You are here
SEC0022 - Router Remote Access IPSec VPN with Pre-Shared Key and Certificate
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video demonstrates configuration of remote access IPSec VPN with Windows software client on Cisco router. We will look at both simple pre-shared key authentication as well as using client certificate. The client is placed behind a NAT router to demonstrate the significance of NAT Transparency, and compare it to raw IPSec and cTCP (IPSec over TCP). The video finishes off by showing how client can be allowed access to local subnet when a non-split tunnel is used.
Topic includes
- Easy VPN (EZVPN) with Software IPSec Client
- Client Pre-Shared Key and Certificate Authentication
- NAT Transparency (UDP 4500)
- cTCP aka IPSec over TCP
- 'include-local-lan' Option when not using Split Tunnel