• IPsec Virtual Private Network Fundamentals
  • Table of Contents
  • Copyright
  • About the Author
  • About the Technical Reviewers
  • Acknowledgmentst
  • Command Syntax Conventions
  • Introduction
    • Methodology
    • Who Should Read This Book?
    • How This Book Is Organized
  • Part I: Introductory Concepts and Configuration/Troubleshooting
    • Chapter 1. Introduction to VPN Technologies
      • VPN Overview of Common Terms
      • Characteristics of an Effective VPN
      • VPN Technologies
      • Common VPN Deployments
      • Business Drivers for VPNs
      • IPsec VPNs and the Cisco Security Framework
      • Summary
    • Chapter 2. IPsec Fundamentals
      • Overview of Cryptographic Components
      • Public Key Encryption Methods
      • The IP Security Protocol (IPsec)
      • IKE and ISAKMP
      • Summary
    • Chapter 3. Basic IPsec VPN Topologies and Configurations
      • Site-to-Site IPsec VPN Deployments
      • Site-to-Site IPsec VPN Deployments and GRE (IPsec+GRE)
      • Hub-and-Spoke IPsec VPN Deployments
      • Remote Access VPN Deployments
      • Summary
    • Chapter 4. Common IPsec VPN Issues
      • IPsec Diagnostic Tools within Cisco IOS
      • Common Configuration Issues with IPsec VPNs
      • Architectural and Design Issues with IPsec VPNs
      • Summary
  • Part II: Designing VPN Architectures
    • Chapter 5. Designing for High Availability
      • Network and Path Redundancy
      • IPSec Tunnel Termination Redundancy
      • Managing Peer and Path Availability
      • Managing Path Symmetry
      • Load Balancing, Load Sharing, and High Availability
      • Summary
    • Chapter 6. Solutions for Local Site-to-Site High Availability
      • Using Multiple Crypto Interfaces for High Availability
      • Stateless IPsec VPN High-Availability Alternatives
      • Stateful IPsec VPN High-Availability Alternatives
      • Summary
    • Chapter 7. Solutions for Geographic Site-to-Site High Availability
      • Geographic IPsec VPN HA with Reverse Route Injection and Multiple IPsec Peers
      • Geographic IPsec VPN High Availability with IPsec+GRE and Encrypted Routing Protocols
      • Dynamic Multipoint Virtual Private Networks
      • Summary
    • Chapter 8. Handling Vendor Interoperability with High Availability
      • Vendor Interoperability Impact on Peer Availability
      • Vendor Interoperability Impact on Path Availability
      • Vendor Interoperability Design Considerations and Options
      • Summary
    • Chapter 9. Solutions for Remote-Access VPN High Availability
      • IPsec RAVPN Concentrator High Availability Using Virtual Interfaces for Tunnel Termination
      • IPsec RAVPN Concentrator HA Using the VCA Protocol
      • IPsec RAVPN Geographic HA Design Options
      • Summary
    • Chapter 10. Further Architectural Options for IPsec
      • IPsec VPN Termination On-a-Stick
      • In-Path Versus Out-of-Path Encryption with IPsec
      • Separate Termination of IPsec and GRE (GRE-Offload)
      • Summary
  • Part III: Advanced Topics
    • Chapter 11. Public Key Infrastructure and IPsec VPNs
      • PKI Background
      • PKI Components
      • Life of a Public Key Certificate
      • PKI and the IPSec Protocol SuiteWhere PKI Fits into the IPSec model
      • OCSP and CRL Scalability
      • Case Studies and Sample Configurations
      • Summary
    • Chapter 12. Solutions for Handling Dynamically Addressed Peers
      • Dynamic Crypto Maps
      • Tunnel Endpoint Discovery
      • Case StudyUsing Dynamic Addressing with Low-Maintenance Small Home Office Deployments
      • Summary
  • Appendix A. Resources
    • Books
    • RFCs
    • Web and Other Resources
  • Index
    • SYMBOL
    • A
    • B
    • C
    • D
    • E
    • F
    • G
    • H
    • I
    • K
    • L
    • M
    • N
    • O
    • P
    • Q
    • R
    • S
    • T
    • U
    • V
    • W
    • X