Although most of our VPN servers use OpenVPN technology, widely regarded as one of the most secure VPN implementations out there, we offered PPTP server connectivity for iOS/mobile devices whereby installing OpenVPN would require a jailbreak. We are now replacing our PPTP servers with L2TP servers. We used PPTP in the past as it was:
1) Lightweight and had low overheads, in other words fast!
2) Easy to set-up
3) L2TP implementation on Android was and still is buggy.
However it also had the following issues:
1) PPTP is a protocol with a lot of unresolvable security vulnerabilities. However it is sufficient for casual security.
2) PPTP uses a GRE tunnel which is blocked by many mobile/wireless providers.
As Android devices now have an OpenVPN solution that does not require root (Feat VPN), we have chosen to use L2TP/IPSec instead which would work over mobile 3G connections and will be more secure.
We will also now only allow L2TP to be used by full users meaning packages of 30 days and above only and the login details will be available in the Bonus section in the Customer Portal which will be changed from time to time. Please note that the the way we implement L2TP (without the use of certificates for convenience) is still not meant for highly sensitive/confidential data but will provide a way for most users to enjoy still a pretty good level of mobile security on their iOS devices with the minimum of setup/hassle.
Over the next few hours, we will post an update on this 😀 PPTP servers will also be down until upgrade is completed.