What is Layer 2 Tunneling Protocol (L2TP)?

What is L2TP protocol?

Layer 2 Tunneling Protocol (or L2TP) is a tunneling protocol used by both VPNs and internet service providers (ISPs). It doesn’t encrypt your content but simply creates a connection between you and a VPN server.

Due to its lack of encryption and authentication, Layer 2 Protocol is usually paired with IPsec (Internet Protocol Security) protocol, which provides the encryption and controls packets within the tunnel. IPsec encrypts L2TP packets between the endpoints.

L2TP is almost 12 years old and is a bit outdated. It is now less frequently used. For example, NordVPN no longer supports it.

What do we use it for?

Here are some of the uses of L2TP:

• Supporting VPN services. L2TP is applied as a configuration protocol for VPN services;
• Providing delivery services for ISPs. ISPs use the protocol to tunnel the customer’s data from their premises to a provider’s IP network;
• Connecting to remote local area networks (LAN). Clients can use L2TP to connect to a remote LAN server. It can establish tunnels through which you can access LAN from any location.

Pros and cons of L2TP

Pros

• Lack of security makes L2TP flexible, lightweight, and highly customizable. It can be adapted to various encryption protocols.
• L2TP is popular, so it is easy to implement, and there is plenty of support information available for it online.

Cons

• There are widespread suspicions that L2TP is compromised by the NSA, which regularly decrypts the protocol.
• As the protocol encapsulates (hides or restricts the direct access of data) your data twice, it is much slower than other protocols. For example, NordVPN-supported NordLynx is much faster.
• L2TP struggles to bypass firewalls, so it’s not very reliable as a way to circumvent network restrictions.

PPTP vs. L2TP

When comparing L2TP to Point to Point Tunneling Protocol (PPTP), also conceived in 1999, L2TP is certainly more secure and reliable. L2TP was created as an extension to PPTP. The latter is used to tunnel dialup traffic. It has weak encryption and lots of security vulnerabilities.

As is the case with L2TP, the NSA has likely compromised PPTP as well and can supposedly decrypt it. Firewalls can also easily block PPTP, and it has poor P2P support.

While these protocols were one of the forerunners of what we have now, we advise you to choose services which support modern protocols like OpenVPN or Wireguard. These are safer and much more reliable. NordVPN has its own version of OpenVPN, as well as the WireGuard-based NordLynx protocol, which offers unrivaled speeds.

Stay safe!

Upgrade your security and protect yourself online today.