According to my limited understanding, IPSec authenticates peers and encapsulates/encrypts IP packets in tunnel mode.
On another hand, L2TP itself does not offer authentication/encryption, but offers encapsulation, which is already achieved by IPSec.
In my application, I would like to secure end-to-end data transfer using IPSec. I am also considering "L2TP/IPSec" but cannot figure out which L2TP feature is not offered by IPSec? Why would I choose to use L2TP/IPSec rather than IPSec alone?
The reason people use L2TP/IPsec, rather than plain IPsec in tunnel mode, is to have a user-level authentication layer in addition to the host-level authentication provided by IPsec.
Ref: http://seclists.org/basics/2005/Apr/139