VPN Types - Paiet/Tech-Journal-for-Everything GitHub Wiki

  • Site-to-Site
    • IPSec
      • Open standard for building a secure tunnel
      • Multiple modes
        • Transport Mode
        • Tunnel Mode
      • Excellent for interoperability
      • IOS and ASA
    • Dynamic Multipoint VPN
      • DMVPN
      • Point to multipoint
      • One configuration on the hub
      • Designed for branch connecting to home office
      • Spoke-to-spoke is possible, but not by default
      • IOS Only
    • Group Encrypted Transport VPN
      • GETVPN
      • Used on private (non-WAN) networks
      • Shared security association
      • Traffic is encapsulated, but not tunneled
        • Relies on an existing VPN
        • Usually MPLS
      • Always up (fast connect)
      • IOS Only
  • Remote Access
    • Secure Socket Layer VPN
      • SSLVPN
      • Connection managed by a web page
      • May serve as a proxy
      • Client independent
      • IOS and ASA
    • AnyConnect
      • Client installed on machine
      • Full tunnel or split tunnel
      • Managed with central policies
      • IOS and ASA
  • Hybrid
    • FlexVPN
      • Provides site-to-site and remote access
      • Typically used as a replacement to DMVPN
        • IKEv2 by default
        • Better interface management
        • Better spoke-to-spoke handling
      • RA clients connect with AnyConnect
      • IOS and ASAf