I mentioned tunneling earlier in the chapter, but now is an excellent time to dig a little deeper. This is where the difference between pure IPSec and the Microsoft L2TP/IPSec tunnel can be explained. Tunneling is also referred to as encapsulation because the original packet is encapsulated inside a new packet. For those of you familiar with the early days of Novell NetWare, they used a form of IP Tunneling to encapsulate IPX packets within IP for transmission across an IP-only network. In the case of NetWare, however, encapsulation was used not for security purposes, but because the operating system couldn't "speak" native IP. This example is just to illustrate that the concept of tunneling is nothing new and is often used for reasons ...

Get Microsoft® Windows® 2000 Security Handbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.