Archive for 'VPN' Category
The configuration of Cisco remote-access VPN (Easy VPN)
The general flowchart of the configuration:
Configuration:
version 12.3
hostname 26_2
!
enable secret 5 $1$nGGG$pyIANu7.xaKKQXVPqq.Dh1
!
! Define the local database
username cisco password 0 cisco
...
The configuration of DMVPN
HUB Router Configuration
r1#sh ru
hostname r1
!
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
crypto isakmp key cisco1234 address 0.0.0.0 0.0.0.0
!
crypto ipsec transform...
Remote Access VPN with PIX(PPTP)
The basic interface configuration:
pix(config)#interface eth0 auto
pix(config)#interface eth1 auto
pix(config)#nameif eth0 outside security0
pix(config)#nameif eth1 inside security100
pix(config)#ip address outside 218.1....
Redundancy VPN
ã€Lab Topology】
ã€Lab Object】
Technical characteristics:
1. Achieve VPN redundance by using Cisco HSRP technology.
2. Be able to achieve VPN rapid switching.
3. The connected client is transparent...
DMVPN
ã€Lab Topology】
ã€Lab Object】
Technical characteristics:
1. Cisco provides a VPN resolution between multiple sites.
2. For common VPN, a client site communicates with other sites through central site or...
Exploring GET VPN Technologies
As you learned in the previous blog that introduced the GET VPN solution, a major facet of this exciting technology is the Group Domain of Interpretation (GDOI) as outlined in RFC 3547. This technology is such a pivotal component of GET VPN because it...
DMVPN Phase 3
In this post we are going to speak mainly of NHRP. The other important part of DMVPN - IPsec - is relatively the same, and did not change with introduction of NHRP Phase 3. To begin with, let’s quickly recall the core features of NHRP Phase 1 &...
DMVPN Explained
DMVPN stands for Dynamic Multipoint VPN and it is an effective solution for dynamic secure overlay networks. In short, DMVPN is combination of the following technologies:
1) Multipoint GRE (mGRE)
2) Next-Hop Resolution Protocol (NHRP)
VPLS
Let’s say you get a bunch of inexpensive (but a bit outdated) routers (36XX or 72Xx) and some really nice (maybe not so cheap) Cisco switches (e.g. 3550/3560) and you would like to provide a VPLS-like service to your customers. Since VPLS is a ...
Easy VPN Combined with VRF Lite
Although the CCIE Security lab still has old IOS 12.2T installed on all routers, it`s more convenient to discuss ezVPN technology using the approach prompted by recent IOS releases. Specifically, for our purposes we will utilize the feature known as V...