ccna chapter 15 by jetarvind kumar madhukar

Release 16/07/2009 Jetking Infotrain Ltd.

VPN (IPSec and SSL)

Chapter 15


Chapter Objectives

Explain VPN Fundamentals Explain Cisco IOS IPSec Explain IPSec VPN Explain SSL VPN Explain VPN configuration


VPN Fundamentals - I

The different security features of VPN are: Privacy Authentication Data Integrity Anti-replay


VPN Fundamentals - II

VPN can be implemented by connecting devices that include hardware and software to recognize the security features and protocols of VPN at each site. These devices include: Routers Adaptive Security Appliances (ASA) PIX Firewalls VPN Concentrators VPN Client


Types of Virtual Private Networks

Types of VPN


Tunneling Protocols VPN creates a tunnel between two devices connected to

the Internet to allow secure communication. The following protocols are used to create a tunnel:

Layer 2 Forwarding (L2F) Point-to-point Tunneling protocol (PPTP) Layer 2 Tunneling Protocol (L2TP) Generic Routing Encapsulation (GRE)


IPSec VPNs IP Security is an architecture that provides security

services for IP networks. It defines authentication and encryption functions that can

be used over the IP networks. It allows you to use different protocol options for the VPN

features. It allows you to change the architecture as the security

protocols are improved over time.


Case Study I

The Blue Diamond steel company has 3000 employees, 200 remote sites and multiple partners and suppliers destined at different locations. It needs to create an Intranet VPN to connect its remote sites and Extranet VPN to connect to its partners and suppliers over the Internet. Additionally, the company provides laptops to the some employees to work from home. The company needs to create a remote access VPN so that the employees can access the enterprise network with their laptops over the Internet.


Problem

Implementation of such a huge network is tedious.


Suggested Solution

The Cisco Easy VPN server can be implemented at the

central site (headquarters) of the company.


Secure Socket Layer (SSL) VPNs

Web browsers use HTTP to connect to the Web server and SSL protocol to communicate securely.

The implementation of SSL depends on the Web servers.

The Web VPN is implemented to secure the connection between user and Web VPN server using SSL protocol.


Web VPN using SSL


Configuring VPN

VPN can be configured to enable or disable a VPN tunnel and authenticate a VPN tunnel.

The authentication can be configured either using host name, local name or L2TP tunnel password.

The dial-in and dial-out VPNs of an enterprise network can be configured if the need arises.


Summary - I VPN (Virtual Private Network) uses a public network i.e.

Internet to connect remote sites or users together. VPN provides the following security features:

Privacy Authentication Data Integrity Anti-replay


Summary-II Devices that can be used for creating a VPN tunnel are:

Routers Adaptive Security Appliances (ASA) PIX Firewalls VPN Concentrators VPN Clients

The benefits of using Internet-based VPN are low cost, secure communication and availability of internet connection everywhere.


Summary - III VPNs are of the following types:

Intranet VPN Extranet VPN Access VPN

The various tunneling protocols used by VPN are: L2F PPTP L2TP GRE


Summary - IV

Cisco IOS IPSec provides services, such as data encryption, security, verification, and anti-replay.

IPSec encryption process uses a pair of algorithms to encrypt and decrypt the data.

Authentication is a process in which a receiving VPN device verifies that the received packet is sent by an authorized VPN device.


Summary - V

Message Integrity is a process in which a receiving VPN device verifies that the data packet is not changed while transmission.

SSL is a protocol used by a Web browser to forward sensitive information.

ccna chapter 15 by jetarvind kumar madhukar

Education

vpn vpn

vpn tunnel

vpn ipsec

protocols of vpn

protocols vpn

vpn fundamentals

vpn features

extranet vpn