Is it just me or is VPN/IPSEC techn

[ChrisAC]

Is it just me or is VPN/IPSEC technology really complicated?? CA's, SA's, public key cryptography, digital certificates, IKE etc... My head's in pieces!!

Is there an easy way round this or can any recommend a good course for all this stuff?

Cheers

Chris.
************************
Chris Andrew, CCNA
chrisac@gmx.co.uk
************************

 

[sobak]

Chris,

I thought the same way until I was forced to learn it by doing. A good reference that I use all the time is a book called.....

Implementing Cisco VPNs

It's distributed by McGraw Hill and is written by Adam Quiggle. The book has become my reference to all my Companies VPN's (since I am the only one to configure them) I used it to configure our IPSEC GRE Tunnels as well as our VPDN. Take a look at it at your local bookstore; it might help you make sense of it all.

When I first started my position here they had one VPN using Novell's Bordermanager software. When the server went down (which was all the time) they dropped the VPN. Today we run Five VPN's and a Corporate VPDN for all our mobile users and I configured everything. Thanks to this book and Tek-tips, I now have become indispensable to my company.

Hope this helps you out on your quest....

david e
*end users are just like computers, some you can work with...others just need a simple reBOOTing to fix their problems.*

 

[ChrisAC]

David, you are a star! I will make sure that we order that book this week!

Thanks for that top tip!

Chris.
************************
Chris Andrew, CCNA
chrisac@gmx.co.uk
************************

 

[sobak]

That's what Tek-tips is for.... I really love this forum, don't know what I would do without it....

You shouldn't have any problems with this book, since you are already a CCNA it's written in that language. It's easy to understand and really steps you through a configuration....Let me know how it goes for you...

david e
*end users are just like computers, some you can work with...others just need a simple reBOOTing to fix their problems.*

 

[ChrisAC]

Yeah .. shouldn't be a problem! I've already got Cisco Network Security by James Pike which is quite good.

The reason that I'm doing this is because we're supposed to be doing PIX firewall installs later this year. We already do Firewall-1 but we have a FW-1 guru already and it seems that I'm the main Cisco guy in the group. I'm fine at installing PIX's but most of our customers require VPN access for remote users. On FW-1 we use Secure Remote but I'm not really sure what the Cisco route is.

With the books, Cisco.com and all you cool folks on Tek-Tips I'm sure that I'll figure it out!

Cheers!

Chris.
************************
Chris Andrew, CCNA
chrisac@gmx.co.uk
************************

 

[awillcox]

I found an EXCELLENT white paper (from a college!) out there explaining, in lurid detail, the differences between PPTP, L2TP, and IPSec. We had engineer here who INSISTED that IPSec used CHAP. This paper straightened that issue out.

I don't know if it's still available, but here's the URL:

http://ece.gmu.edu/courses/ECE543/reportsF01/arveal.pdf

-- Alan