Scribd Logo
Upload

Welcome to Scribd!

  • 6 views

    SECS04L02 - Examining Cisco IOS VPNs

    Uploaded by

    Khoa Huynh Dang

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd

    SECS04L02 - Examining Cisco IOS VPNs

    Uploaded by

    Khoa Huynh Dang
    6 views11 pages

    Original Title

    SECS04L02_Examining Cisco IOS VPNs

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Download as pptx, pdf, or txt
    6 views11 pages

    SECS04L02 - Examining Cisco IOS VPNs

    Uploaded by

    Khoa Huynh Dang

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Download as pptx, pdf, or txt
    of 11

    Secured

    Connectivity

    Examining Cisco IOS VPNs

    © 2007 Cisco Systems, Inc. All rights reserved. SNRS v2.0—4-1


    IPsec VPN Deployment

     Site-to-site VPNs
    – Fully meshed (static)
    – Hub (static) and spoke (dynamic)
    – Fully meshed on demand (dynamic)
    – DMVPN
     Remote-access VPNs
    – Cisco Easy VPN
    – WebVPN (Cisco IOS SSL VPN)

    © 2007 Cisco Systems, Inc. All rights reserved. SNRS v2.0—4-2


    Virtual Private Networks
    Branch Offices
    Site-to-Site
    VPNs

    T1 ATM
    Cisco IOS
    Extranet Router

    Frame
    Partner Relay Headquarters

    DSL/
    Cable

    Remote-
    Access VPNs

    Telecommuters Workplace Resources

    © 2007 Cisco Systems, Inc. All rights reserved. SNRS v2.0—4-3


    Fully Meshed VPNs
     There are static public
    Static IP
    addresses between peers. Addresses
     Local LAN addresses can
    be private or public.

    IPsec Tunnel

    © 2007 Cisco Systems, Inc. All rights reserved. SNRS v2.0—4-4


    Hub-and-Spoke VPNs
    Static IP
    Addresses

     Static public address


    needed at the hub only.
     Spoke addresses can be
    dynamically applied using
    DHCP.

    Dynamic IP Addresses

    IPsec Tunnel

    © 2007 Cisco Systems, Inc. All rights reserved. SNRS v2.0—4-5


    Dynamic Multipoint VPNs
     Local LAN addresses can be private.

    Static IP
    Addresses

    Dynamic IP Addresses

    Dynamic Spoke-to-Spoke
    IPsec Tunnels IPsec Tunnel

    © 2007 Cisco Systems, Inc. All rights reserved. SNRS v2.0—4-6


    Cisco Easy VPN
     Cisco Unity is the common VPN language
    between Cisco devices.

    Cisco IOS
    Router and
    Internet Easy VPN
    Server

    Headquarters

    Home Office

    Easy VPN
    Clients
    Remote Office Workplace
    Resources
    © 2007 Cisco Systems, Inc. All rights reserved. SNRS v2.0—4-7
    Cisco IOS WebVPN
     Integrated security and routing
     Clientless and full network SSL VPN access

    WebVPN
    Internet

    Headquarters

    SSL VPN
    Tunnel

    Workplace Resources

    © 2007 Cisco Systems, Inc. All rights reserved. SNRS v2.0—4-8


    Summary

     An IPsec VPN is a VPN deployed on a shared infrastructure using


    IPsec encryption technology.
     For any-to-any connectivity, a full mesh of tunnels is required to
    provide a path between all of the sites.
     In a hub-and-spoke network configurations, the spoke sites
    connect with IPsec tunnels to a hub site to establish connectivity
    to the network.

    © 2007 Cisco Systems, Inc. All rights reserved. SNRS v2.0—4-9


    Summary (Cont.)

     DMVPNs provide for a combination of static and dynamic


    on-demand tunnels.
     Cisco Easy VPN makes it easier than ever to deploy VPNs as
    part of small and medium businesses or large enterprise
    networks.
     Cisco IOS SSL-based VPN (WebVPN) is an emerging technology
    that provides remote-access connectivity from almost any
    Internet-enabled location using a web browser and its native SSL
    encryption.

    © 2007 Cisco Systems, Inc. All rights reserved. SNRS v2.0—4-10


    © 2007 Cisco Systems, Inc. All rights reserved. SNRS v2.0—4-11

    You might also like