Layer 2 Tunneling Protocol/IPSec

This excerpt from e-book "The tips and tricks guide to securing Windows Server 2003" describes how the L2TP encapsulation works with a PPP frame and provides two layers of encapsulation.

The tips and tricks guide to securing Windows Server 2003 The following excerpt is from Chapter 7 of the free e-book "The tips and tricks guide to securing Windows Server 2003" written by Roberta Bragg and available at Realtimepublishers.com. Click for the complete book excerpt series.

 


Layer 2 Tunneling Protocol/IPSec

If this combination is chosen for the VPN, Layer 2 Tunneling Protocol/IPSec (L2TP) uses IPSec for data encryption. (L2TP/IPSec is usually pronounced as L2TP over IPSec.) The L2TP encapsulation, like PPTP, works with a PPP frame but provides two layers of encapsulation. First, the PPP frame is wrapped with an L2TP header and a UDP header. Next, this message is wrapped with an IPSec header and trailer, an IPSec Authentication trailer (for message integrity and authentication) and finally, an IP header. Figure 7.26 illustrates this design. The IP header includes the source and destination address of the client and server.


Figure 7.26: L2TP/IPSEc encapsulation and encryption.

As you can see, the entire message, exclusive of the IPSec header and trailer and the final IP header is encrypted. DES or 3DES is the encryption algorithm used.

Click for the next excerpt in this series: L2TP over IPSec and NAT -- NAT Traversal.

 


Click for the book excerpt series or visit Realtimepublishers.com to obtain the complete book.


 

Dig deeper on Windows Server Monitoring and Administration

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close