L2TP

Layer 2 Tunneling Protocol (L2TP) is the leading protocol for Layer 2 implementations of VPNs. L2TP is a result of the combination of the L2F and PPTP standards.

L2F

Cisco originally developed L2F as a mechanism for setting up UDP-encapsulated tunnels. At one time, L2F was a popular VPN tunneling protocol in its own right, but lack of grassroots support by Cisco killed it. The public documents on L2F at Cisco's Web site are limited, and our attempts to bribe a Cisco engineer for more specifics were politely rebuffed.

PPTP

Point-to-Point Tunneling Protocol (PPTP) is Microsoft's protocol for VPNs. It was designed to provide authenticated and encrypted communications without requiring a public key infrastructure. PPTP uses a TCP connection for tunnel maintenance, and Generic Routing Encapsulation (GRE)-encapsulated PPP frames for tunneled data. As a VPN protocol, PPTP lost ground to the popular industry-standard IPSec and was rolled into L2TP.

PPP

PPP defines an encapsulation mechanism for transporting multiprotocol packets across Layer 2 (L2) point-to-point links. Typically, a user obtains a L2 connection to a Network Access Server (NAS) using one of a number of techniques (dial-up POTS, ISDN, ADSL, and so on) and then runs PPP over that connection. In such a configuration, the L2 termination point and PPP session endpoint reside on the same physical device.

L2TP extends the PPP model by allowing the L2 and PPP endpoints to reside on different devices interconnected by a packet-switched network. With L2TP, a user has an L2 connection to an access concentrator (for example, modem bank, ADSL DSLAM, and so on). The concentrator then tunnels individual PPP frames to the network access server. This segregates the processing burden of PPP packets from the termination of the L2 circuit.