a) Since when did "proper vpn" equal somethings that is "Cisco compatible"? I run IPsec/L2TP to my Juniper ScreenOS fw just fine
b) I don't think L2TP over IPsec is particulary insecure. L2TP authentication/setup is also secured by IPsec transport mode. The article says that the authentication is not protected, which is wrong, since the authentication occurs first by IPsec Certificate or PSK and then by L2TP username/pw (which is protected by IPsec SA).
http://en.wikipedia.org/wiki/Layer_2_Tunneling_Protocol#L2TP.2FIPsec
However, I would have prefered IPSec tunnel mode with XAUTH instead, the current do work.
Slashdot Mirror
a) Since when did "proper vpn" equal somethings that is "Cisco compatible"? I run IPsec/L2TP to my Juniper ScreenOS fw just fine b) I don't think L2TP over IPsec is particulary insecure. L2TP authentication/setup is also secured by IPsec transport mode. The article says that the authentication is not protected, which is wrong, since the authentication occurs first by IPsec Certificate or PSK and then by L2TP username/pw (which is protected by IPsec SA). http://en.wikipedia.org/wiki/Layer_2_Tunneling_Protocol#L2TP.2FIPsec However, I would have prefered IPSec tunnel mode with XAUTH instead, the current do work.