What Is an L2TP VPN?

Image of a mobile phone displaying a VPN connection atop a pillow.
Be safe, get a VPN!
Source: Unsplash: Petter Lagson

Cybercrime is on the rise, causing internet users to become wearier of using an unencrypted connection. Cybercriminals can easily packet sniff your wireless data from outside your premises using only a mobile device and a Wi-Fi antenna. Alternatively, bad actors within your company can add interceptive LAN devices between critical nodes to sniff packets. So, it’s no surprise that the VPN service industry is booming, with several new protocols and advanced encryption features taking the limelight. One of them is the Layer 2 Tunneling Protocol (L2TP).   

Although L2TP is excellent at VPN data encapsulation, it requires a large amount of bandwidth to work effectively. To this end, many system administrators question the purpose of L2TP over more efficient VPN protocols. Many different VPN protocols compete for your attention, but is it right to junk a tried and tested solution? 

In this article, I’ll discuss what L2TP is and if it still has a bright future. First, I’ll discuss what L2TP is.

What Is an L2TP?

VPNs create an encrypted tunnel to transport data between you and the VPN server. Moreover, VPNs can create an encrypted tunnel directly between endpoints through their server. In short, VPNs send out an encryption key to the destination. Then, they encrypt the data and send it to the destination, where it’s decrypted using the key. The data packet’s body gets encrypted and decrypted during the data transfer process. 

Anyone intercepting encrypted data packets will need to break the encryption to read the data. Although it’s not impossible, decrypting 256-bit encrypted data often exceeds the skills of standard cybercriminals.

L2TP is a protocol that directs how VPNs should process data to encrypt and decrypt it. This includes how VPNs modify each data packet header to enable decryption once received. L2TP descended from two other tunneling protocols, Layer 2 Forwarding Protocol by Cisco and PPTP by Microsoft. L2PT also works with Internet Protocol Security (IPSec). Now, let’s get into the protocol’s technical details of the protocol in the next section.

How Does L2TP Work?

L2TP is the protocol that controls tunneling. In other words, it establishes its own secure network connection between the endpoints or the user and the VPN server. Tunneling takes data and creates small data packets that are easy to send over a network. You can think of these like envelopes or SMS text messages where you split the data across multiple messages. Each data packet size decreases, which enables the network to transmit data at an improved speed. 

Data packet headers contain information about the protocol used and the destination address that each packet needs to reach. In a network, this means you can send data in any order and to any nodes. That way, you distribute the load and improve the speed. This is because you’re not passing everything at once through one intermediary node and slowing down other senders. Once packets reach their destination, the data needs to be pieced together.

Meanwhile, the data packet’s footer tells nodes about the end of one message. It also contains other control information like the sequence number. The con about this is that every node passed can read the data, even the ones created by bad actors. Thus, a VPN will help encrypt your data to stop people at each node from reading your data. 

That said, the question now is if you can trust this protocol. I’ll cover that next.

Is L2TP secure?

L2TP is as secure as current networking technology can offer, but it’s not infallible. However, you need to think hard about your security since handing out data to third parties means you’re no longer in control of it. You might have heard the recent story about the National Security Agency (NSA) compromising the security of L2PT encryption. This is true to a degree, yet the reality is that a weak pre-shared password caused the incident too. Thus, you can conclude that L2TP is safe. That said, the security depends on how well the VPN provider creates the solution. 

Now, let’s explore the pros and cons of this protocol. 

Pros and Cons of L2TP

L2TP uses a very secure double-encryption method. That said, it requires a lot of bandwidth to work. Thus, L2TP will slow your network connection, as most companies won’t spend money on the infrastructure needed. Instead, a more cost-effective solution is to use a different VPN solution or to reduce the encryption level used. Presently, 256-bit is a de-facto industrial standard as research has shown it requires a cybercriminal 2256 combinations to try and crack 256-bit encrypted data.  

So, let’s take a look at the pros and cons below.

ProsCons
Very Secure Slow since it requires a lot of bandwidth for double encryption
Firewall-friendly Outdated
Safer than PPTPPoor authentication 
Third-party protocol handles the encryption
Is LT2P worth it?

So after reading the table above, you might want to check other options out there. I’ll go over some other VPN protocols now.

L2TP vs Other VPN Protocols

As I mentioned earlier, you might find other available and better VPN protocols out there. One of them is the OpenVPN protocol. While it’s also 20+ years old, the protocol is fast for its age. You can’t manually configure it, but the provider application will handle that for you. 

Meanwhile, L2TP’s biggest advantage is double encryption. Depending on the data you work with or your line of business, L2TP might be advantageous to you. For example, this is the case for governments. That said, if you don’t need the double encryption, slow speeds and high bandwidth requirements mean this isn’t for you. 

Another suggested protocol is SSTP, also known as Secure Socket Tunneling Protocol. It’s not open source like OpenVPN, but you can use it on any OS, and it’s also good for getting around simple firewalls. This is faster than L2TP but doesn’t have that high level of encryption. 

A third is Internet Key Exchange (IKEv2), which Cisco and Microsoft created. This is one of the fastest protocols you can use and is great for business operations. IKEv2 also uses AES encryption to protect data. 

Final Words

While L2TP had its heyday, the days of its use are becoming increasingly limited due to its multiple cons. The major advantage this protocol has over others is that it offers a level of double encryption. If this isn’t something you need, you shouldn’t consider L2TP due to its slowness and high data bandwidth consumption. Thus, L2TP isn’t a solid choice for a business. That said, as a single user, a company, or a very protective government entity, this might be a good option to ensure your data is secure. 

Have some burning questions about L2TP? Want to find out more? Check out the FAQ and Resources sections below. 

FAQ

What is a VPN?

A virtual private network (VPN) is an encrypted connection between computers across the internet. The VPN server encrypts the connection data. That data can be encrypted either between the user’s computer or between endpoints with the VPN server, which is called tunneling. Tunneling is more secure as your data isn’t decrypted on the VPN server. 

Are VPNs available on mobile?

Yes, you can download and use mobile-friendly VPNs on your mobile devices. You should always connect to a VPN when you want to use the internet. Using a VPN on your mobile device will protect you from becoming a victim of a cybercriminal. 

How long will L2TP be around?

The days of L2TP’s usefulness are dwindling since a major problem with it recently occurred on Windows. This is also because L2TP is slow and requires high data bandwidth. While I can’t provide a specific date for the end of L2TP or if it’ll ever be completely gone, I assume it’ll just fall out of use over time. Maybe 5 to 10 years?

What are the different VPN protocols?

VPN protocols divide into 4 different kinds: remote access, personal VPN, mobile VPN, and site-to-site VPNs. To quickly hit on them: Remote access is where a user connects to a private network. A personal VPN is where the user connects to the internet via a third-party server. Mobile VPN, again connects to a private network. For site-to-site VPNs, the user connects to another network. In each group, you’ll find various protocols for each type of use. 

What is double encryption?

In the case of L2TP, double encryption is where data encryption happens twice. Think of putting a letter (the data) into an envelope (the encryption) and then taking that encrypted data and putting it inside another envelope (encrypting it again). Finally, you’ll send it to its destination. Once it arrives at its destination, the double decryption process starts to make the data readable. 

Resources 

TechGenix: An Article on the 5 Best VPN Protocols

Explore the top 5 VPNs to help secure your company’s network.

TechGenix: An Article on Site-to-Site VPNs

Learn what a site-to-site VPN is and how it can help protect your company. 

TechGenix: An Article on Open VPNs

Explore what an Open VPN is and how it protects your data.

TechGenix: An Article on WARP vs. VPN

Find out the differences between WARP and VPN.

TechGenix: An Article on TOR vs. VPN

Learn about which is better for your security: TOR or VPN

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top