Cisco supports several types of VPN implementations on the ASA but they are generally categorized as either “IPSec Based VPNs” or “SSL Based VPNs“. The first category uses the IPSec protocol for secure communications while the second category uses SSL. SSL Based VPNs are also called WebVPN in Cisco terminology. The two general VPN categories supported by Cisco ASA are further divided into the following VPN technologies.
IPSec Based VPNs:
IPSec Based VPNs:
- Lan-to-Lan IPSec VPN: Used to connect remote LAN networks over unsecure media (e.g Internet). It runs between ASA-to-ASA or ASA-to-Cisco Router.
- Remote Access with IPSec VPN Client: A VPN client software is installed on user’s PC to provide remote access to the central network. Uses the IPSec protocol and provides full network connectivity to the remote user. The users use their applications at the central site as they normally would without a VPN in place.
- Clientless Mode WebVPN: This is the first implementation of SSL WebVPN supported from ASA version 7.0 and later. It lets users establish a secure remote access VPN tunnel using just a Web browser. There is no need for a software or hardware VPN client. However, only limited applications can be accessed remotely.
- AnyConnect WebVPN: A special Java based client is installed on the user’s computer providing an SSL secure tunnel to the central site. Provides full network connectivity (similar with IPSec remote access client). All applications at the central site can be accessed remotely.
