Building IPSec VPNs Using Cisco Routers

Overview/Description
To list the steps to configure IPSec encryption on Cisco routers and to create an IKE and IPSec security policy, and to identify the commands used in its configuration

Target Audience
Network engineers responsible for configuring, implementing, troubleshooting, and managing Cisco network access servers (NAS), perimeter routers, and virtual private network (VPN) remote access networks; network architects responsible for designing Cisco network access servers (NAS), perimeter routers, and virtual private network (VPN) remote access networks; CCNP candidates; CCIE candidates

Prerequisites
A knowledge of general networking terms and concepts; experience in general Cisco router operation and configuration; a knowledge of data networking equivalent to that of a Cisco Certified Network Associate (CCNA); a basic knowledge of Windows operating system; familiarity with the networking and security terms and concepts (the concepts are learned in prerequisite training or by reading industry publications); experience working in a network environment is recommended

Expected Duration
180 Minutes

Objectives:

Building IPSec VPNs Using Cisco Routers

  • identify the steps to create an IKE and IPSec security policy and define the process for determining the IKE Phase 1 policy and its parameters.
  • determine IPSec policy, and identify the commands necessary to ensure that the network and access lists work.
  • list the steps and identify the commands required to configure IKE.
  • identify the steps and commands used to create an IKE and an IPSec security policy.
  • list the steps to configure IPSec encryption on Cisco routers and identify the commands to configure transform set suites, access lists, and global IPSec SA lifetimes.
  • identify the purpose of crypto maps and the commands used to configure and apply them.
  • list and use the commands for testing and verifying IPSec.
  • configure, test, and verify IPSec on a Cisco router.
  • distinguish between the commands used to manually configure IPSec session keys and IPSec for RSA encrypted nonces.


    • Course Number: 130682_eng