O'Reilly logo

CCIE Practical Studies: Security (CCIE Self-Study) by Raymond Morrow, Andrew G. Mason, Dmitry Bokotey

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Certificate Authority (CA) Support

Now that you have covered the configuration steps and troubleshooting of a simple IOS-to-IOS and PIX-to-PIX VPN using preshared keys, this section moves on to using the same configurations to introduce the use of a CA. IKE phase 1 can be carried out using either preshared keys or a CA. In the previous sections, you configured IKE phase 1 using preshared keys. In this section, you will look at using a CA and RSA certificates to implement IKE phase 1.

In this section, you will follow a setup similar to what you might find in the CCIE Security lab exam. This setup involves using Microsoft 2000 CA Server with Simple Certificate Enrollment Protocol (SCEP) enabled. You will learn about a simple IOS-to-IOS VPN and ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required