Site-to-site VPN
A site-to-site VPN connects two remote LAN’s through a “virtual tunnel” on the Internet. Site-to-site VPN’s require IPSec compliant hardware at both terminations and uses pre-shared encryption keys to establish connection between the two sites.

Cisco Software Client VPN
This type of VPN allows any computer with an Internet connection, in addition to the Cisco software VPN client, to bring up a VPN tunnel and connect to their company VPN terminating hardware.

Cisco VPNs can be terminated on three types of Cisco hardware.

   1. Cisco Routers running IOS that includes the IPSec feature set.
   2. Cisco PIX firewalls.
   3. Cisco VPN Concentrators

All three devices can terminate IPSec VPNs. Each device can be paired up with any of the other devices to create a site-to-site VPN.

The application determines which device will be used. The router provides the most flexibility since it can run all routing protocols.

The PIX is mainly used as a firewall but is often leveraged for VPN use. The concentrator can do site-to-site as well as supporting the Cisco software client.