Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
632
Views
0
Helpful
1
Replies

Cisco AnyConnect 3.1 - ASA 55xx. SSL or IKEv2 ?

mjauner
Level 1
Level 1

‎12-10-2012 04:30 AM - edited ‎02-21-2020 06:32 PM

Hello

We are testing the AnyConnect VPN Client to replace legacy IPSec VPN Client 5.0.x.

We could setup the connections with SSL and IPSec (IKE v2).

Now we have to decide which ist the better method.

What is your experience or suggestion ?

Thanks for any inputs.

  • Main differncies
  • known problems
  • costs
  • ease of use
  • ..

Martin

Labels:
0 Helpful
1 Reply 1

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎12-10-2012 05:40 AM

Martin,

IKEv2 is standards based and will always be easy to get accreditation (if you work with financial or government partners).

SSL is mostly using proprietary solutions (i,e, there is hardly-or-no interoperability between vendors), but it will allow you to do more cool things - like update the client.

A nice compromise is ASA + Anyconnect IKEv2. Where You can use IKEv2 to exchange data, but still retain some of the benefits of SSL (client/profile updates for example).

It all depends on what you're looking for.

M.

edit: I tried to keep it brief, this is a topic you can probably write a lengthy article on.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents