-reputation CDNs; central governments increasingly detect/pressure CDNs to block this.
SSTP/443 in Windows environments when OpenVPN is not permitted.

Mobile behavior: reconnection, battery, and stability

WireGuard: Minimal keepalives, efficient crypto; excellent battery life. Roaming between networks is smooth.
IkeV2/IPsec: MOBIKE lets the tunnel survive IP changes well; often the most stable on iOS with native client support.
OpenVPN: Userspace keepalives mean more wakeups; fine on modern devices but less battery-optimal versus WireGuard/Lightway.

Security posture & audits

Open-source code & audits: WireGuard and OpenVPN have strong community scrutiny. Assess the provider’s implementation too: RAM-only servers, key rotation, log minimization, and external audits.
Key management: Prefer providers with ephemeral session keys, automatic re-keying, and designs that avoid permanent key↔IP linkage (e.g., NordLynx double-NAT).
Leak protection: Protocol choice isn’t enough—enable kill switch, in-tunnel DNS, IPv6 handling (tunnel or disable), and guard against WebRTC leaks.

Which protocol should you pick? (Decision guide)

Daily use on normal networks: WireGuard (or NordLynx/Lightway). If unstable, try OpenVPN-UDP.
Hotels/campuses/airports with strict firewalls: OpenVPN-TCP 443 with obfuscation. If Windows-only, SSTP/443 can work.
Mobile (switching Wi-Fi/LTE often): IkeV2/IPsec or Lightway. WireGuard is also great if the network isn’t blocking UDP.
Old routers/embedded gear: OpenVPN is widely supported; avoid L2TP unless forced; never PPTP for security.
Nation-state DPI/censorship: OpenVPN-TCP 443 + stunnel/obfs or a vendor’s Stealth mode; expect slower speeds.

Implementation tips (hands-on)

MTU/MSS: If you see stalls or weird slowdowns, clamp TCP MSS: OpenVPN mssfix 1360 and tun-mtu 1500 (adjust), or set OS-level MSS rules for WireGuard traffic.
DNS: Force resolver queries inside the tunnel (provider DNS or encrypted DNS in-tunnel). Mixing public DoH/DoT with geo-unblocking can cause mismatches.
Kill switch: Use a firewall-based kill switch (blocks any non-tunnel egress) rather than app-only toggles.
Protocol fallbacks: Try WireGuard → OpenVPN-UDP → OpenVPN-TCP 443 with obfuscation. Automate failover where possible.
Audits & logging: Favor providers with third-party audits, RAM-disk servers, and transparent, minimal logging policies.

Less common (but useful) options

OpenConnect/AnyConnect (SSL-VPN): Cisco-style SSL VPNs with good enterprise support; some consumer services support OpenConnect for compatibility.
SoftEther: Multi-protocol, TLS-based VPN stack; flexible, but heavier to deploy; can mimic HTTPS well.

FAQs

Is WireGuard “too new” to trust?

WireGuard’s cryptographic design (NoiseIK + modern primitives) is conservative and widely reviewed; its small codebase reduces attack surface. The main caveat is server-side privacy practices—choose providers that implement ephemeral keys and do not persist linkable metadata.

OpenVPN UDP or TCP—what’s faster?

UDP almost always. TCP is mainly for restrictive networks and DPI evasion. Avoid tunneling TCP inside TCP when you can; loss and latency magnify.

Why is IKEv2 often recommended on iOS?

Excellent native support, quick re-establishment, and MOBIKE keep sessions up as radios change (cellular↔Wi-Fi) with minimal battery impact.

Can a VPN protocol alone guarantee no leaks?

No. You need in-tunnel DNS, IPv6 handling, a firewall kill switch, and browser/WebRTC protections. Protocol choice is one piece of a larger privacy stack.

What should I try if my VPN “connects” but nothing loads?

Lower MTU/MSS, switch UDP→TCP (or vice versa), try TCP/443 with obfuscation, ensure DNS is in-tunnel, and check for captive portals (disconnect, open an HTTP site to trigger login, then reconnect).

Is PPTP ever acceptable?

Not for security. It’s deprecated due to broken authentication. Only use in lab scenarios where encryption is irrelevant.

Conclusion

The “right” VPN protocol depends on your threat model and network conditions. WireGuard (and well-engineered variants like NordLynx and Lightway) deliver the best blend of speed, stability, and modern crypto for everyday privacy. OpenVPN remains the Swiss Army knife that powers through DPI and odd networks—especially in TCP 443 with obfuscation. IkeV2/IPsec is a mobile workhorse. Treat L2TP/IPsec and PPTP as legacy. For consistent results, start with WireGuard, fall back to OpenVPN-UDP, then OpenVPN-TCP 443 with obfuscation when the network gets hostile.