NordVPN Help Center
One place for all the information you need

What is L2TP/IPSec?


Please Note: Although technically you can use the L2TP / PPTP protocols, they have serious security flaws. Whenever possible, we recommend choosing OpenVPN or IKEv2/IPSec instead.

This is an article about a VPN protocol. For more information about available protocols, please refer to this article:

Layer Two Tunneling Protocol (L2TP) is an amplification of the Point to Point Tunneling Protocol (PPTP) and it is used by an Internet service provider (ISP) to approve the operation of a virtual private network (VPN) over the Internet. Layer 2 Tunneling Protocol merges the best features of two other tunneling protocols: L2F from Cisco Systems and PPTP from Microsoft. The two main component parts that make up L2TP are the the L2TP Network Server (LNS), which is the instrument that terminates and possibly authenticates the Point-to-Point Protocol stream and L2TP Access Concentrator (LAC), it is the device that physically terminates a call.

PPP defines a means of encapsulation to send multiprotocol packets over layer two (L2) point to point links. Normally, a user connects to a network access server (NAS) through dialup POTS, ADSL, ISDN, or other service and runs Point-to-Point Protocol over that connection. In this configuration, the PPP and L2 session endpoints are both on the same network access server.

L2TP uses packet-switched network connections to able the endpoints to be located on different machines. The user has a Layer 2 connection to an access concentrator, which tunnels individual Point-to-Point Protocol frames to the network access server, therefore the packets can be processed separately from the destination of the circuit termination. This indicates that the connection can close at a local circuit concentrator, eliminating all possible long-distance charges, among other benefits. There is no difference in the operation from the user’s point of view.