To implement remote access VPNs, I want to install a Cisco 3015 concentrator in one office and configure Cisco 3002 VPN hardware clients in the other. As the network administrator, I have designed the whole structure, but I am confused about tunneling protocols (L2TP & PPTP) and security protocol (IPsec). Can you please explain how these protocols differ, and which is a better choice for secure communication?
As you mentioned, Layer 2 Tunneling Protocol (L2TP) and Point-to-Point Tunneling Protocol (PPTP) are two different tunneling protocols. You'll often find three different options for setting up VPN tunnels: PPTP, IPsec and IPsec over L2TP. In general, IPsec is the most secure option because, when properly implemented, it provides confidentiality, integrity and authentication services for your network traffic. Microsoft Windows does not natively support straight IPsec, so administrators setting up VPNs to support Windows clients often offer IPsec over L2TP connectivity.
That said, the Cisco gear you describe all natively supports IPsec tunneling. To set up simple site-to-site VPNs between different Cisco devices, you can't go wrong with IPsec.
- Visit our IPsec resource center and learn how enterprises can use this protocol to solve remote access issues.
Dig Deeper on VPN security
Related Q&A from Mike Chapple
Examine the important differences between stateful and stateless firewalls, and learn when each type of firewall should be used in an enterprise ... Continue Reading
Explore the differences between wired and wireless network security, and read up on best practices to ensure security with or without wires. Continue Reading
Choosing to encrypt confidential data with AES or DES encryption is an important cybersecurity matter. Learn about the important differences between ... Continue Reading