Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown

What is a VPN tunnel?

Hackers, snoopers, ISPs, and governments can turn your digital life into a living hell. Your data is valuable, and there’s no shortage of people who’d like to access it. A VPN tunnel will help protect you from all those prying eyes. Let’s learn more about VPN tunneling and the various protocols that form these tunnels.

Karolis Bareckas Karolis Bareckas

Karolis Bareckas

What is a VPN tunnel?

How does a VPN tunnel work?

A VPN tunnel is an encrypted connection between your device and the internet.

When you connect to the internet without a VPN (also known as virtual private network), a lot of your data is going to be exposed. Internet service providers (ISPs) can view and log your online activity, while the websites you visit will be able to see your IP address and location. These companies have one big reason to dig around your private life — to sell your browsing data to the highest bidder. They can also throttle your bandwidth if you frequently download large files.

Hackers have their own motives. They use malware, phishing, ransomware, DDoS attacks, and other techniques to intercept data, strip your bank accounts, and ruin your mood.

When you connect to the internet with a VPN, your data packets go through an encrypted and secure tunnel. This protects your browsing activity, masks your IP address, and redirects your data to a VPN server. You can also remotely access your data in a safe way. Neither ISPs nor hackers can identify you, snoop around your data, or track your location. The VPN tunnel is one of the most useful online security tools available.

VPN tunnels

Take your privacy into your own hands.

Stay safe with the world’s leading VPN

Types of VPN tunnels

There are many different VPN tunneling protocols varying in speed, level of security, encryption processes, and other features. Let’s explore the most common types.



  • An open-source protocol that works with all major operating systems. You can download the source code, review it, and modify it however you like;
  • OpenVPN protocol can run over the TCP (Transmission Control Protocol) or UDP (User Datagram Protocol) internet protocols;
  • It is also considered to be one of the most secure VPN tunneling protocols;
  • Quite fast.


  • Quite complex to set up on your own.



  • The IKEv2/IPSec protocol boasts the security benefits of IPSec (Internet Protocol Security);
  • It also has the high speeds of IKEv2 (Internet key exchange version two);
  • When your VPN connection is interrupted, or you’re switching between networks, the IKEv2/IPSec auto-connect feature restores everything back to normal.


  • IPSec/IKEv2 is not compatible with many operating systems.



  • The fastest protocol, which is extremely useful, when speed is your priority;
  • Extremely lightweight as it consists of just 4000 lines of code. It leaves less rooms for vulnerabilities and flaws;
  • Open source, which makes it transparent, easy to customize and debug;
  • Highly secure.


  • Unlike OpenVPN and IPSec, it requires its own infrastructure to function;
  • Still in the development stage.

In 2019, NordVPN introduced NordLynx, a protocol that has inherited the speed of WireGuard but guarantees the strong data encryption and security everyone is striving for.



  • Easy to set up, with accessible support;
  • Secure and fast;
  • Good at bypassing firewalls.


  • Works only on Windows;
  • Created by Microsoft, which is known to collaborate with the NSA.



  • Fast and convenient if you need in a quick-use VPN;
  • Highly compatible with every system;
  • Easy to set up and use.


  • It is an outdated protocol, which is insecure and contains multiple exploits and vulnerabilities;
  • The NSA is known to decrypt this protocol;
  • Due to its primitive and outdated nature, it is easily blocked by firewalls.

L2TP (layer 2 tunneling protocol) / IPSec


  • Accepts different encryption protocols, so you can easily customize it;
  • Easy to set up with loads of documentation available.


  • Not very secure as it is outdated, contains multiple vulnerabilities and potentially compromised by the NSA;
  • Slow due to the double encapsulation of data;
  • Similarly to SSTP, it is not good at bypassing firewalls.

How to use a VPN tunneling protocol

Usually, you can easily select a supported VPN tunneling protocol in your VPN app. Most premium VPN services usually support a few different VPN tunnel protocols, so you can pick your preferred one. For example, you can switch protocols easily in the Preferences section of NordVPN’s app.

What is split tunneling?

A VPN tunnel encrypts all your traffic, but there are certain situations when you might not want it to. This is exactly what split tunneling is all about — you can create exceptions for certain apps or websites and access them without a VPN.

Split tunneling infographic

Which VPN protocol should you use?

Everything depends on your needs, but OpenVPN is a top choice among most VPN providers because it is transparent, open-source, highly customizable, safe and fast. It’s a good choice if you need reliable security and high performance. NordVPN uses OpenVPN as its default protocol.

However, users can also easily switch to IKEv2/IPsec or NordLynx protocols. While IPSec/IKEv2 is stable, fast and secure it is not highly compatible with many systems. Regarding NordLynx, we strongly recommend using it if you need high speeds (e.g. in cases of streaming or gaming) as it is extremely lightweight and fast.

Online security starts with a click.

Stay safe with the world’s leading VPN

Karolis Bareckas
Karolis Bareckas Karolis Bareckas
success Verified author
Karolis is a tech geek who writes about cybersecurity, online privacy, and the latest gadgets. When not rattling his keyboard, he’s always eager to try a new burrito recipe or explore a new camping spot.