I understand that you can use IPSec to tunnel data securely. According to the Wikipedia page and a few other sources it can also tunnel IP packets and then route them through an interface. That would create a VPN where one subnet would be able to access another subnet in a very secure way.
However what I dont understand is why some people add L2TP to the stack. I get the idea that L2TP is secured by IPSEC, but if IPSEC already has a tunnel implementation wouldn't it just cause more overhead?
What is the attraction to L2TP/IPSEC when the same result can be reached with plain IPSec?
