Device Level VPN Types and Supported Configurations Overview

You can create four types of device-level VPNs. Table 52 describes the types of device-level VPNs:

Table 52: Device-Level VPN Types

Device-Level VPN Types

Description

AutoKey IKE VPN

Connect devices and/or protected resources. An AutoKey IKE VPN supports mixed-mode, policy-based, and routing-based VPNs, but does not support RAS users. For details on each step, see Device Level AutoKey IKE VPN: Using Gateway Configuration Overview.

Manual Key IKE VPNs

Authenticate devices, protected resources, and RAS users in the VPN with manual keys. For details on each step, see Device-Level Manual Key VPN: Using XAuth Users Overview.

L2TP RAS VPN

Connect L2TP RAS users and protected resources with authentication but without encryption. For details on each step, see Device Level Manual Key VPN: Using VPN Rule Configuration Overview.

L2TP-over-AutoKey IKE RAS VPN

Connect L2TP RAS users and protected resources. An L2TP-over-AutoKey IKE RAS VPN supports policy-based VPNs and L2TP RAS users, but does not support routing-based VPNs. For details on each step, see Creating Device Level L2TP-over-Autokey IKE VPNs Overview.

Creating device-level AutoKey IKE VPNs is a four stage process:

Supported Configurations

IKE VPNs support tunnel mode, and can be policy-based or route-based; however, route-based VPNs do not support RAS users.

L2TP VPNs support transport mode and can be policy-based.

Related Documentation