Netgate is offering COVID-19 aid for pfSense software users, learn more.

L2TP VPN Settings

The Layer 2 Tunneling Protocol (L2TP) VPN protocol allows L2TP-only clients to connect remotely. It is capable of tunneling Layer 2 Traffic and above.


L2TP is not a secure protocol by itself; it only provides tunneling, not encryption.


The L2TP server settings can be found in the pfSense® webGUI under VPN > L2TP.

Options specific to L2TP are available to set: Interface, Server Address, Subnet Mask, and other items. These are all explained on the configuration page.

It can use internal authentication or pass off authentication to a RADIUS server.


L2TP/IPsec is a way to secure L2TP traffic by sending it through an encrypted IPsec tunnel. This may be used in combination with a mobile IPsec setup to configure L2TP+IPsec; see L2TP/IPsec for more details.