I'm referring to this question. And to be clear: This is really not about the old PPTP vs L2TP debate. 😉
I successfully set up racoon as an IKE server without any L2TP implementation running and it works quite well. I can establish a tunnel from my laptop to the VPN server and use this one as an internet gateway. As far as I can see all IP packets are securely encapsulated. Voilà, this is everything I wanted. But, oops, it's only OS X/iOS that support this type of a "plain IPSec" VPN out of the box, but I need to support other platforms as well. All other OS including Windows and Android seem to need the additional PPP connection that is established using L2TP using software like xl2tpd. I was curious, so I set it up again with racoon+xl2tpd and created an L2TP/IPSec tunnel. And it works exactly like it did without L2TP.
So, what's the benefit of using L2TP at all? Yes, I can tunnel other protocols like X.25, but anything other than IP is rarely needed by the vast majority of users. I can assume reasons why MS is doing it more complex than the VPN stuff has to be. But at least I cannot understand why Android still needs this L2TP layer, which in my opinion just adds complexity and overhead. And yes, I know there is extra client software to overcome the OS limits.
Even with authentication, there is no difference: Remote authentication is usualy done using pre-shared-keys or certificates and user authentication is done via XAuth or CHAP/PAP. – Jep, I'm simplifying here, but you know what I mean.
Does anyone know why L2TP is still the standard way with IPSec? Am I missing something?