Penguin

Acronym for Layer 2 Tunnelling Protocol.

L2TP is a VPN protocol that is an extension to the PPP protocol, taking the best from PPTP from MicrosoftCorporation and L2F from Cisco.

It is of interest because it is the default method for implementing IPSEC VPN's in Windows 2000+.

From SearchNetworking:

The two main components that make up L2TP are the L2TP Access Concentrator (LAC), which is the device that physically terminates a call and the L2TP Network Server (LNS), which is the device that terminates and possibly authenticates the PPP stream.

PPP defines a means of encapsulation to transmit multiprotocol packets over layer two (L2) point-to-point links. Generally, a user connects to a network access server (NAS) through ISDN, ADSL, dialup POTS or other service and runs PPP over that connection. In this configuration, the L2 and PPP session endpoints are both on the same NAS.

L2TP uses packet-switched network connections to make it possible for the endpoints to be located on different machines. The user has an L2 connection to an access concentrator, which then tunnels individual PPP frames to the NAS, so that the packets can be processed separately from the location of the circuit termination. This means that the connection can terminate at a local circuit concentrator, eliminating possible long-distance charges, among other benefits. From the user's point of view, there is no difference in the operation.

There are at least two L2TP Daemons for Linux; l2tpd and the the Roaring Penguin l2tp implementation.

If you have pre-Windows 2000 clients to support, look at Microsoft's L2TP/IPSEC client.

Read an excellent guide to using FreeS/WAN with L2TP.


CategorySecurity, CategoryProtocols