This was very helpful. I have been unsure about IPsec vs SSL security differences. I have setup a IPsec vpn connection for my office. As I read about the two, it seems SSL is more popular. It makes more sense now that it was broken down into the OSI layers and all. I think I'll stay with my IPsec vpn connections now.
Gary Frazier SSL works more reliably for remote users because when they travel they'll most likely be able to get out over TCP 443 vs UDP 4500 (NAT-T). We can't control the firewalls of remote airports, hotels, conference centers etc, so TCP443 is the way to go :)
hello ryan i have a good question please help me to figure out. in a sesión SSL is a fact that you have a public key within the digital certificate that the server send you. and the server has the private Key. is a fact that you (the user) encrypt with the public key and the only one who can DesEncrypt is the server. my doubt is somebody inside my swicht with wireshark capture a Packet from the server to the user (first) and me (the second user) with the public key that i got because is a public key can DesEncrypt that Packet ?? and see the data that the server is sending to the First User ??
Hey, can you please tell me if there is a piece of vpnssl hardware that I can buy that will not require me to subscribe to a monthly service? This is for safe internet browsing, not for corporate connectivity.Thanks.
+Ryan Lindfield Hello Ryan, thanks for your efforts, I think this video is continuation of another video. So, can you please provide a link for that video (if at all there is any). Thanks
You were going good until 12:35.. the flow broke and I had wo watch again and again, to catch u, 2nd thing I would never have understood what u were saying about tcp retransmissions related to vpn just few secs later if I had not watched TCP- meltdown video by computerphile.. good video btw, pratical examples make it better.. good.. make more. could u do one on ssh tunneling and similar ?
Thanks Ryan for Simplicity and make an unobvious issue to be cleared. But still I have quesiton regards SSL / TLS . SSL is in application layer which use TCP 443 as Transport Layer . so thats mean TLS should in Application layer NOT Transport Layer ? am I right. please explain
SSL is in the presentation layer, layer 6, this is where the "work" takes place. As far as allowing SSL VPN traffic, it's Default TCP 443 and there is also a more efficient D-TLS (Datagram) which uses UDP. DTLS is efficient however it requires firewall admins to allow their guest networks to pass UDP 443.
Protocol numbers are different than port numbers. If you look at a picture of an IP header you'll see it has a PROTOCOL field, that field holds a number, like 17 , which would mean UDP. When an IP packet is being processed the computer uses the protocol field to know how to decode layer 4. This is really confusing at first, hope that helped.
Hola: Tengo el Corporativo y las sucursales unidos por VPN todos, uso escritorio remotos para el RP en todas las sucursales. quiero conectarme al server desde las sucursales usando el Nombre del Servidor y No la dirección ip. En el corporativo si me conecto al Server desde la misma LAN interna usando el nombre del SERVER, pero cuando quiero conectarme desde una sucursal usando el nombre del server no me resuelve, no lo encuentra el escritorio remoto a través de conexión VPN, solamente con la dirección IP funciona. Que se puede hacer para que el nombre del Server este publico a través de las VPN ?? Gracias
Sounds a bit like you're selling Cisco. OpenVPN works everywhere and is faster and much easier to set up. Managing and configuring ASAs is a nightmare.
your explanation is not that much clear. new engineer can not understand. only experienced engineer can understand. if some one experienced, then why does he need your video?
Als SSL-VPN (englische Schreibweise: SSL VPN ohne durchkoppelnden Bindestrich) bezeichnet man Systeme, die den Transport privater Daten über öffentliche Netzwerke ermöglichen (siehe VPN) und als Verschlüsselungsprotokoll TLS (alte Bezeichnung: SSL) verwenden. Prinzipiell ist SSL als Verschlüsselungsprotokoll für VPN sowohl für Site-to-Site- als auch End-to-Site-VPNs geeignet. In den 1990er-Jahren gab es Systeme, die SSL als Sicherungsschicht für Site-to-Site-VPNs einsetzten. Mit der Entwicklung von IPsec und der zunehmenden Vernetzung über Organisationsgrenzen hinaus hat das standardisierte, interoperable IPsec sich als Alternative etabliert. Der entscheidende Vorteil von SSL-VPN gegenüber IPsec ist die Bereitstellung des Netzwerk- und Applikationszugriffs für mobile Anwender, da die Konfiguration der Clients einfacher möglich ist als mit einer Lösung durch IPsec. de.wikipedia.org/wiki/SSL-VPN
A company wants to implement a large number of WAPs throughout its building and allow users to be able to move around the building without dropping their connections Which of the following pieces of equipment would be able to handle this requirement? (A). A VPN concentrator (B). A load balancer (C). A wireless controller (D). A RADIUS server