Securing L2TP and IP Tunnels with IPsec

This topic describes how to secure generic routing encapsulation (GRE), Distance Vector Multicast Routing Protocol (DVMRP), and Layer 2 Tunneling Protocol (L2TP) tunnels with IP Security (IPsec) on your E Series router. It contains the following sections:

• Securing L2TP and IP Tunnels with IPsec Overview
• Securing L2TP and IP Tunnels with IPsec Platform Considerations
• Securing L2TP and IP Tunnels with IPsec References
• L2TP/IPsec Tunnels Overview
• Setting Up a Secure Connection Between the Client PC and an E Series Router
• L2TP/IPsec Control and Data Frames Overview
• L2TP/IPsec Traffic Compatibility Issues and Requirements Overview
• NAT Passthrough Mode Overview
• NAT-Traversal Overview
• Single-Shot L2TP/IPsec Tunnels Overview
• Setting Up the Client PC for an L2TP/IPsec Tunnel
• Configuring E Series Routers to Set Up an L2TP/IPsec Tunnel
• Configuring an L2TP Destination Profile to Enable IPsec Support for L2TP Tunnels
• Enabling IPsec Transport Mode
• Creating an L2TP Destination Profile
• Enabling NAT-T on a Virtual Router
• Configuring Single-Shot L2TP/IPsec Tunnels
• GRE/IPsec and DVMRP/IPsec Tunnels
• Configuring an IPsec Transport Profile
• Configuring the Type of Application Secured by Connections Created with an IPsec Transport Profile
• Creating an IPsec Transport Profile
• Setting a Lifetime Range for an IPsec Transport Profile
• Configuring a Local Endpoint for an IPsec Transport Profile
• Configuring Perfect Forward Secrecy for an IPsec Transport Profile
• Configuring an Unencrypted Preshared Key for a Local IPsec Transport Profile
• Configuring an Encrypted Preshared Key for a Local IPsec Transport Profile
• Configuring Transform Sets for an IPsec Transport Profile
• Using a System Event Log to Troubleshoot IPsec-Secured L2TP and IP Tunnels