Device Level VPN Types and Supported Configurations Overview
You can create four types of device-level VPNs. Table 1 describes the types of device-level VPNs:
Table 1: Device-Level VPN Types
Device-Level VPN Types | Description |
---|---|
AutoKey IKE VPN | Connect devices and/or protected resources. An AutoKey IKE VPN supports mixed-mode, policy-based, and routing-based VPNs, but does not support RAS users. For details on each step, see Device Level AutoKey IKE VPN: Using Gateway Configuration Overview. |
Manual Key IKE VPNs | Authenticate devices, protected resources, and RAS users in the VPN with manual keys. For details on each step, see Device-Level Manual Key VPN: Using XAuth Users Overview. |
L2TP RAS VPN | Connect L2TP RAS users and protected resources with authentication but without encryption. For details on each step, see Device Level Manual Key VPN: Using VPN Rule Configuration Overview. |
L2TP-over-AutoKey IKE RAS VPN | Connect L2TP RAS users and protected resources. An L2TP-over-AutoKey IKE RAS VPN supports policy-based VPNs and L2TP RAS users, but does not support routing-based VPNs. For details on each step, see Creating Device Level L2TP-over-Autokey IKE VPNs Overview. |
Creating device-level AutoKey IKE VPNs is a four stage process:
Supported Configurations
IKE VPNs support tunnel mode, and can be policy-based or route-based; however, route-based VPNs do not support RAS users.
L2TP VPNs support transport mode and can be policy-based.