RE: IPSec vs. IPSec/L2TP

["Ghaith Nasrawi" <libero () aucegypt edu>]

The reason people use L2TP is due the need to provide login mechanism
to users. IPSec by itself is meant to by a tunneling protocol in a
gateway-to-gateway scenario (there are still two modes, tunnel mode &
transport mode). So vendors use L2TP to allow people to use their
products in client-to-network scenario. So, they use L2TP only for
logging and the rest of the session would be using IPSec. You have to
take in consideration two other modes; pre-shared-keys vs. certificates.

see, IPSec is a very complex protocol and few cryptologists kept
moaning about its unnecessary complexity which leads to confusion.

regards,

g.

> -----Original Message-----
> From: Bénoni MARTIN [mailto:Benoni.MARTIN () libertis ga]
> Sent: 08 April 2005 13:55
> To: security-basics () securityfocus com
> Subject: IPSec vs. IPSec/L2TP
>
>
> Hi list,
>
> I was wondering how much the security is enhanced by using
> L2TP/IPSec tunnelling instead of a good old IPSec tunnel. I found
> a lot of information googling around the web, but couldn't find a
> good paper explainig this enhancement (or not).
>
> If anyone cound give me any hint, personnal experience feedback
> or URL, this will be appreciated !
>
> Thx !

-----

 (o_
 //\   Ghaith Nasrawi
 V_/_



PAST, n.
That part of Eternity with some small fraction of
which we have a slight and regrettable
acquaintance. A moving line called the Present
parts it from an imaginary period known as the
Future. These two grand divisions of Eternity, of
which the one is continually effacing the other,
are entirely unlike. The one is dark with sorrow
and disappointment, the other bright with
prosperity and joy. The Past is the region of
sobs, the Future is the realm of song. In the one
crouches Memory, clad in sackcloth and ashes,
mumbling penitential prayer; in the sunshine of
the other Hope flies with a free wing, beckoning
to temples of success and bowers of ease. Yet the
Past is the Future of yesterday, the Future is the
Past of to-morrow. They are one -- the knowledge
and the dream. (The Devil's Dictionary)


---------------------------------------------------------------------------
Earn your MS in Information Security ONLINE
Organizations worldwide are in need of highly qualified information security
professionals.  Norwich University is fulfilling this demand with its MS in
Information Security offered online.  Recognized by the NSA as an
academically excellent program, NU offers you the opportunity to earn your
degree without disrupting your home or work life.

http://www.msia.norwich.edu/secfocus_en
----------------------------------------------------------------------------