What is Layer Two Tunneling Protocol (L2TP)? | TechShielder

What is Layer Two Tunneling Protocol (L2TP)?

Layer Two Tunneling Protocol (L2TP) is a tunneling protocol used by both Virtual Private Networks(VPNs) and ISPs. VPNs Leverage its prowess for connectivity while ISPs use it to foster VPN operations. The L2TP is the aftermath of the hybridization of two older protocols; the Microsoft Point-to-point Tunneling Protocol and the Cisco Layer 2 Forwarding Protocol.

The L2TP picked up its features and functionalities from the protocols mentioned above and significantly improved on them. It was published at the turn of the 20th century to replace the above-listed protocols and became the standard RF C26661.

What You Need to Know About the L2TP

  • L2TP needs to be paired with another protocol for maximum use and benefit.
  • It is mostly paired with the IPSec protocol, which acts as a security for data payload.
  • Pairing the L2TP with the IPSec opens up limitless security possibilities, making it possible to utilize the best encryption keys like the AES 256-bit and the 3DES algorithm.
  • While L2TP’s double encapsulation offers more security, it is also more resource-intensive.
  • Usually, the L2TP uses the TCP port 1701. But once it’s paired with the IPSec, it utilizes different ports: it uses the UDP port 500 for Internet Key Exchange (IKE), the 4500 for NAT, and 1701 for L2TP traffic.

Below is a rundown of the L2TP data packet structure:

  • IP Header
  • IPSec ESP Header
  • UDP Header
  • L2TP Header
  • PPP Header
  • PPP Payload
  • IPSec ESP Trailer
  • IPSec Authentication Trailer

How Does the L2TP Work?

The L2TP has two endpoints on the Internet: the L2TP Access concentrator (LAC) and the L2TP Network Server (LNS). These are the points between which L2TP tunneling happens.

The first step in L2TP tunneling is establishing a connection between the two endpoints listed above. When this connection is active, a PPP layer is enabled and encapsulated. This is what is moved around the web later on.

The next step is initiating the PPP connection using the ISP. Next, the LAC accepts the connection, establishing the PPP link. A free slot is then assigned within the Network tunnel, and the request is passed on to the LNS.

When the connection has received thorough authentication and is accepted, a virtual PPP interface is created. Once this is done, the link frames can pass freely through the tunnel. The final aspect of the L2TP workout happens at the LNS endpoint. This is the processing of frames once they are accepted, and L2TP encapsulation is removed.

What’s the Relationship Between L2TP and IPSec?

You must have come across the acronym IPSec several times in this article. It stands for Internet Protocol Security. It provides encryption security for data that are passed from one computer to another. Pairing the L2TP with the IPSec makes for a more secure connection. The L2TP is not best as a stand-alone. When paired with the IPSec, it’s more robust, more reliable, and more efficient.

How Does the Pairing Work?

Here is a run-through of how the pairing between L2TP and IPSec connection works:

  • First, the IPSec security association is negotiated. This is an agreement that occurs between the networks on security attributes. This takes place via the IKE and over the UDP port 500.
  • Then, the encapsulating security payload (ESP) process is established to serve as a transport mode. This is achieved through IP protocol 150. Once the ESP is established, a safe and secure channel exists between the client and the VPN server. It is essential to note that no tunneling is taking place yet.
  • The L2TP protocol is mainly in charge of the tunneling between the network endpoints. Using the TCP port 1701, the L2TP sets up a tunnel. The negotiation procedure for this takes place utilizing the IPSec encryption.

How Fast Is the L2TP?

If it were a stand-alone, the L2TP would be extremely fast. But the L2TP is not a reliable stand-alone as it offers no security encryption. Using it alone would leave user data vulnerable. However, since the protocol is mostly paired with the IPSec, we would be considering its speed in that light.

When paired with the IPSec, the protocol can offer decent speed. However, it is recommended to have a fast broadband connection (100mbps and above is not bad) and an efficient central processing unit (CPU). With this, you should have a smooth experience.

L2TP Pros and Cons

What benefits or disadvantages does the L2TP have for the online security world? Find out below.


  • It creates excellent online security when paired with the IPSec protocol.
  • It comes built into Windows and macOS. It also works well on other devices and operating systems as well.
  • It is easy to set up. L2TP/IPSec pairing is easy to set up too.


  • L2TP, as a stand-alone, is weak as it has no encryption of its own.
  • There are reports by Snowden that the NSA has cracked the protocol. While there may be no proof to back this up, it is better to be safe than sorry.
  • The double encapsulation feature makes the L2TP more resource-intensive and a bit slow.
  • It can be intercepted by NAT firewalls if it’s not manually configured to bypass them.


The L2TP is relatively safe to use, as long as it is paired up with another protocol. It cannot make an excellent stand-alone option and is not safe to use alone. The way to make the best out of the protocol is through pairing. It is readily available on most platforms and easy to set up and use. It can also prove to be very fast in the right circumstances. All in all, the L2TP protocol is an excellent choice if used rightly.