Differences between using crypto maps in IPSec and VTI-based IPSec

Differences between using crypto maps in IPSec and VTI-based IPSec

I’m going to write a post about a simple, yet complex topic today and that is using crypto-maps in IPSec versus VTI-based IPSec. There are many topics on this everywhere but most of them lack very important facts that make the whole scenario stops working as needed. I see on many sites that they want to attach IPSec crypto maps on physical interfaces alongside NAT for a simple purpose; that is enabling 2 branch offices to exchange traffic with each other securely, while being able to reach the Internet using NAT and unsecurely.…Read more …