User Guide
VPN
About VPNs
Cisco ISA500 Series Integrated Security Appliances Administration Guide 334
8
About VPNs
A VPN provides a secure communication channel (also known as a “tunnel”)
between two gateway routers or between a remote PC and a gateway router. The
security appliance supports the following VPN solutions:
• Site-to-Site VPN: Connects two routers to secure traffic between two sites
that are physically separated. See Configuring a Site-to-Site VPN,
page 340.
• IPsec Remote Access: Allows the security appliance to act as a head-end
device in remote access VPNs. Your security appliance will be set as an
IPsec VPN server and push the security policies to remote VPN clients, so
that remote VPN clients have up-to-date policies in place before
establishing the VPN connections. The IPsec VPN server can also terminate
the VPN connections initiated by remote VPN clients. This flexibility allows
mobile and remote users to access critical data and applications on
corporate Intranet. See Configuring IPsec Remote Access, page 355.
• Teleworker VPN Client: Minimizes the configuration requirements at
remote locations by allowing the security appliance to work as a Cisco VPN
hardware client to receive the security policies over the VPN tunnel from a
remote IPsec VPN server. See Configuring Teleworker VPN Client,
page 363.
• SSL VPN: Allows remote users to access the corporate network by using
the Cisco AnyConnect Secure Mobility Client software. Remote access is
provided through a SSL VPN gateway. See Configuring SSL VPN,
page 372.
• L2TP: Allows remote clients to use a public IP network to secure
communicate with private corporate network servers. See Configuring
L2TP Server, page 385.
NOTE The security appliance can function as an IPsec VPN server or as a Cisco VPN
hardware client, but not both simultaneously.