IPsec Remote Access
Now that you have a basic understanding of some of the global tasks you’ll perform no matter what type of remote access sessions will be terminating on your concentrator, the remainder of this chapter will focus on the setup of IPsec remote access sessions. If you recall from Chapter 3, “IPsec,” IPsec is one standard that defines how to protect traffic between devices. It supports site-to-site and remote access connectivity. For remote access sessions, the following steps are performed to build a tunnel:
1. | Negotiate the ISAKMP/IKE Phase 1 transform set.
|
2. | Perform Diffie-Hellman (DH) to come up with the shared secret key, and use this to encrypt the encryption key and HMAC function key to share between the peers.
|
3. | Perform ... |
Get The Complete Cisco VPN Configuration Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
