Home page logo
/

basics logo Security Basics mailing list archives

RE: IPSec vs. IPSec/L2TP
From: "Ghaith Nasrawi" <libero () aucegypt edu>
Date: Mon, 11 Apr 2005 01:07:03 +0000

The reason people use L2TP is due the need to provide login mechanism
to users. IPSec by itself is meant to by a tunneling protocol in a
gateway-to-gateway scenario (there are still two modes, tunnel mode &
transport mode). So vendors use L2TP to allow people to use their
products in client-to-network scenario. So, they use L2TP only for
logging and the rest of the session would be using IPSec. You have to
take in consideration two other modes; pre-shared-keys vs. certificates.

see, IPSec is a very complex protocol and few cryptologists kept
moaning about its unnecessary complexity which leads to confusion.

regards,

g.

-----Original Message-----
From: Bénoni MARTIN [mailto:Benoni.MARTIN () libertis ga]
Sent: 08 April 2005 13:55
To: security-basics () securityfocus com
Subject: IPSec vs. IPSec/L2TP


Hi list,

I was wondering how much the security is enhanced by using
L2TP/IPSec tunnelling instead of a good old IPSec tunnel. I found
a lot of information googling around the web, but couldn't find a
good paper explainig this enhancement (or not).

If anyone cound give me any hint, personnal experience feedback
or URL, this will be appreciated !

Thx !

-----

 (o_
 //\   Ghaith Nasrawi
 V_/_



PAST, n.
That part of Eternity with some small fraction of
which we have a slight and regrettable
acquaintance. A moving line called the Present
parts it from an imaginary period known as the
Future. These two grand divisions of Eternity, of
which the one is continually effacing the other,
are entirely unlike. The one is dark with sorrow
and disappointment, the other bright with
prosperity and joy. The Past is the region of
sobs, the Future is the realm of song. In the one
crouches Memory, clad in sackcloth and ashes,
mumbling penitential prayer; in the sunshine of
the other Hope flies with a free wing, beckoning
to temples of success and bowers of ease. Yet the
Past is the Future of yesterday, the Future is the
Past of to-morrow. They are one -- the knowledge
and the dream. (The Devil's Dictionary)


---------------------------------------------------------------------------
Earn your MS in Information Security ONLINE
Organizations worldwide are in need of highly qualified information security
professionals.  Norwich University is fulfilling this demand with its MS in
Information Security offered online.  Recognized by the NSA as an
academically excellent program, NU offers you the opportunity to earn your
degree without disrupting your home or work life.

http://www.msia.norwich.edu/secfocus_en
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]