IPSec Virtual Private Network Fundamentals

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [V] [W] [X]

TED (Tunnel Endpoint Discovery),

timers (HSRP), tuning,

topologies [See VPN topologies.]

transform sets, identifying mismatches,

transforms

     AH

     creating

    ESP

         confidentiality services,

         data integrity and authentication services,

     IPComp

     LZS

transport layer VPNs, SSL VPNs,

     cryptographic key derivation

     handshake process

     HMAC

     session authentication

     transport layer security

     tunnel establishment process

transport mode, 2nd

troubleshooting

    IKE

         authentication errors,

         peer mismatches,

         SA proposal mismatches, 2nd

     mismatched crypto ACLs

     NAT issues in IPsec VPN designs

         SPI-based NAT,

     NAT-T issues in IPsec VPN designs

     VPNs in firewalled environments

TTI (Trusted Transitive Introduction),

tunnel mode,

tunnel termination. [See also tunnels.]

     dual-DMZ firewall design 2nd

     firewalled

     GRE-offload

         with cleartext firewall paths,

         with dynamic crypto maps,

         with high-speed tunnel termination,

         with IKE x-Auth,

    "on a stick" termination

         NAT-on-a-stick,

         router-on-a-stick,

     termination redundancy

         on HSRP/VRRP virtual interfaces,

         using RP-based IPsec HA,

         with multiple peer statements,

tunnels

     L2F establishment process

    load-balanced designs

         concentrator clustering,

         DNS,

         external load balancers,

         load sharing with peer statements,

         routing,

     negotiation process

    PPTP

         compulsory,

         tunnel negotiation process,

         voluntary,

     SA security parameters 2nd