IPSec VPN Design [Electronic resources]

IPSec VPN Design

By Vijay Bollapragada, Mohamed Khalid, Scott Wainner

Publisher: Cisco Press

Pub Date: April 07, 2005

ISBN: 1-58705-111-7

Pages: 384

Copyright

About the Authors

About the Technical Editors

Acknowledgments

This Book Is Safari Enabled

Icons Used in This Book

Command Syntax Conventions

Introduction

Chapter 1. Introduction to VPNs

Motivations for Deploying a VPN

VPN Technologies

Summary

Chapter 2. IPSec Overview

Encryption Terminology

IPSec Security Protocols

Key Management and Security Associations

Summary

Chapter 3. Enhanced IPSec Features

IKE Keepalives

Dead Peer Detection

Idle Timeout

Reverse Route Injection

Stateful Failover

IPSec and Fragmentation

GRE and IPSec

IPSec and NAT

Summary

Chapter 4. IPSec Authentication and Authorization Models

Extended Authentication (XAUTH) and Mode Configuration (MODE-CFG)

Mode-Configuration (MODECFG)

Easy VPN (EzVPN)

Digital Certificates for IPSec VPNs

Summary

Chapter 5. IPSec VPN Architectures

IPSec VPN Connection Models

Hub-and-Spoke Architecture

Full-Mesh Architectures

Summary

Chapter 6. Designing Fault-Tolerant IPSec VPNs

Link Fault Tolerance

IPSec Peer Redundancy Using SLB

Intra-Chassis IPSec VPN Services Redundancy

Summary

Chapter 7. Auto-Configuration Architectures for Site-to-Site IPSec VPNs

IPSec Tunnel Endpoint Discovery

Dynamic Multipoint VPN

Summary

Chapter 8. IPSec and Application Interoperability

QoS-Enabled IPSec VPNs

VoIP Application Requirements for IPSec VPN Networks

IPSec VPN Architectural Considerations for VoIP

Multicast over IPSec VPNs

Summary

Chapter 9. Network-Based IPSec VPNs

Fundamentals of Network-Based VPNs

The Network-Based IPSec Solution: IOS Features

Operation of Network-Based IPSec VPNs

Network-Based VPN Deployment Scenarios

Summary