Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ipsec or ssl vpn

out of ipsec and ssl , which vpn is better when thinking about speed, as vpn is known to be slow responsive.

Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: ipsec or ssl vpn

Yes correct

10 REPLIES
Silver

Re: ipsec or ssl vpn

Well both have there own pros and cons....

Could you please elaborate what kind of functionality you are looking for?

BTW , ipsec is easy to implement, manage and more user friendly, plus much easy to troubleshoot, but there are couple of features that can not be implement in ipsec and hence we need ssl that ways.... Please let me know your exact requirement.

Thanks

Ankur

New Member

Re: ipsec or ssl vpn

this user group needs remote connection to be established for external parties on a different region to the HQ. The end application at HQ is sort of heavy in terms of usage as it has graphic contents. Users at remote sites are greater than 13 in no.


vpn was selected to keep cost low and use existing infrastructure.

Please let me know if this is still insufficient info.

Thanks.

Silver

Re: ipsec or ssl vpn

Thanks for the reply!

well cisco IPSEC remote vpn client setup will be good for you....easy to deploy and performance will be nice too.....lemme know in case u need the help with deployment , i will help you out with that..

Once decide then lemme know and i can help with implementation part of it...depending on the device you will use.

PS: Its late night here, i will reply to ur next post tommorow.

Appreciate your time.

Thanks

Ankur

New Member

Re: ipsec or ssl vpn

Thanks Ankur for your kind help.

I will let you know for help when implementation starts for ipsec.

Thanks again.

Silver

Re: ipsec or ssl vpn

Thanks for the reply!

My pleasure!

Appreciate your time.

New Member

Re: ipsec or ssl vpn

for routes when configuring vpn, remote lan network is identified by putting route to my next hop ( internet ). is that wrong

also, i have heard many configure ipsec by creating tunnel. is it necessary that way.

if we just configure it with basic parameters and apply to main interface, should it be ok.

Thanks.

New Member

Re: ipsec or ssl vpn

I have 2 asa's on which ipsec is being configured. asa-2 is also used as another application firewall.temporary ipsec configuration is done on asa-2 to check its working with asa-1.

out of some restrictions, we cant connect any test machine on asa-2 physically for this. If we were to do a ping from asa-2 to asa-1's lan interface ip, will it respond via ipsec.

this is to test ipsec connectivity before further production cuts.

thank you.

Silver

Re: ipsec or ssl vpn

Thanks for the question!!

Well yes you can ping the ASA 1 lan side interface  by configuring the following command on ASA 1

From configuration prompt, pls  put the following command----

management-access

Thanks

Ankur

New Member

Re: ipsec or ssl vpn

thank you for replying.

I see now, so i can indeed test ipsec connection being established by icmp between lan interface ip's of each asa & i should be able to see ipsec tunnel up status.

so i can use management-access inside , if inside is used for defining lan.

Silver

Re: ipsec or ssl vpn

Yes correct

334
Views
5
Helpful
10
Replies