Routers as Certificate Authorities

Table of contents:


This chapter showed you the basics of setting up ISAKMP/IKE Phase 1. The defining of the policy statements on a router is straightforward. With three types of device authentication to choose from, pre-shared keys is the simplest to configure but scales the least; certificates are the hardest to implement, but scale the best. And with the ability of a Cisco router to function as a CA, you can deploy certificate services easily using existing equipment.

Next up is Chapter 17, "Router Site-to-Site Connections," where I show you how to configure your router to establish various types of site-to-site sessions with remote peers, covering topics such as static and dynamic crypto maps, the Tunnel Endpoint Discovery (TED) protocol, dynamic multipoint VPNs (DMVPNs), and many others.

Part I: VPNs

Overview of VPNs

VPN Technologies




Part II: Concentrators

Concentrator Product Information

Concentrator Remote Access Connections with IPsec

Concentrator Remote Access Connections with PPTP, L2TP, and WebVPN

Concentrator Site-to-Site Connections

Concentrator Management

Verifying and Troubleshooting Concentrator Connections

Part III: Clients

Cisco VPN Software Client

Windows Software Client

3002 Hardware Client

Part IV: IOS Routers

Router Product Information

Router ISAKMP/IKE Phase 1 Connectivity

Router Site-to-Site Connections

Router Remote Access Connections

Troubleshooting Router Connections

Part V: PIX Firewalls

PIX and ASA Product Information

PIX and ASA Site-to-Site Connections

PIX and ASA Remote Access Connections

Troubleshooting PIX and ASA Connections

Part VI: Case Study

Case Study


The Complete Cisco VPN Configuration Guide
The Complete Cisco VPN Configuration Guide
ISBN: 1587052040
EAN: 2147483647
Year: 2006
Pages: 178
Authors: Richard Deal © 2008-2020.
If you may any questions please contact us: