-96-
and the default gateway of remote peer are 172.30.70.151 and 172.30.70.161 respectively. Security
protocol and other parameters for IPsec tunnel and the remote router should be configured the same.
As Security Association is unidirectional, an ingoing SA and an outgoing SA are created to protect data
flows for each tunnel after IPsec tunnel is successfully established. The ingoing SPI value and
outgoing SPI value are different. However, the Incoming SPI value must match the Outgoing SPI value
at the other end of the tunnel, and vice versa. The connection status on the remote endpoint of this
tunnel is as the following figure shows. The SPI value is obtained via auto-negotiation.
3.5.3 L2TP/PPTP
Layer 2 VPN tunneling protocol consists of L2TP (Layer 2 Tunneling Protocol) and PPTP (Point to
Point Tunneling Protocol).
Both L2TP and PPTP encapsulate packet and add extra header to the packet by using PPP (Point to
Point Protocol). Table depicts the difference between L2TP and PPTP.
Protocol Media Tunnel Length of Header Authentication
PPTP IP network Single tunnel 6 bytes at least Not supported
L2TP
IP network of
UDP, frame relay
virtual circuit,
X.25 virtual
circuit
Multiple tunnels 4 bytes at least Supported
3.5.3.1 L2TP/PPTP Tunnel
On this page, you can configure the L2TP/PPTP VPN.
Choose the menu VPN→L2TP/PPTP→L2TP/PPTP Tunnel to load the following page.
