IPSec Virtual Private Network Fundamentals

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [V] [W] [X]

sample IPsec+GRE model configurations,

SAs (security associations)

     IPsec tunnel security parameters 2nd

     need for

     proposal mismatches, troubleshooting

     security parameters, manual keying

     transport mode

     tunnel mode

scalability of CRLs,

SCEP (Simple Certificate Enrollment Protocol),

SCTP (Stream Control Transmission Protocol),

security wheel,

sender non-repudiation,

serialization delay,

session authentication (SSL VPNs),

SHA (Secure Hash Algorithm),

shared secret keys,

signing public key certificates,

single points of failure for site-to-site VPNs,

site-to-site IPsec VPNs, 2nd

     business drivers

     configuration, verifying

     configuring

     hub-and-spoke networks

     over routed domains 2nd

     single points of failure, eliminating

site-to-site IPsec+GRE model [See IPsec+GRE model.]

software-based VPN clients,

SOHO deployments, applying dynamic crypto maps case study,

SPI (security parameter index),

SPI-based NAT, troubleshooting,

SSL VPNs,

     cryptographic key derivation

     handshake process

     HMAC

     RAVPN architectures

     session authentication

     transport layer security

     tunnel establishment process

SSO (stateful switchover),

stale SAs

     impact on IPsec reconvergence

     removing from SADB

standalone VPN concentrator designs,

stateful IPSec HA,

     alternatives to

     failover process

stateless IPsec HA,

     alternatives to

         HSRP,

         RRI,

     failover process

     goals of

static crypto maps,

symmetric encryption, 2nd

     shared secret keys, Diffie-Hellman secret key generation

symptoms of recursive routing,