How do L2TP and PPTP differ from IPsec?

There are different protocol options when setting up a VPN tunnel. SearchSecurity.com expert Mike Chapple reviews the choices and reveals the one that is most secure.

To implement remote access VPNs, I want to install a Cisco 3015 concentrator in one office and configure Cisco...

3002 VPN hardware clients in the other. As the network administrator, I have designed the whole structure, but I am confused about tunneling protocols (L2TP & PPTP) and security protocol (IPsec). Can you please explain how these protocols differ, and which is a better choice for secure communication?

As you mentioned, Layer 2 Tunneling Protocol (L2TP) and Point-to-Point Tunneling Protocol (PPTP) are two different tunneling protocols. You'll often find three different options for setting up VPN tunnels: PPTP, IPsec and IPsec over L2TP. In general, IPsec is the most secure option because, when properly implemented, it provides confidentiality, integrity and authentication services for your network traffic. Microsoft Windows does not natively support straight IPsec, so administrators setting up VPNs to support Windows clients often offer IPsec over L2TP connectivity.

That said, the Cisco gear you describe all natively supports IPsec tunneling. To set up simple site-to-site VPNs between different Cisco devices, you can't go wrong with IPsec.

More on this topic

  • Visit our IPsec resource center and learn how enterprises can use this protocol to solve remote access issues.


This was first published in September 2006

Dig Deeper on IPsec VPN Security



Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

1 comment


Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: