Layer 2 Tunneling Protocol/IPSec


Layer 2 Tunneling Protocol/IPSec

Roberta Bragg

The tips and tricks guide to securing Windows Server 2003 The following excerpt is from Chapter 7 of the free e-book "The tips and tricks guide to securing Windows Server 2003" written by Roberta Bragg and available at Click for the complete book excerpt series.

Layer 2 Tunneling Protocol/IPSec

If this combination is chosen for the VPN, Layer 2 Tunneling Protocol/IPSec (L2TP) uses IPSec for data encryption. (L2TP/IPSec is usually pronounced as L2TP over IPSec.) The L2TP encapsulation, like PPTP, works with a PPP frame but provides two layers of encapsulation. First, the PPP frame is wrapped with an L2TP header and a UDP header. Next, this message is wrapped with an IPSec header and trailer, an IPSec Authentication trailer (for message integrity and authentication) and finally, an IP header. Figure 7.26 illustrates this design. The IP header includes the source and destination address of the client and server.

Figure 7.26: L2TP/IPSEc encapsulation and encryption.

As you can see, the entire message, exclusive of the IPSec header and trailer and the final IP header is encrypted. DES or 3DES is the encryption algorithm used.

Click for the next excerpt in this series: L2TP over IPSec and NAT -- NAT Traversal.

Click for the book excerpt series or visit to obtain the complete book.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy