Critically, L2TP does not include encryption of data. It must be used in combination with a protocol that supports encryption, such as IPSec. L2TP was designed to facilitate communications across a broad range of networks and endpoint devices rather than provide security. The L2TP/IPSec combination delivers the required privacy and security features to replace PPTP.
Each L2TP connection comprises two components: a tunnel and a session. The session is logically contained within the tunnel and carries the user data between two endpoints. A single tunnel may include multiple user sessions segregated using session identifier numbers in the L2TP data encapsulation headers. Encryption is implemented using the IPSec protocol to employ 3DES encryption using a 256-bit key, offering significant security improvements compared with PPTP.
The tunnel provides a reliable network link between two L2TP Control Connection Endpoints (LCCE) and carries only control packets. This connection is typically established between L2TP Access Concentrator (LAC) and L2TP Network Server (LNS). Once the connection is authenticated, a virtual Point-To-Point (PPP) connection is created between these two endpoints. L2TP re-encapsulates the PPP encapsulated data, allowing the tunneling of Layer Two traffic over an IP network. This double level of encapsulation can consume processing resources, adversely affecting latency but offers improved security. For further detailed information, Cisco has provided a useful guide here.
L2TP is based on the User Datagram Protocol (UDP), designed to minimize latency at the expense of reliability. This protocol is suited to activities where high bandwidth is more important than data integrity, such as streaming multimedia files and gaming. L2TP, by default, uses port 1701. When IPSec is also used, it also uses UDP Ports 500 and 4500. UDP port 500 is initially used to negotiate an IPSec Security Association between the client device and the server. An Encapsulating Security Payload (ESP) process is then established between the two endpoints to create a secure communications channel. L2TP establishes a secure tunnel using Transmission Control Protocol (TCP) port 1701 using the standard negotiation process but within the IPSec encrypted communications channel. This provides additional security for this negotiation process.
Note that L2TPv3 has introduced the ability for L2TP to encapsulate a broader range of content in addition to PPP encapsulated data. For further detailed information, Cisco has produced a useful guide here.
Microsoft’s participation in L2TP development means that it has been integrated as a standard feature in all currently supported versions of Microsoft operating systems. It is also included as standard in all currently supported versions of macOS. This makes it readily available and straightforward to set up, requiring no additional software, which has boosted its adoption across a broad range of applications.
The benefit of using L2TP over PPTP is the IPSec encryption algorithms greatly improved security with a relatively fast encryption speed. This setup allows the use of 256-bit encryption using military-grade ciphers like AES, as opposed to PPTP, which is limited to the flawed Microsoft Point-to-Point Encryption (MPPE) algorithm. In terms of communications bandwidth and latency, L2TP on its own is one of the fastest protocols available due to the lack of encryption. The more practical L2TP/IPSec combination is still relatively fast and considered suitable for most applications when used with the processing throughput available in most current client devices. While slower than PPTP, the bandwidth and latency impact is acceptable for most applications. This makes this protocol attractive where sensitive information is passed, such as accessing financial or healthcare services or general web browsing of e-commerce websites. However, it is not as secure as more recently developed protocols such as OpenVPN or Secure Socket Tunneling Protocol (SSTP).
Disadvantages and Vulnerabilities
One disadvantage of L2TP is incompatibility with NAT (Network Address Translation), resulting in some NAT firewalls blocking network traffic using this protocol. This can be resolved by implementing L2TP Passthrough in the network routers.
Another disadvantage of L2TP is the protocol is limited to using fixed ports for the authentication and communications processes. This makes this protocol vulnerable to being blocked if used in Virtual Private Network (VPN) applications. Other protocols such as OpenVPN and SSTP are more flexible in terms of which ports can be used, even using port 443 to emulate Hypertext Transfer Protocol Secure (HTTPS) traffic to bypass Internet Service Provider (ISP) or firewall blocks.
A perceived disadvantage of L2TP over protocols such as OpenVPN is the involvement of large US organizations with close Government ties in the development of the protocol, leading to speculation that backdoors and other vulnerabilities have been integrated into the protocol to facilitate Government monitoring. PPTP is known to have been broken by the US National Security Agency (NSA), and L2TP is rumored to have suffered the same fate.
While the L2TP/IPSec combination is generally considered secure for most general VPN applications, a number of security vulnerabilities have been identified.
L2TP is an extension of PPTP developed by Microsoft and Cisco that requires the IPSec protocol to add an encryption function. It uses a 256-bit key and military-grade algorithm, making it more secure than PPTP, and is supported by the Windows and macOS operating systems. It is more complicated to set up than PPTP and has lower performance in terms of latency but has fewer known security vulnerabilities.