1. Home
  2. Networking
  3. CCSP Cisco Certified Security Professional Certification

Chapter 14: Cisco VPN 3000 Remote Access Networks

Chapter 14: Cisco VPN 3000 Remote Access Networks

Overview

In this chapter, you will learn to:

  • Describe VPN Concentrator user interfaces and startup

  • Discuss VPN Concentrators in IPSec VPN implementations

  • Configure VPN remote access with preshared keys

  • Configure VPN remote access with digital certificates

  • Configure VPN users and groups

  • Configure Cisco VPN 3000 client support

  • Configure the Cisco VPN client autoinitiation feature

  • Monitor and administer Cisco VPN 3000 remote access networks

This chapter introduces working with the Cisco VPN 3000 Concentrators for basic operations, as well as for advanced features and options. The 3000 series devices were introduced and described in Chapter 13. That information won’t be repeated here, but the features introduced are explored and the configuration steps defined.

The VPN 3000 devices, the concentrator series, and the remote client device all support the following three main activities:

  • Configuration

  • Administration

  • Monitoring

This chapter looks at all three activities on the 3000 series Concentrators.

Basic VPN concepts, such as preshared keys and using Certificate Authorities to implement digital certificates, were covered in Chapters 9 through 11. While the features are configured in this chapter, the underlying technologies aren’t addressed beyond an explanation for the processes being discussed. The menu-driven and web-based interfaces used with the VPN 3000 devices change the implementation steps, but three primary tasks are still used to ensure a successful installation:

  1. Prepare for IKE and IPSec

  2. Configure the features

  3. Verify and monitor configuration

The VPN Concentrator creates a virtual private network (VPN) by creating a secure connection across a public Transmission Control Protocol/Internet Protocol (TCP/IP) network, such as the Internet. It can create single user to local area network (LAN) (remote user) connections and LAN-to-LAN connections.

The VPN Concentrator functions as a bidirectional tunnel endpoint using various standard protocols to perform the following tasks:

  • Establish tunnels

  • Negotiate tunnel parameters

  • Authenticate users

  • Assign user addresses

  • Encrypt and decrypt data

  • Manage security keys

  • Manage data transfer across the tunnel

Network configurations and VPN placement can vary widely. Chapter 27 introduces the Cisco SAFE strategy and how VPN devices fit into the secure network design. The VPN Concentrator is a flexible and functional device that can satisfy most applications. This chapter discusses configuring the VPN 3000 Series Concentrator to support VPN remote access implications. Chapter 15 reviews the VPN 3002 remote access client device. Chapter 16 covers the VPN Series Concentrator to support VPN LAN-to-LAN networks.




BackCover
CCSP - Cisco Certified Security Professional Certification All-in-One Exam Guide
Introduction
Part I: Introduction to Network Security
Part II: Securing the Network Perimeter
Part III: Virtual Private Networks (VPNs)
Chapter 9: Cisco IOS IPSec Introduction
Chapter 10: Cisco IOS IPSec for Preshared Keys
Chapter 11: Cisco IOS IPSec Certificate Authority Support
Chapter 12: Cisco IOS Remote Access Using Cisco Easy VPN
Chapter 13: Cisco VPN Hardware Overview
Chapter 14: Cisco VPN 3000 Remote Access Networks
VPN Concentrator User Interfaces and Startup
VPN Concentrators in IPSec VPN Implementations
Remote Access VPNs with Preshared Keys
Digital Certificates
Configure Cisco VPN Client Support
VPN Client Autoinitiation Feature
Administer and Monitor Remote Access Networks
Chapter Review
Chapter 15: Configuring Cisco VPN 3002 Remote Clients
Chapter 16: Cisco VPN 3000 LAN-to-LAN Networks
Part IV: PIX Firewalls
Part V: Intrusion Detection Systems (IDS)
Part VI: Cisco SAFE Implementation
Appendix A: Access Control Lists
Appendix B: About the CD
List of Figures
List of Tables
List of Sidebars