ccna site-to-site connectivity security

Copyright © www.networkel.com

5- Site-To-Site Connectivity Security

5.1 VPN

5.2 Site-To-Site GRE Tunnels & IPsec


5.1 VPN


VPN OVERVIEW

• Virtual Private Network

• Extends a private network across a public

network, such as the Internet

• Enables users to send and receive data

across shared or public networks as if their

computing devices were directly connected

to the private network


BONUS SLIDE ( PROMOTION OFFER! )

• To get our CCNA 200-125 Full Video Training with %90 discount

click the link below now !

CCNA 200-125 VIDEO TRAINING (GET WITH %90 DISCOUNT)

https://www.udemy.com/new-ccna-full-course/?couponCode=SLIDESHARE


VPN BENEFITS

• Reduced cost : Everywhere is like an office

• Scalability : Internet based VPNs enable

organizations to use the Internet

infrastructure within ISPs and devices

• Security : Can provide high-level security

using advanced authorization and

encryption protocols


VPN TYPES

• Site-To-Site VPN

• Remote Access VPN

• DMVPN


SITE-TO-SITE VPN

• Allow employees in geographically disparate

offices to share one cohesive virtual network

• Hosts don't have VPN client software; they

send and receive normal TCP/IP traffic

through a VPN GW

• The VPN GW is responsible for

encapsulating and encrypting outbound

traffic, sending it through a VPN tunnel over

the Internet, to a peer VPN gateway at the

target site.


REMOTE ACCESS VPN

• Allows employees to access their

company's intranet from home or

while travelling outside the office

• VPN client gains secure access to the

enterprise network via a VPN server

• VPN client software may be required

for connection


DMVPN

• Dynamic tunneling form of a virtual

private network (VPN) supported on

Cisco IOS-based routers

• Provides easy configuration and

flexibility

• Can use Hub-To-Spoke Tunnels or

Hub-To-Spoke and Spoke-To-Spoke

tunnels


5.2 Site-To-Site GRE Tunnels


GRE OVERVIEW

• Tunneling protocol developed by

Cisco that allows the encapsulation

of a wide variety of network layer

protocols inside point-to-point links

• A virtual tunnel is created between

the two endpoints and packets are

sent through the GRE tunnel

• Most basic tunneling technique


GRE FEATURES

• No flow control

• Non-secure

• GRE IP Protocol : 47


GRE CONFIGURATION

R1 (Customer) R2 (ISP)

Tun 0 10.41.1.1 10.1.3.2GRE TUNNEL

Tun source 198.145.45.1

( Public IP )


VERIFYING GRE CONFIGURATION

R1 (Customer) R2 (ISP)

Tun 0 10.41.1.1 10.1.3.2GRE TUNNEL

Tun source 198.145.45.1

( Public IP )


5.3 IPsec


IPsec OVERVIEW

• Protocol suite for secure IP

communications that works by

authenticating and encrypting each

IP packet of a communication

session

• Data travels securely from a private

network over a public network

• OSI Layer - 3


IPsec SECURITY

• Confidentiality : Data is encrypted

before it is sent

• Integrity : Data's integrity is checked

and it is verified that data has not

been changed

• Authentication : Use IKE (Internet

Key Exchange ) to authenticate the

users and make sure that source is

reliable


BONUS SLIDE ( PROMOTION OFFER! )

• To get our CCNA 200-125 Full Video Training with %90 discount

click the link below now !

CCNA 200-125 VIDEO TRAINING (GET WITH %90 DISCOUNT)

https://www.udemy.com/new-ccna-full-course/?couponCode=SLIDESHARE

ccna site-to-site connectivity security

Technology