IT Certification exam information exchange, brain dumps discussions sharing.
You are not logged in. Please login or register.
Share Test → TXT Questions and Answers → Cisco 350-701 topic 1 question 356
An engineer is trying to decide between using L2TP or GRE over IPsec for their site-to-site VPN implementation. What must be understood before choosing a solution?
A.
L2TP is an IP packet encapsulation protocol, and GRE over IPsec is a tunneling protocol
B.
GRE over IPsec cannot be used as a standalone protocol, and L2TP can
C.
L2TP uses TCP port 47 and GRE over IPsec uses UDP port 1701
D.
GRE over IPsec adds its own header, and L2TP does not
Would have to vote B for this one as well...
A is incorrect - L2TP IS a TUNNELING protocol.
C is also incorrect - L2TP uses UDP and NOT TCP.
D is also incorrect - L2TP includes an additional set of IP, UDP, and L2TP headers.
GRE and IPSEC are two protocols
Cisco definition: Unlike encapsulation, tunneling allows a lower-layer protocol and a same-layer protocol to be carried through the tunnel."
Like stalkr3 said before: L2TP carries a lower layer protocol (L2, like PPP). It is a tunneling protocol (hence the name) and not an encapsulation.
https://www.cisco.com/c/en/us/td/docs/ios/12_4/interface/configuration/guide/inb_tun.html#wp1045601
I think it's D and here is why:
Take a look at the L2TP header IN the IPSec packet in the diagram here: https://www.researchgate.net/figure/L2TP-over-IPsec-Encapsulation_fig10_330313436
It's not adding an additional header that GRE does as depicted in the diagram here in fig 14.1:
https://www.ciscopress.com/articles/article.asp?p=773666&seqNum=2
GRE adds its own required header to the IPSec packet and L2TP does not. Its header is encapsulated within the IPSec packet.
https://www.ibm.com/docs/en/i/7.4?topic=concepts-layer-2-tunnel-protocol
L2TP is actually a variation of an IP encapsulation protocol. The L2TP tunnel is created by encapsulating an L2TP frame inside a User Datagram Protocol (UDP) packet, which in turn is encapsulated inside an IP packet.
https://learningnetwork.cisco.com/s/question/0D53i00000KstmKCAR/difference-between-gre-and-ipsec
https://www.cloudflare.com/learning/network-layer/what-is-gre-tunneling/
GRE is a tunneling protocol
A: is not correct since L2TP is frame encapsulation and gre over ipsec is not a single protocol.
C: wrong
D:L2TP also adds it own header
So only B remaining ,its not clear for me but the other three answers seems wrong to me
i think B is write because GRE over ipsec is a combination of two protocols and cannot be used as standalone protocol, and L2TP can be used without security and encryption also we can use Ipsec to make it secure
A is wrong. Per Cisco site:"Unlike encapsulation, tunneling allows a lower-layer protocol and a same-layer protocol to be carried through the tunnel." L2TP carries a lower layer protocol (L2, like PPP). It is a tunneling protocol (hence the name) and not an encapsulation.
D is wrong, L2TP adds 8bytes of header
...Overhead is tallied for an IP header of 20 bytes, a UDP header of 8
bytes, and an L2TP header of 8 bytes.
If you read the question carefully, the answer is B
Yes B. C is obviously wrong. A is also wrong as L2TP is a tunnel protocol and what it encapsulates is the entire Ethernet frame, not just an IP packet, in addition, "GRE over IPsec" is not a protocol, it is using 2 protocols together. D is wrong too as L2TP does add its own header, just google for "L2TP header" and you will find the answer, the search resulted images are useful too.
https://ipwithease.com/gre-vs-l2tp/
https://ipwithease.com/gre-vs-l2tp/
I believe A is correct.
L2TP is actually a variation of an IP encapsulation protocol.
GRE is a tunneling protocol which is used to transport multicast, broadcast and non-IP packets like IPX etc. IPSec is an encryption protocol.
Only A makes sense
A is correct.
So correct answer is A, right?
I prefer A
L2TP is layer 2 only
so its B
i mean A 
L2TP is layer 2 only
Share Test → TXT Questions and Answers → Cisco 350-701 topic 1 question 356
Note: This forum is a platform for users to share insights and discuss exam-related topics. We do not provide authentic exam questions or answers. The content here is contributed by community members and is meant for collaborative learning and discussion purposes only. Users are encouraged to refer to official sources for accurate exam materials.