Hi, i am in need for more documentation about SSL VPN and EZVPN. I am looking for some information how the ssl and ezvpn works in detail.
As from that, i have questions :
1. Are both ssl vpn and ezvpn works in layer 7 + layer 4 ?
2. SSL VPN and EZVPN use a new ip header for sending data, right ( Data | TCP/UDP | IP | ESP | New Ip Header ) ? I've read some articles the original IP header is being NATed, can someone give me full detail for this?
Thanks, CLN is the best. Cheers
Protocol used for SSL VPN and EZVPN are different i.e. SSL and IPSec. Both have different features .Imagine you are in Airport , Hotel etc. having an internet connection where they could possibly only allow port 80 and 443 from inside . Now ISAKMP works on UDP 500 and that would be dropped . Thats they they introduced Tunneling mechanism with Cisco VPN Client and later SSL VPN was developed . Currently cisco does not support SSL VPN for branch to branch connectivity / tunnel mode .
Google up for SSL VPN vs IPSEC and you will find couple of good articles
Hi, do you know what RFC Full Tunnel SSL and EZVPN mentioned ? I think i need to read some documents to clear this out. One more thing, clientless and full tunnel ssl vpn work in different way right? As clientless using a web browser and full tunnel using cisco anyconnect.
Full Tunnel SSL VPN is exactly the same as EZVPN except the base protocol used is SSL rather than IPSec . Clientless means there is no software client like anyconnect etc. at client PC and he/she uses Browser to initiate VPN .
Its about Tunnel mode and transport mode .
The best VPN book I have read till date is IPSec VPN Design by Vijay Bollapragada .Try reading it
If SSL operates at the transport layer, so the new ip header for ex : using cisco anyconnect to connect with branch private host will look like this :
L3 New L3