The following figure shows a conceptual diagram of how digital signatures work.

1. Peers A and B are communicating. A has a public key and a private key. A gives her public key to B.
2. A “signs” (encrypts) a message using her private key and sends the signed (encrypted) message to B.
3. B can “verify” the signature by decrypting it using A's public key and checking the result against the original message.

   Therefore, B can authenticate A by asking A to sign a message and then verifying the signature using A's public key. Since A's private key is only known to A, only A can create a signature that can be verified using A's public key.

   One problem with this authentication scheme is that B cannot know whether the public key he obtained is in fact A's public key. For example, in the following figure, a malicious attacker C pretends to be A and gives B a different public key.

In practice, this problem is solved by using a Public Key Infrastructure (PKI), which is based on a trusted third party, the Certificate Authority (CA). The CA can be either a commercial CA, such as Verisign, or a CA set up internal to the organization. The following figure illustrates conceptually how PKI works.

1. Both A and B trust CA.
2. A asks the CA to sign a message verifying A’s public key.
3. The CA signs the message using its private key, resulting in a “certificate.”
4. A gives the certificate to B.
5. B can verify the certificate from A (and hence A’s public key) using the CA’s public key.

X.509 is a standard that defines public key certificate formats, revocation, and so on. Given the above scheme, L2TP/IPsec VPN with X.509 certificates works as follows.

1. The network admin obtains a certificate signed by a CA for each remote user (A in the example) and distributes it, along with public/private keys for the user, to the user through a secure channel.
2. The network admin configures the VPN server (B in the example) with the CA’s public key, among other things.
3. When the remote client connects to the VPN server, it presents its certificate.
4. The VPN server verifies the certificate using the CA’s public key. If the authentication is successful, the result tells the server the client’s public key.
5. The server can then use the client’s public key for authentication as described previously.
6. If authentication is successful, the IPsec tunnel is established between the client and server. Then the L2TP and PPP operations are identical to the PSK case described previously.