I can understand the waste of bandwidth by L2TP.
But, can you please elaborate more on how does L2TP interfere
with the access controls?
Thanks,
Shekhar
> -----Original Message-----
> From: Stephen Kent [mailto:kent@bbn.com]
> Sent: Thursday, May 11, 2000 5:15 PM
> To: CHINNA N.R. PELLACURU
> Cc: ipsec@lists.tislabs.com
> Subject: Re: Windows 2000 and Cicsco router interoperability
>
>
> At 2:54 PM -0700 5/10/00, CHINNA N.R. PELLACURU wrote:
> >I can't speak for the whole of Cisco, but the way I look at it is:
> >
> >Modeconfig/Xauth are being supported as quick hack to get
> something to
> >work, and get something to customers, until there is a
> client that can do
> >IPSec and L2TP.
> >
> >I beleive that it is not our long term vision, to ship
> Modeconfig/Xauth. I
> >beleive that Cisco's long term goal is to follow whatever is
> standardized
> >in the IPSRA WG, because that's what IPSRA WG is chartered to solve.
> >
>
> That's one view.
>
> Another perspective is that L2TP over IPsec represents an effort by
> Microsoft & Cisco to preserve a joint development investment in L2TP,
> irrespective of its technical merit in this context :-). If I am
> sending non-IP packets, L2TP is appropriate, but if I am sending IP,
> then the extra headers introduced by L2TP are not only wasteful of
> bandwidth on a continuing basis, but they also interfere with the
> access controls that are an essential part of IPsec. One needs some
> means of dealing with bind time connection parameters, but use of
> L2TP on a continuing basis is an expensive means of achieving this
> goal.
>
> Steve