Hi, The simple way to explain would be the layer differences. ipsec based vpn works on network layer (effectively works no matter what application produces the traffic). But for SSL (application layer) all the applications need to support that. The ...
You can use the tcp established access-list to block all the incoming traffic except for those traffic originated from inside network. As you are terminating ipsec at the outside interface you don't have to do anything. If you want to extend ipsec to...
Well, i think most of the cases the exstart state indicates the frequent REELECTION of DR/BDR. It can happen because of a cable connection problem(Flapping),so i think you have check up your connectivity issues(You can do this by looking into your ro...
