1. Home
  2. Networking
  3. CCSP Cisco Certified Security Professional Certification

Easy VPN Server Configuration Tasks

Easy VPN Server Configuration Tasks

The specific commands to configure the Easy VPN Server features vary, depending on the hardware platform. Other command options, such as the Auto Upgrade feature, apply to VPN Hardware Client devices only. Examples of the type of configuration tasks that need to be implemented on the VPN Server to support Easy VPN Clients include the following. The first three are required, while all others are optional.

  • Enabling Policy Lookup via AAA (required)

  • Defining Group Policy Information for Mode Configuration Push (required)

  • Applying Mode Configuration and Xauth (required)

  • Enabling Reverse Route Injection for the Client (optional)

  • Enabling IKE Dead Peer Detection (optional)

  • Configuring RADIUS Server Support (optional)

  • Verifying Easy VPN Server (optional)

In addition, the Easy VPN Server feature enables Cisco IOS routers to push new and/or enhanced VPN policy parameters to any remote access Easy VPN client (hardware or software). This feature adds support for the following functions:

  • Mode Configuration Version 6 Support—based on an IETF draft submission.

  • Xauth Version 6 Support—based on an IETF draft submission.

  • IKE Dead Peer Detection (DPD) —a new keepalive scheme.

  • Split Tunneling Control—enables clients to have intranet and Internet access at the same time, without requiring Internet access to use the VPN tunnel.

  • Initial Contact—to facilitate reestablishing lost connections.

  • Group-Based Policy Control—Policy attributes, such as IP addresses, DNS, and split tunnel access can be enabled on a per-group or per-user basis.




BackCover
CCSP - Cisco Certified Security Professional Certification All-in-One Exam Guide
Introduction
Part I: Introduction to Network Security
Part II: Securing the Network Perimeter
Part III: Virtual Private Networks (VPNs)
Chapter 9: Cisco IOS IPSec Introduction
Chapter 10: Cisco IOS IPSec for Preshared Keys
Chapter 11: Cisco IOS IPSec Certificate Authority Support
Chapter 12: Cisco IOS Remote Access Using Cisco Easy VPN
Introduction to Cisco Easy VPN
Cisco Easy VPN Server
Cisco Easy VPN Remote
Cisco VPN 3.6 Client
Easy VPN Server Configuration Tasks
Preconfiguring the Cisco VPN 3.6 Client
Management Center for VPN Routers
Easy VPN Remote Phase Two
Cisco VPN Firewall Feature for VPN Client
Chapter Review
Chapter 13: Cisco VPN Hardware Overview
Chapter 14: Cisco VPN 3000 Remote Access Networks
Chapter 15: Configuring Cisco VPN 3002 Remote Clients
Chapter 16: Cisco VPN 3000 LAN-to-LAN Networks
Part IV: PIX Firewalls
Part V: Intrusion Detection Systems (IDS)
Part VI: Cisco SAFE Implementation
Appendix A: Access Control Lists
Appendix B: About the CD
List of Figures
List of Tables
List of Sidebars