01-28-2019 06:51 PM - edited 02-21-2020 08:42 AM
need to know the difference between
difference between remote access vpn and site to site VPN on cisco ASA
how can i check from GUI or CLI if this is remote access or L2l VPN?
Solved! Go to Solution.
01-28-2019 07:25 PM
"Site to Site VPN uses a security method called IPsec to build an encrypted tunnel from one Customer network (generally HQ or DC) to the customer’s remote site between whole or part of a LAN on both sides , Remote access VPN connect individual users to private networks (usually HQ or DC).
Site to Site VPN has benefit that each client machine does not require to perform encryption/decryption or install VPN Client software on it. On the other hand, Remote Access VPN user machine needs to perform encryption/decryption and may or may not be required to be setup VPN Client software."
https://ipwithease.com/site-to-site-vpn-vs-remote-access-vpn/
CLI guide - https://ipwithease.com/site-to-site-vpn-vs-remote-access-vpn/
01-28-2019 10:09 PM
In short, site to site VPN connects two offices (where office can either be a branch office or the HQ) while a remote access VPN connects a single user to an office.
To get an overview of what is configured you can issue the following command: show vpn-sessiondb summary
Show cry isakmp sa will give you an overview of site to site VPN and show crypto ipsec sa will show you information on what subnets are being encrypted and decrypted.
To see the VPN configuration issue the command show run crypto and show run webvpn (this will show all crypto configuration). Keep in mind that there is probably also som NAT configuration also.
01-28-2019 07:25 PM
"Site to Site VPN uses a security method called IPsec to build an encrypted tunnel from one Customer network (generally HQ or DC) to the customer’s remote site between whole or part of a LAN on both sides , Remote access VPN connect individual users to private networks (usually HQ or DC).
Site to Site VPN has benefit that each client machine does not require to perform encryption/decryption or install VPN Client software on it. On the other hand, Remote Access VPN user machine needs to perform encryption/decryption and may or may not be required to be setup VPN Client software."
https://ipwithease.com/site-to-site-vpn-vs-remote-access-vpn/
CLI guide - https://ipwithease.com/site-to-site-vpn-vs-remote-access-vpn/
01-28-2019 10:09 PM
In short, site to site VPN connects two offices (where office can either be a branch office or the HQ) while a remote access VPN connects a single user to an office.
To get an overview of what is configured you can issue the following command: show vpn-sessiondb summary
Show cry isakmp sa will give you an overview of site to site VPN and show crypto ipsec sa will show you information on what subnets are being encrypted and decrypted.
To see the VPN configuration issue the command show run crypto and show run webvpn (this will show all crypto configuration). Keep in mind that there is probably also som NAT configuration also.
03-01-2019 06:38 PM
Many thanks for answering.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide