encrypted IPSec/L2TP with OSX?


How can I configure IPSec/L2TP within OSX so that it is encrypted? 

Until now I use it over the build-in "IPSec/L2TP" but as I found out it is not encrypted, just the IP Adress is different to my original one :-(

If encryption is not possible by the build-in, can anyone suggest an OSX app that is able to do so and knows how to configure it for PIA?

I use for now OSX 10.9.5!


I know I can also use Openvpn, but this is very slow and IPsec is much faster!


  • edited December 2015 Posts: 617
    When you say, "it is not encrypted, just the IP Adress is different to my original one," perhaps you're thinking of what happens when you use a proxy? Or perhaps you're thinking of PPTP which does include the option for no encryption. There is no such option for L2TP over IPSec.

    "IPSec/L2TP within OSX" most certainly is encrypted. The encryption is thought by some to not be as secure as OpenVPN, but the fact is it is encrypted. I'd also argue that it's incorrect to say OpenVPN "is very slow and IPsec is much faster." If there is any difference at all the difference is typically so nominal as to be imperceptible. If your priority is achieving the highest possible performance than don't use any encryption at all because, the reality is, encryption of any sort will always add some overhead and slow things down. But to claim that one is "very slow" in comparison to the other is simply not the case.

    Separate and apart from that issue there is the issue of PIA's own app, of which there have been numerous complaints for a host of different issues, including speed degradation. Those problems can be avoided by simply not using PIA's app. For the Mac there is the free Tunnelblick and the relatively inexpensive Viscosity. I've used both but much prefer Viscosity. It's never caused me any trouble. If you ever do need support Viscosity does an excellent job of supporting their app (unlike PIA, whose support for their app is abysmal).

    And BTW I did do some extensive A/B comparisons between IPSec/L2TP and OpenVPN (w/Viscosity) and could find no obvious speed advantage of one over the other. Given that OpenVPN is inherently more secure that's what I'd always use, even if it was a bit slower than IPSec/L2TP (which it's not).
    Post edited by tomeworm on
  • n13n13
    edited September 2017 Posts: 1
    Thanks for the info! It's weird PIA says L2TP is not encrypted - it's going over IPSec so it definitely is. Apple is placing a premium on security so they wouldn't offer an unencrypted VPN option!

    PIA OS X app was really unreliable and hard to use. TunnelBlick is nicer, but has issues reconnecting - since I'm on a laptop I am waiting for it to reconnect / restarting it / turning it off all the time. Which defeats the purpose.

    Will give Viscosity a try and use OS X L2TP via IPSec in the meantime. Testing the latter, it seems faster. But it also does't play nice with MenuMeters, which is a bummer... I need that... 

    Please use the official page for Viscosity - it's very important to use official website of the developer for any app download. Otherwise you never know what you're going to get, could be malware, spamware, who knows! 

    Official download is here: https://www.sparklabs.com/viscosity/
    Post edited by n13 on
Sign In or Register to comment.