Comprehensive implementation case of enterprise internal network SSL VPN and IPSec VPN interoperability (with topo experimental configuration environment)

User needs: 

1. Site 1/2 requires access to the internet, ISP1 is the main line, and ISP2 is the backup line;
2. Site 1 requires a WEB/FTP server to be deployed to provide services. FTP can only provide services to the intranet, and the WEB server allows a separate fixed IP access to the Internet, with an address of 100.1.2.3;
3. The headquarters purchased a fixed export IP through ISP01, allowing company users to log in through the fixed IP, access the company's intranet through SSL VPN, and access the intranet WEB/FTP server;
4. A secure VPN tunnel is required to be established between site 1 and site 2 to achieve inter-site network communication;

 The network topology is as follows:

1. ISP operator configuration

ISP01 initialization configuration:

sys
 int e0/0/0
 ip address 100.1.20.254 24
 int e0/0/1
 ip address 100.1.1.254 24 
 int g0/0/0
 ip address 200.100.0.1 30
 int g0/0/1
 ip address 100.100.1.1 30
 int g0/0/2
 ip address 100.100.2.1 30

The Internet segment of routers and firewalls in the enterprise is 30 bits.

ISP02 initialization configuration:

sys
 int e0/0/0
 ip address 200.1.2.254 24
 int e0/0/1
 ip address 200.1.1.254 24
 int g0/0/0
 ip address 200.100.0.2 30
 int g0/0/1