You are here
SEC0024 - L2L IPSec IKEv1 with Certificate on Router and ASA
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video walks you through configuring site-to-site (L2L) IPSec VPN tunnel between Cisco router and ASA firewall using certificate authentication. You will see that choosing the type of identity to send and match becomes very important as the certificate does not get exchanged until later in Phase 1 negotiation. Using aggressive mode allows the device identity contained in the certificate to be revealed sooner but at a risk of identity exposure. Aggressive mode will also be reviewed in this video.
Topic includes
- L2L IPSec VPN between Router and ASA
- Understanding the use of aggressive mode
Tag:
About Author
Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.