L2TP VPN Settings

Overview

The L2TP (Layer 2 Tunneling Protocol) VPN protocol allows L2TP-only clients to connect remotely. It is capable of tunneling Layer 2 Traffic and above.

Warning

L2TP is not a secure protocol by itself; it only provides tunneling, not encryption.

Setup

The L2TP server settings can be found under VPN > L2TP.

Options specific to L2TP are available to set: Interface, Server Address, Subnet Mask, and other items. These are all explained on the configuration page.

It can use internal authentication or pass off authentication to a RADIUS server.

L2TP/IPsec

L2TP/IPsec is a way to secure L2TP traffic by sending it through an encrypted IPsec tunnel.

2.1.x and earlier

pfSense 2.1.x and earlier do not support L2TP+IPsec; they only support for plain L2TP tunneling. See Ticket #475

2.2 and up

pfSense 2.2 and later this may be used in combination with a mobile IPsec setup to configure L2TP+IPsec; see L2TP/IPsec for details.