[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: PPP over IPSec (without L2TP)?
Ari Huttunen wrote:
<substantially trimmed...>
> I agree that having PPP gives us the stated benefits (and more?). However, I fail to see why there
> is a need to have an L2TP (and UDP) layer(s) between PPP and IPSec.
<more trimmed...>
> So, please show me what benefits PPP over L2TP over IPSec provides when compared
> to just running PPP over IPSec? If there are some, which is possible, wouldn't it be
> better to enhance IPSec protocol(s) to enable the same, instead of having L2TP?
I think that one strong argument for not running ppp directly over ipsec
is that ppp is a layer 2 construct, and ipsec is designed to secure
traffic at layer 3. Aside from the architectural repugnance, there are
significant difficulties presented by encapsulation of PPP (and L2TP,
for that matter) in IPsec. Many of these arise due to the fact that in
order to apply policy to these packets, you must first understand what
is in them, and all the security implications of the various content
possibilities. Once you thoroughly understand the PPP (or L2TP) protocol
in this light, then you can begin to design a security protocol which
secures them. I think the bottom line is, that protocol would *not* be
ipsec - it would be something else.
This dances around a bigger problem which keeps recurring in different
guises on this list: vpn and ipsec are not synonymous. I think that
running L2TP over ipsec is essentially a hack which leverages ipsec for
a vpn scenario. However, ipsec was not designed to provide security for
the L2TP payload, so that if there is not an L2TP security subsystem
which controls the encapsulation, then the payload is not truly secured
- it is simply being tunneled, albeit reliably.
Scott
Follow-Ups:
References: