In this chapter, we will discuss several areas of IPsec virtual private network (VPN) design that commonly present obstacles to successful deployment. We will begin our discussion with a brief overview of the diagnostic tools available within IOS commonly used to diagnose and correct issues with IPsec VPN deployments. After presenting the tools needed to troubleshoot IPsec, we will begin to explore two broad categories of common IPsec VPN issues: configuration and architecture. The IPsec VPN configuration issues we will explore in this chapter include:
Unlike configuration issues, architectural issues do not require a misconfiguration by the administrator. Architectural issues are often introduced by incompatibilities between IPsec and other networking technologies. The architectural IPsec VPN issues we will discuss in this chapter include:
|