The saying “out with the old, in with the new” is more important in cybersecurity than in perhaps any other industry in the world. That’s why, as much as we love them, it’s time to say goodbye to two VPN protocols that are ready for retirement.
On December 1st, NordVPN’s servers will stop supporting L2TP/IPsec and PPTP connections.
How will this affect you?
If you only use NordVPN through your app, this change will not affect you. This is true for every single app we offer on every platform. None of them have supported either of these protocols.
Until December 1st, you will be able to form L2TP/IPsec and PPTP connections with our servers by configuring them manually through your own built-in or third-party VPN clients. However, these two protocols are used by an exceedingly small percentage of our customers.
What are L2TP/IPsec and PPTP?
These are two different VPN protocols that have become somewhat obsolete. Both are relatively unsecure (compared to OpenVPN and IKEv2/IPsec, NordVPN’s protocols of choice) but had their own narrow, specific use cases. Because of their weak encryption, they could be supported by devices with insufficient computing power to support more powerful VPN protocols (like routers).
What if I use L2TP or PPTP?
Unfortunately, you won’t be able to connect using these protocols after December 1st. However, there are alternatives. If your router supports IKEv2/IPsec or OpenVPN, then simply configure a connection using these protocols.
If it doesn’t, now might be a good time for an upgrade! We understand that routers rarely get upgraded, but it’s a good time to do so because even budget-level routers are starting to support these more advanced protocols. If you go for a more powerful router with better security features, you can be fairly certain that it’ll run IKEv2/IPsec or OpenVPN (you should still check with the manufacturer, though).
You can also buy a router through our partners at flashrouters.com. They sell powerful routers pre-configured for use with NordVPN.
Why are these protocols being removed?
As we mentioned, the L2TP and PPTP protocols are largely obsolete. Because they are so insecure, they have become incompatible with a key part of our core mission – to provide our users with industry-leading security.
If you have any other questions, don’t hesitate to contact our 24/7 customer support team.