Layer 2 Tunneling Protocol

L2TPv3 provides additional security features, improved encapsulation, and the ability to carry data links other than simply Point-to-Point Protocol (PPP) over an IP network (for example: Frame Relay, Ethernet, ATM, etc.).

The two endpoints of an L2TP tunnel are called the L2TP access concentrator (LAC) and the L2TP network server (LNS).

The traffic for each session is isolated by L2TP, so it is possible to set up multiple virtual networks across a single tunnel.

Reliability, if desired, must be provided by the nested protocols running within each session of the L2TP tunnel.

This can be represented by four different tunneling models, namely: An L2TP packet consists of : Field meanings: At the time of setup of L2TP connection, many control packets are exchanged between server and client to establish tunnel and session for each direction.

Then using this tunnel and session id, data packets are exchanged with the compressed PPP frames as payload.

Windows Vista added 2 alternative tools, an MMC snap-in called "Windows Firewall with Advanced Security" (WFwAS) and the "netsh advfirewall" command-line tool.

One limitation with both of the WFwAS and netsh commands is that servers must be specified by IP address.

From the end user, packets travel over a wholesale network service provider's network to a server called a Broadband Remote Access Server (BRAS), a protocol converter and router combined.