Cisco supports several types of VPN deployments above Firewall they are often classified as “IPSec-based VPNs” or “SSL-based VPNs”.
The first type of VPN uses the IPSec protocol for secure communication, while the second type of VPN uses SSL.
SSL-based VPNs are also known as WebVPNs in Cisco terminology. There are two types of VPNs Cisco Firewall Support is divided into the following VPN technologies.
1. IPSec-based VPNs:
– Lan-to-Lan IPSec VPN: Used to connect remote LANs over unsecured media (e.g., the Internet). It runs between Firewall-to-Firewall or Firewall-to-Cisco Router.
– Remote access with IPSec VPN Client: A VPN client software installed on the user’s PC to provide remote access to the central network. Uses IPSec protocol and provides full network connectivity to remote users. Users use their applications at the central site as usual.
2. SSL-based VPN (WebVPN):
– Clientless WebVPN mode: This is the first implementation of SSL WebVPN supported from ASA version 7.0 and above. It allows users to set up a secure remote access VPN tunnel using just a Web browser. No need for a software or hardware VPN client. However, only limited applications can be accessed remotely.
– AnyConnect SSL VPN: A special Java-based client installed on the user’s computer, providing a secure SSL tunnel to the central website. Provides full network connectivity (similar to IPSec remote access client). All applications at the central site can be accessed remotely.
From the description above, you can understand that AnyConnect WebVPN technology combines the best of both IPSec-based VPN and SSL-based VPN.
It provides full network connectivity to remote users without the need to install specialized VPN software such as IPSec remote access clients.
The AnyConnect VPN Client application is a lightweight Java application (about 3MB) that can be dynamically installed or uninstalled from a remote user’s PC.
Xem tiếp...