Apple - What is the difference between Personal VPN vs VPN Configuration profiles?

In short, no. Both are instances of VPN configurations profiles.

By default, the “VPN Configurations” pane should be the only one that exists if you are installing a VPN configuration profile under the natively supported protocols (PPTP, L2TP/IPSEC).

The “Personal VPN” option appears only after installing certain software, such as Unlimited Free VPN by Betternet, which requires that you deploy the configuration profile in the form of a “preference pane profile” rather than deploying it either from the web, say, or through manual configuration. Additionally, the authentication involves a certificate exchange:

enter image description here

Details:

Apparently, it’s an implementation of the Network Extended Framework API:

The Network Extension framework (NetworkExtension.framework) provides support for configuring and controlling Virtual Private Network (VPN) tunnels. Use this framework to create VPN configurations. You can then start VPN tunnels manually or supply on-demand rules to start the VPN tunnel in response to specific events.

I’m not a developer, but having read the documentation and browsed around a few Stack Overflow discussions on it, it’s basically a plug-in that allows the user to manage an otherwise unsupported VPN protocol (IKEv2), and to do so within the native iOS VPN preference pane.

Do the two different types have different types of encryption?

At face value, no. If we are comparing the protocols, yes. The encryption depends on the protocol you are using and the VPN provider. With the exception of PPTP, the de-facto standard is 256-bit AES for transfer. IKEv2 supports and implements this.

Different types of connections?

In this sense, yes.

Sidenote: I use a third party application that supports OpenVPN to connect to my VPN provider (iPhone 6, running iOS 8.3) - as advised by them. The configuration profile appears as expected, under the default "VPN Configurations" pane.

My personal opinion would be to avoid all free VPN services unless you are rolling out your own. I use Private Internet Access, both on OS X and iOS, and highly recommend it.


The Personal VPN section contains VPN profiles added by applications that use the NetworkExtension.framework. These are traditional IPSEC VPNs that can use IKEv1 or IKEv2 for key exchange.

Supported authentication methods are PSK (Pre-Shared Key) in the case of IKEv1, or X.509 certificates for both IKEv1 and IKEv2. The security is equal to (or greater than, in the case of PPTP) what you find in the VPN configurations in the "VPN Configuration" section.

IPSEC VPNs should not be confused with SSL VPNs. NetworkExtensions.framework VPNs are IPSEC VPNs. Most commercial VPN products should support both IPSEC and SSL VPNs.

In the Open Source world, OpenVPN is an SSL VPN, whereas the SWAN software family (Strongswan, Libreswan, etc) supports IPSEC VPNs.

There are advantages and disadvantages to each type of VPN that are not in scope for a discussion like this. You can check Wikipedia for more details if you are interested.

Tags:

Ios

Iphone

Vpn

Related

Apple - Can I Share All Photos in iCloud Photo Library to Family Members? Apple - Xcode update would not work, and now won't leave the App Store update queue Apple - How to upload photos to iCloud Photo Library on iPhone without Wi-Fi? Apple - How to create a bash alias on OS X? Apple - Can I prevent OS X from resizing and moving windows when sleeping while attached to an external monitor? Apple - How do I encrypt an external drive with FileVault 2 in OSX Yosemite Apple - Boot camp install of Windows 7 issue, no bootable devices Apple - Temporarily disabling RAM to mimic a lower spec machine? Apple - How to get OSX to pick the strongest wifi signal with identical SSIDs? Apple - Using my own server instead of iCloud Apple - How to figure out what is causing the ownership of /usr/local to change from my-username to root Apple - Photos (OS X Yosemite / El Capitan) – show original in Finder?

Recent Posts