You are here
SEC0021 - Router EZVPN with Cisco Tunneling Control Protocol (cTCP)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video shows you how to enable Cisco Tunneling Control Protocol, also known as, IPSec over TCP, on Cisco router Easy VPN (EZVPN) connection. cTCP can potentially be a solution when you need to establish a VPN through a device or network that does not support ESP protocol. TCP encapsulation makes IPSec traffic NAT-friendly at the cost of additional overhead of TCP header. In this lab, we will simulate an unsupported network using ACL to block ESP and shows how cTCP provides a workaround.
Topic includes
- EZVPN with cTCP (aka IPSec over TCP)
About Author
Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.