Overview of L2TP Access

Layer 2 Tunneling Protocol (L2TP) is a VPN tunneling protocol that allows remote users (such as enterprise branches and traveling staff) to securely communicate with private network servers over public networks (such as the Internet).

L2TP tunnels PPP packets, allows Layer 2 link endpoints and PPP session endpoints to reside on different devices, and uses the packet switching technology for information exchange. Functioning as an IETF industry standard, L2TP extends the PPP model and combines the advantages of the Layer Two Forwarding Protocol (L2F) and Point-to-Point Tunneling Protocol (PPTP).

Figure 1 L2TP networking

Figure 1 shows a typical L2TP network topology. This network consists of the following components:

• Remote system

  A remote system is a remote user or a remote branch that connects to the private network of an enterprise. It is usually a host of a dial-up user or a device on a private network.

• L2TP access concentrator (LAC)

  A LAC is one endpoint of an L2TP tunnel. Located between an L2TP network server (LNS) and a remote system, a LAC encapsulates packets received from the remote system into L2TP packets and sends the packets to the LNS. After receiving packets from the LNS, the LAC decapsulates and sends the packets to the remote system.

• LNS

  An LNS is the other endpoint of an L2TP tunnel and is the logical endpoint of the PPP sessions established over the L2TP tunnel. An LNS provides PPP and L2TP processing capabilities and is usually located at the edge of an enterprise private network. Through the L2TP tunnel on the public network, PPP connections from the remote system are extended from the original NAS (functioning as a LAC) to the LNS.

A device that functions as both an LNS and LAC is called an L2TP tunnel switch (LTS).