I understand recent versions of Android have dropped support for L2TP VPNs, I believe over security concerns. I don't use Android, but this got me thinking about L2TP in general.
I know L2TP on it's own doesn't encrypt data packets, but when done over IPsec it does. So is L2TP over IPsec still considered a secure and acceptable method of VPN communications for businesses, or is that now considered insecure as well?