An Internet Engineering Task Force (IETF) standard tunneling protocol that is used to encapsulate Point-to-Point Protocol (PPP) frames for transmission over TCP/IP, X.25, frame relay, or Asynchronous Transfer Mode (ATM) networks.
You can use Layer 2 Tunneling Protocol (L2TP) to create virtual private networks (VPNs) over public networks such as the Internet. Because L2TP is an IETF standard, it provides the interoperability between different VPN vendors that protocols such as Microsoft’s Point-to-Point Tunneling Protocol (PPTP) and Cisco’s Layer 2 Forwarding (L2F) protocol do not, although L2TP essentially combines the best features of these two protocols and is an extension of them.
The driving forces behind the development of L2TP include Microsoft and Cisco Systems; L2TP is supported on many Cisco Systems platforms and by the Microsoft Windows 2000 operating system.
PPP provides the connection over which L2TP tunnels packets. The tunnel can be initiated by either the dial-up client at the customer premises or by the network access server (NAS) located at the L2TP service provider, typically an Internet service provider (ISP). When the client initiates a connection to the NAS, the NAS is referred to as an L2TP access concentrator (LAC). The LAC forwards its L2TP traffic to the remote node, which is referred to as an L2TP network server (LNS); the NAS performs the server-side function of PPP termination and acts as the receiver of incoming connections. However, if the NAS initiates the L2TP tunnel with the customer premises, the client PC acts as the LNS.
L2TP supports several of the authentication options supported by PPP, including Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), and Microsoft Challenge Handshake Authentication Protocol (MS-CHAP). You can use L2TP to authenticate the endpoints of a tunnel to provide additional security, and you can implement it with Internet Protocol Security (IPSec) to provide a secure, encrypted VPN solution.
Some of the differences between L2TP and L2F include the following:
L2TP differs from PPTP in the following ways:
L2TP can be implemented wherever PPTP or L2F is used. A VPN constructed using L2TP can be initiated in two ways:
When Multilink PPP (MPPP) is used, the PPP links from the customer premises must terminate at the same NAS at the service provider. L2TP has the advantage of supporting multilink configurations in which each link terminates at a different NAS at the provider for more flexibility.