Cisco Systems

 


Modules:  1  |  2  |  3  |  4  |  5  |  6  |  7  |  8  |  9  |  10  |  11  |  12  |  13  |  CS 1  |  CS 2  |  All  |

Module 13: Virtual Private Networks

Module Overview
13.1 VPN Overview: Types, Tunnels and Terms
13.1.1 VPN overview
13.1.2 Tunneling and encryption
13.1.3 VPN usage scenarios
13.1.4 Selecting VPN technologies
13.1.5 Identifying VPN and IPSec terms
13.2 Cisco IOS Cryptosystem Overview
13.2.1 Cryptosystem overview
13.2.2 Symmetric encryption
13.2.3 Asymmetric encryption
13.2.4 Key Exchange – Diffie-Hellman algorithm
13.2.5 Hashing
13.3 IPSec Technologies
13.3.1 IPSec
13.3.2 Tunnel versus transport mode
13.3.3 Security association
13.3.4 Five steps to IPSec
13.3.5 How IPSec uses IKE
13.3.6 IKE and IPSec flowchart
13.3.7 Tasks to configure IPSec
13.4 Task 1 – Prepare for IKE and IPSec
13.4.1 Task 1 – Prepare for IKE and IPSec
13.4.2 Task 1 – Determine IKE (IKE Phase 1) policy
13.4.3 IKE Phase 1 policy parameters
13.4.4 Step 2 – Determine IPSec (IKE Phase 2) policy
13.4.5 IPSec transforms supported in Cisco IOS software
13.4.6 IPSec policy example
13.4.7 Identify IPSec peers
13.4.8 Step 3 – Check current configuration
13.4.9 Step 4 – Ensure the network works
13.4.10 Step 5 – Ensure ACLs are compatible with IPSec
13.5 Task 2 – Configure IKE
13.5.1 Task 2 – Prepare for IKE and IPSec
13.5.2 Step 1 – Enable IKE
13.5.3 Step 2 – Create IKE policies
13.5.4 Create IKE policies with the crypto isakmp command
13.5.5 IKE policy negotiation
13.5.6 Step 3 – Configure ISAKMP identity
13.5.7 Step 4 – Configure pre-shared keys
13.5.8 Step 5 – Verify IKE configuration
13.6 Task 3 – Configure IPSec
13.6.1 Task 3 – Configure IPSec
13.6.2 Step 1 – Configure transform set suites
13.6.3 Transform set negotiation
13.6.4 Step 2 – Configure global IPSec security association lifetimes
13.6.5 Purpose of  crypto ACLs
13.6.6 Step 3 – Create crypto ACLs using extended access lists
13.6.7 Configure symmetrical peer crypto ACLs
13.6.8 Purpose of crypto maps
13.6.9 Crypto map parameters
13.6.10 Step 4 – Configure IPSec crypto maps
13.6.11 Example crypto map commands
13.6.12 Step 5 – Apply crypto maps to interfaces
13.6.13 IPSec configuration examples
13.7 Task 4 – Test and Verify IPSec
13.7.1 Task 4 – Test and verify IPSec
13.7.2 The show crypto isakmp policy command
13.7.3 The show crypto ipsec transform-set command
13.7.4 The show crypto ipsec sa command
13.7.5 The show crypto map command
13.7.6 The clear commands
13.7.7 The debug crypto commands
13.7.8 Crypto system error messages for ISAKMP
13.8 Configuring a Site-to-Site IPSec VPN Lab Exercises
 
13.8.1 Configuring a site-to-site IPSec VPN using pre-shared keys
Module Summary

Module Quiz

 
Close Window
All contents copyright © 2003 Cisco Systems, Inc. All rights reserved.