cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.

679
Views
0
Helpful
2
Replies

Is ASA support IPVPN?

Hi All,

I want to ask something, if ASA can support the IPVPN? 

Thank you very much for your answers. 

Regards,

Michelle

2 REPLIES 2
cofee
Contributor

It's been more than  few weeks since you posted this question. If you still help with this can you elaborate what exactly are you looking for? Site to site Vpn tunnel?

Ravi Singh
Rising star

The options that is offered by ASA for VPN are:

1. Site to Site (IPSec)

2. IPSec Remote Access using VPN clients (ver 4.x and 5.x)

3. EZY VPN (It uses IPSec protocol too)

4. Anyconnect (SSL Based VPN)

5. Clientless or WebVPN (Browser based VPN)

The first three options uses IPSec Protocol. Now alll of them are secure however it totally depends upon your requirement.

For instance, if you have many users at one location (lets say remote office) who need access to many machines at HQ location, then site to site will be a better option because if you create multiple sessions using remote access then it will not only consume the CPU but will also consume the VPN license. So site to site is used for allowing a complete subnet/subnets to talk to multiple subnets.

Same is the case with EZY VPN. It has two modes. Client Mode and Network Extention modes.

If your requirement is that you have a mobile user who stays out of office most of the time but he needs access to company resources then you need to go for Remote access VPN. You can use IPSec VPN as well as Anyconnect or Clientless VPN.

IPSec is older VPN client which is being rolled out by cisco and the new client is Anyconnect. Anyconnect offers you more security and more features however it is expensive as compared to the IPSec VPN licenses.

If your requirement is to allow user to access some of the server at HQ location and the user is out of office and does not have client installed, then you can offer him a clientless VPN access.

Please let me know if this answers your question.