L2TP (tunneling) support for PPP connections

Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol that extends PPP to support a link layer tunnel between a requesting L2TP client (L2TP Access Concentrator or LAC) and a target L2TP server endpoint (L2TP Network Server or LNS).

Layer 2 Tunneling Protocol

By using Layer 2 Tunneling Protocol (L2TP) tunnels, it is possible to separate the location at which the dial-up protocol ends and where the access to the network is provided. That is why L2TP is also referred to as Virtual PPP.

An Internet Service Provider (ISP) uses the virtual line mode to operate virtual private networks (VPN). See Configure an L2TP connection protected by VPN for a better understanding of how IPSec works with L2TP.

These figures illustrate three different tunneling implementations of L2TP.

Figure 1. PPP virtual initiator or PPP virtual terminator

Figure 2. PPP dial initiator or PPP virtual terminator

Figure 3. PPP virtual dial or PPP virtual answer

• Voluntary tunnel
  In the voluntary tunnel model, a tunnel is created by the user, typically by the use of an L2TP-enabled client.
• Compulsory tunnel model - incoming call
  In the compulsory tunnel model - incoming call, a tunnel is created without any action from the user and without allowing the user any choice.
• Compulsory tunnel model - remote dial
  In the compulsory tunnel model - remote dial, the home gateway (LNS) initiates a tunnel to an ISP (LAC) and instructs the ISP to place a local call to the PPP answer client.
• L2TP multi-hop connection
  An L2TP multi-hop connection is a way of redirecting L2TP traffic on behalf of client LACs and LNSs.