Types of encryption for tunnels in policy-based VPNs

Tunnels in policy-based VPNs can use IPsec or SSL VPN encryption.

• IPsec — The IPsec protocol allows any IP traffic to be transported in the VPN regardless of which higher-level protocol the traffic uses on top of the IP protocol. Hosts can communicate through the VPN as if it was a normal link without the need for application-specific configurations on the gateway device. IPsec is part of both the IPv4 and IPv6 standards. IPsec is defined in RFC 4301.

  You can use IPsec VPN tunnels in both site-to-site and mobile VPNs.

• SSL VPN — SSL VPN tunnels use secure sockets layer (SSL) encryption to provide secure remote access. You can use SSL VPN tunnels in mobile VPNs.

You can use SSL VPN tunnels alone, IPsec tunnels alone, or both SSL VPN and IPsec tunnels together in the same policy-based VPN.