Changes

==Introduction==

==Introduction==

Layer 2 Tunneling Protocol (L2TP) is a VPN tunneling protocol that allows remote clients to use the public IP network to securely communicate with private corporate network servers. L2TP uses PPP over UDP (port 1701) to tunnel the data.

Because of the lack of confidentiality inherent in the '''Layer 2 Networking Protocol''' ('''L2TP''') protocol, '''Internet Protocol Security''' ('''IPsec''') is often used to secure L2TP packets by providing confidentiality, authentication and integrity. The combination of these two protocols is generally known as '''L2TP over IPsec''' (or simply '''L2TP/IPsec''').

 

This article provides a guide on how to configure L2TP/IPsec on RUTxxx routers. It should also be noted that this guide 

==Configuration overview and prerequisites==

==Configuration overview and prerequisites==

[[File:Configuration examples l2tp over ipsec scheme.png]]

[[File:Configuration examples l2tp over ipsec scheme.png]]

The figure above depicts the L2TP/IPsec scheme. It is fairly similar to the [[L2TP_configuration_examples#Configuration_overview_and_prerequisites|L2TP]] and [[IPsec_configuration_examples#Configuration_overview_and_prerequisites|IPsec]] configuration schemes - the router with the Public IP address (''RUT1'') acts as the L2TP/IPsec server and the other router (''RUT'') acts a client. L2TP connects the networks of ''RUT1'' and ''RUT2'' and IPsec provides the encryption for the L2TP tunnel.

The figure above depicts the L2TP/IPsec scheme. It is fairly similar to the [[L2TP_configuration_examples#Configuration_overview_and_prerequisites|L2TP]] and [[IPsec_configuration_examples#Configuration_overview_and_prerequisites|IPsec]] configuration schemes - the router with the Public IP address (''RUT1'') acts as the L2TP/IPsec server and the other router (''RUT'') acts a client. L2TP connects the networks of ''RUT1'' and ''RUT2'' and IPsec provides the encryption for the L2TP tunnel.

 

When the scheme is realized, L2TP packets between the endpoints are encapsulated by IPsec. Since the L2TP packet itself is wrapped and hidden within the IPsec packet, the original source and destination IP address is encrypted within the packet.

==Router configuration==

==Router configuration==

If you have familiarized yourself with the configuration scheme and have all of the devices in order, we can start configuring the routers using instructions provided in this section. To summarize, we'll be configuring an L2TP server and an IPsec Transport instance (server) on ''RUT1''; an L2TP client and an IPsec Transport instance (client) on ''RUT2''.

If you have familiarized yourself with the configuration scheme and have all of the devices in order, we can start configuring the routers using instructions provided in this section. To summarize, we'll be configuring an L2TP server and an IPsec Transport instance (server) on ''RUT1''; an L2TP client and an IPsec Transport instance (client) on ''RUT2''.

 

===IPsec===

===IPsec===

----

----