The Norwegian National Cyber Security Centre (NCSC) recommends replacing SSLVPN/WebVPN solutions with alternatives due to the repeated exploitation of related vulnerabilities in edge network devices to breach corporate networks.
The Norwegian National Cyber Security Centre (NCSC) recommends replacing SSLVPN/WebVPN solutions with alternatives due to the repeated exploitation of related vulnerabilities in edge network devices to breach corporate networks.
Sure IPsec with IKEv2 is preferred, but SSL VPNs at least as a fallback will never go away unless it becomes commonplace for outbound firewall rules to allow udp/500 (which I don’t ever see happening).
The way I’m set up is to have Windows AoVPN connect to my Fortigate w/ IPsec automatically. Then if that doesn’t work due to outbound rules (which is more often lately than it used to be) and I need to connect back to HQ, I manually fire up Forticlient.