From: lutz@iks-jena.de   
      
   * Raul Elms wrote:   
   >> You are wrong. XP does L2TP over IPSec in transport mode. L2TP itself is an   
   >> Ethernet brigde tunnel over PPP. Cisco Client uses IPSec in tunnel mode with   
   >> propietary extensions to do user authentication and client configuration.   
   >   
   > so due to this extension Cisco's Client can't connect to gates   
   > designed for XP?   
      
   They are simply different. The extensions where introduced at a time where   
   Windows did not even know about IPSec. They are on the standardizaion track.   
   L2TP had a similar history, it starts as a propietary protocol called PPTP.   
      
   A once more: Windows IPSec can't use NAT-Traversal (without patches), while   
   the Cisco client does the propietary NAT-Traversal extensions.   
      
   Keep in mind: IPSec is ONLY standardized for the case of two systems with   
   public addresses. There are two cases: Both sides has static interal IP   
   addresses, so use tunnel mode and connect the networks. Or at least one side   
   has no known internal IP address, so use transport mode without using any   
   routing.   
      
   In practical enviroments both standardized precondidions are not meet.   
   Therefore a lot of extensions exists. The Windows extensions is incompatible   
   to the Cisco extensions, beside Cisco boxes can be used to terminate Windows   
   roadwarrior systems (beside PIX 7.x).   
      
   You have to live with it.   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)