Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
916
Views
0
Helpful
6
Replies

Easyvpn VS lan 2 lan

Go to solution
valerio76
Level 1
Level 1

‎06-17-2010 12:50 AM

Hello everybody,

I would like to know the difference between easyvpn and Lan 2 Lan.

I mean if i would like to connect a  office (20 ppl) to HQ what i should use ?

what benefit i will have if i am using easyvpn between two ASA instead vpn Lan2Lan ? or problem such as perfomance

thank you very much

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
edadios
Cisco Employee
Cisco Employee
In response to valerio76

‎06-17-2010 04:12 AM

The main benefit of easyvpn is the easier configuration needed on the client and server .

With Lan to Lan, you will need to configure the address of your peer, and matching access-list for encrypted traffic. And continue to configure this, everytime you add a peer.

Easyvpn client can be dhcp address assigned by the isp for their internet connection, you can have the client end subnet doing traffic connection to server end network, without having to define the netowrk of the client on the vpn server end. No need to keep modifying configuration of the VPN server for every  additional vpnclient peer.

More information here www.cisco.com/go/easyvpn

Regards,

View solution in original post

0 Helpful
6 Replies 6

Go to solution
edadios
Cisco Employee
Cisco Employee

‎06-17-2010 02:56 AM

There are two modes for easyvpn. The client (PAT) mode, or the network extension mode (NEM).

With the PAT mode, the remote vpnclient will go through the pat interface of the client. The Server VPN network can not initiate traffic from it's end to reach the client network end "once the tunnel is up".

With network extension mode (NEM), the client lan can be seen from VPN Server  network end. The Server VPN network can reach the host of the client end, "once the tunnel is up".

Back to your question, I think you wanted to know the difference between the NEM mode easyvpn and Lan to Lan ipsec tunnel.

In comparing Lan to Lan ipsec and NEM mode easyVPN, the difference is that the Server Network, can not initiate the building up of the tunnel.

The tunnel has to be first initiated (built up) from the client end, and traffic sent from the client end, before the server end can realise what network is behind the NEM easyvpn client. Once  the tunnel is built, the Server VPN network end, can then send traffic to the client network end.

I hope that answers your question.

Regards,

0 Helpful

Go to solution
valerio76
Level 1
Level 1
In response to edadios

‎06-17-2010 03:14 AM

Thank you very much !

0 Helpful

Go to solution
edadios
Cisco Employee
Cisco Employee
In response to valerio76

‎06-17-2010 03:24 AM

Your welcome..

0 Helpful

Go to solution
valerio76
Level 1
Level 1
In response to edadios

‎06-17-2010 03:30 AM

excuse me but was  wondering benefits remain unchanged using easyvpn? instead of a l2l?

0 Helpful

Go to solution
edadios
Cisco Employee
Cisco Employee
In response to valerio76

‎06-17-2010 04:12 AM

The main benefit of easyvpn is the easier configuration needed on the client and server .

With Lan to Lan, you will need to configure the address of your peer, and matching access-list for encrypted traffic. And continue to configure this, everytime you add a peer.

Easyvpn client can be dhcp address assigned by the isp for their internet connection, you can have the client end subnet doing traffic connection to server end network, without having to define the netowrk of the client on the vpn server end. No need to keep modifying configuration of the VPN server for every  additional vpnclient peer.

More information here www.cisco.com/go/easyvpn

Regards,

0 Helpful

Go to solution
valerio76
Level 1
Level 1
In response to edadios

‎06-17-2010 06:47 AM

Thank you

ciao

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents