In this lab guide I will be showing you how to configure a Cisco IOS VTI VPN using the following requirements:
-IPsec LAN-LAN VPN tunnel.
-Virtual tunnel interface (VTI)
-Strongest cryptographic algorithms available.
-IKE v2
-AES 256
-SHA 512
-DH group 24
-Pre-shared keys
-OSPF over the VTI tunnel.
I will be using the IOS CLI and not the security device manager (SDM) in this book as it is easier to use and more powerful. The SDM is very useful for management after the IOS router has been configured.
The IOS router will be based upon a 7200VXR with version 15.2 but a lot of the configuration will work on previous versions of the code and on other platforms.
Author
Grant Wilson is the author of the “Cisco Pocket Lab Guides” series of books. He is CCIE security #26667 and currently works for a major IT out sourcing company as a network architect. He spent 15 years of his IT career as a Cisco trainer (CCSI) teaching many Cisco certified classes. He lives near Oxford in England with his wife and three children.
Grant runs a website which is in his kitchen and is protected by an IOS firewall, ASA firewall, IOS IPS and an IPS sensor.
He holds the following certifications:
-CCIE - Security (Cisco) - #26667
-CCSI (Cisco) - #23077
-CCSP (Cisco)
-CCNP (Cisco)
-JNCIS Security (Juniper)
-JNCIA (Juniper)
-CCSA (Checkpoint)
-CCNA (Cisco)
-CCDA (Cisco)
-MCSE (Microsoft)
-MCT (Microsoft)
-Cisco Firewall Specialist
-Cisco Content Networking Specialist
-Cisco Network Management Specialist
-Ironport certified trainer
-Cisco Borderless Networks R and S Support Specialist
-Bsc Electrical and electronic engineering
-MA Digital Music Technology
-IPsec LAN-LAN VPN tunnel.
-Virtual tunnel interface (VTI)
-Strongest cryptographic algorithms available.
-IKE v2
-AES 256
-SHA 512
-DH group 24
-Pre-shared keys
-OSPF over the VTI tunnel.
I will be using the IOS CLI and not the security device manager (SDM) in this book as it is easier to use and more powerful. The SDM is very useful for management after the IOS router has been configured.
The IOS router will be based upon a 7200VXR with version 15.2 but a lot of the configuration will work on previous versions of the code and on other platforms.
Author
Grant Wilson is the author of the “Cisco Pocket Lab Guides” series of books. He is CCIE security #26667 and currently works for a major IT out sourcing company as a network architect. He spent 15 years of his IT career as a Cisco trainer (CCSI) teaching many Cisco certified classes. He lives near Oxford in England with his wife and three children.
Grant runs a website which is in his kitchen and is protected by an IOS firewall, ASA firewall, IOS IPS and an IPS sensor.
He holds the following certifications:
-CCIE - Security (Cisco) - #26667
-CCSI (Cisco) - #23077
-CCSP (Cisco)
-CCNP (Cisco)
-JNCIS Security (Juniper)
-JNCIA (Juniper)
-CCSA (Checkpoint)
-CCNA (Cisco)
-CCDA (Cisco)
-MCSE (Microsoft)
-MCT (Microsoft)
-Cisco Firewall Specialist
-Cisco Content Networking Specialist
-Cisco Network Management Specialist
-Ironport certified trainer
-Cisco Borderless Networks R and S Support Specialist
-Bsc Electrical and electronic engineering
-MA Digital Music Technology
