12

Most VPN clients distinguish between IPSec and "Cisco IPSec." For example, (Apple's) iOS treats them as essentially separate things.

But I can't find any explanation of what the protocol-level differences are. They may be minor, but there definitely appear to be differences.

Can someone shed light on this? Even just a pointer to a detailed explanation would help a great deal. Thanks!

Dave Peck
  • 223
  • 2
  • 6

2 Answers2

5

From my understanding, "Cisco IPSec" is just marketing speak for IPSec with some pre-defined settings for AH/ESP, tunnel/transport mode, etc. pp.

When you read the RFCs, you see that they deliberately leave room for implementations...you, as the network admin setting up the IPSec connection have quite a lot of options to choose from for the protocol (and you need to). Cisco simplified this a great deal by saying "Both participiants do ESP, they have encryption modes X, Y, Z at their disposal, (...)".

roeme
  • 3,955
  • 3
  • 23
  • 34
0

I understand from your comment that you are wondering the differences between L2TP+IPSec and IPSec only.

  • L2TP is a tunneling protocol. No encryption.
  • IPSec is a security protocol (encryption + authentication)

When IPSec is used "alone", it can oper in two modes :

  • "tunnel": The tunnel is in fact a GRE tunnel (IP in IP), but the payload is encrypted.
  • "transport": IP payload is encrypted, without any encapsulation.

Tunnel mode is mostly used to connect two networks, from router to router, while transport mode will be used for road-warriors, devices (laptop, iPhone), connecting to corporate network.

L2TP over IPSec is similar to transport mode, connecting a remote device to a concentrator. The remote device can be however a router.

petrus
  • 5,337