Appendix. Combining IPsec with L2TPv3 for Secure Pseudowire
As described in Chapter 18, “IEEE 802.1AE,” IEEE 802.1AE protects all Layer 2 traffic with encryption and authentication. Not all existing switches support IEEE 802.1AE; therefore, in the short term, an alternative solution might be attractive. This solution relies on IPsec for the security features. Although IPsec is convenient and suitable to protect IP traffic, it sometimes requires you to also protect all Layer 2 communication between two sites, such as spanning a LAN over a confidential tunnel. IPsec alone cannot fulfill this requirement because it is only applicable to IP traffic.
This appendix describes how two Cisco IOS features (IPsec and Layer 2 Tunnel Protocol version 3 [L2TPv3] ...
Get LAN Switch Security: What Hackers Know About Your Switches now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
