© 2006 Cisco Systems, Inc. All rights reserved.SND v2.06-1 Building Cisco IPsec VPNs Building Remote Access VPNs.

Презентация:



Advertisements
Похожие презентации
© 2006 Cisco Systems, Inc. All rights reserved.ISCW v IPsec VPNs Configuring Cisco Easy VPN and Easy VPN Server Using SDM.
Advertisements

© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lesson 11 Configure the Cisco Virtual Private Network 3002 Hardware Client for Unit and.
© 2006 Cisco Systems, Inc. All rights reserved. SND v Building IPsec VPNs Module Self-Check.
© 2006 Cisco Systems, Inc. All rights reserved.ISCW v IPsec VPNs Configuring IPsec Site-to-Site VPN Using SDM.
© 2006 Cisco Systems, Inc. All rights reserved. SND v Securing Networks with Cisco IOS IPS Configuring Cisco IOS IPS.
© 2006 Cisco Systems, Inc. All rights reserved. SND v Module Summary An IPsec VPN is a collection of protocols that help you to hook up your company.
© 2006 Cisco Systems, Inc. All rights reserved.ISCW v IPsec VPNs Site-to-Site IPsec VPN Operation.
© 2006 Cisco Systems, Inc. All rights reserved.ISCW v Module Summary The IKE protocol is a key management protocol standard used in conjunction with.
© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lesson 10 Configure the Cisco VPN 3002 Hardware Client for Remote Access Using Pre-Shared.
© 2006 Cisco Systems, Inc. All rights reserved. SND v Configuring a Cisco IOS Firewall Configuring a Cisco IOS Firewall with the Cisco SDM Wizard.
Designing Security Services © 2004 Cisco Systems, Inc. All rights reserved. Implementing Network Security Using the SAFE Security Blueprints ARCH v
© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lesson 14 Configuring the Cisco Virtual Private Network 3000 Series Concentrator for IPSec.
© 2006 Cisco Systems, Inc. All rights reserved.ISCW v IPsec VPNs Implementing the Cisco VPN Client.
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v Secured Connectivity Examining Cisco IOS VPNs.
© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lesson 15 Configure the Cisco Virtual Private Network 3000 Series Concentrator for LAN-to-LAN.
© 2006 Cisco Systems, Inc. All rights reserved.SND v Module Summary Routers play an important role in ensuring that network perimeters are secure;
© 2005 Cisco Systems, Inc. All rights reserved.INTRO v Managing Your Network Environment Managing Cisco Devices.
© 2006 Cisco Systems, Inc. All rights reserved.SND v Securing the Perimeter Introducing Cisco SDM.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Complex MPLS VPNs Introducing Managed CE Router Service.
© 2003, Cisco Systems, Inc. All rights reserved. CSVPN Lesson 7 Configure the Cisco VPN Firewall Feature for IPSec Software Client.
Транксрипт:

© 2006 Cisco Systems, Inc. All rights reserved.SND v Building Cisco IPsec VPNs Building Remote Access VPNs

© 2006 Cisco Systems, Inc. All rights reserved.SND v Outline Overview Cisco Easy VPN Configuring Cisco Easy VPN Server Managing Cisco Easy VPN Server Connections Configuring Cisco Easy VPN Remote Summary

© 2006 Cisco Systems, Inc. All rights reserved.SND v Cisco Easy VPN Components Cisco Easy VPN Server enables Cisco IOS routers, Cisco PIX Security Appliances, and Cisco VPN 3000 Series Concentrators to act as VPN headend devices in site-to-site or remote-access VPNs. In this configuration, remote office devices use the Cisco Easy VPN Remote feature. Cisco Easy VPN Remote enables Cisco IOS routers, Cisco PIX Security Appliances, and Cisco VPN 3002 Hardware Clients or software clients to act as remote VPN clients.

© 2006 Cisco Systems, Inc. All rights reserved.SND v Remote Access Using Cisco Easy VPN PC with Cisco Easy VPN Remote Client 4. x Cisco 800 Series Router Cisco uBR 900 Series Cable Access Router Cisco 1700 Series Integrated Services Router Cisco VPN 3002 Hardware Client Cisco PIX 501 Security Appliance Cisco IOS Release 12.3(11)T (or later) Easy VPN Server

© 2006 Cisco Systems, Inc. All rights reserved.SND v Cisco Easy VPN Remote Connection Process 1. Device authentication via ISAKMP 2. User authentication using IKE XAUTH 3. VPN policy push (using mode configuration) 4. IPsec Security Association creation

© 2006 Cisco Systems, Inc. All rights reserved.SND v Cisco Easy VPN Server Configuration Tasks for the Cisco Easy VPN Server Wizard The Cisco Easy VPN Server Wizard includes these tasks: Choosing the interface on which to terminate IPsec IKE policies Group policy lookup method User authentication Local group policies IPsec transform set

© 2006 Cisco Systems, Inc. All rights reserved.SND v Starting the Cisco Easy VPN Server Wizard 1 2

© 2006 Cisco Systems, Inc. All rights reserved.SND v Choosing an Interface for Terminating IPsec 3

© 2006 Cisco Systems, Inc. All rights reserved.SND v Configuring IKE Policies 4

© 2006 Cisco Systems, Inc. All rights reserved.SND v Configuring IPsec Transform Sets 5

© 2006 Cisco Systems, Inc. All rights reserved.SND v Configuring a Group Policy Configuration Location: Local Router Configuration 6a

© 2006 Cisco Systems, Inc. All rights reserved.SND v Configuring a Group Policy Configuration Location: External Location via RADIUS i iiiii 6b

© 2006 Cisco Systems, Inc. All rights reserved.SND v Configuring a Local User Database: User Authentication i ii 7a

© 2006 Cisco Systems, Inc. All rights reserved.SND v Configuring Local Group Policies 8

© 2006 Cisco Systems, Inc. All rights reserved.SND v Configuring Local Group Policy Parameters

© 2006 Cisco Systems, Inc. All rights reserved.SND v Confirming Configuration Settings

© 2006 Cisco Systems, Inc. All rights reserved.SND v Testing the Cisco Easy VPN Server Configuration 1 2 3

© 2006 Cisco Systems, Inc. All rights reserved.SND v Managing Cisco Easy VPN Server Connections

© 2006 Cisco Systems, Inc. All rights reserved.SND v Managing Cisco Easy VPN Server Connections (Cont.) Add Easy VPN ServerEdit Easy VPN Server

© 2006 Cisco Systems, Inc. All rights reserved.SND v Editing, Cloning, or Deleting Group Policies

© 2006 Cisco Systems, Inc. All rights reserved.SND v Creating or Editing a Local Pool for IP Addresses

© 2006 Cisco Systems, Inc. All rights reserved.SND v Cisco VPN Client Software

© 2006 Cisco Systems, Inc. All rights reserved.SND v Configuring Cisco Easy VPN Remote

© 2006 Cisco Systems, Inc. All rights reserved.SND v Managing Cisco Easy VPN Remote Connections

© 2006 Cisco Systems, Inc. All rights reserved.SND v Summary Cisco Easy VPN consists of two components: Cisco Easy VPN Server and Cisco Easy VPN Remote. The Cisco Easy VPN Server Wizard easily configures the Cisco SDM Easy VPN Server. The Cisco SDM GUI manages Cisco Easy VPN Server connections. The Cisco Easy VPN Remote Wizard easily configures Cisco SDM Easy VPN Remote.

© 2006 Cisco Systems, Inc. All rights reserved.SND v