VPN
A Virtual Private Network (VPN) is a mechanism that is used to establish a secure connection over an insecure network, such as the Internet. Various technologies and methodologies can be used to create such an entity which ensures that traffic exchanged between its endpoints remains private and separate from any other traffic that may be traversing the same network.
VPNs provide the following features:
- Confidentiality: preventing anyone from reading your data. This is implemented with encryption.
- Authentication: verifying that the router/firewall or remote user that is sending VPN traffic is a legitimate device or router.
- Integrity: verifying that the VPN packet wasn’t changed somehow during transit.
- Anti-replay: preventing someone from capturing traffic and resending it, trying to appear as a legitimate device/user.
VPNs are used in a variety of contexts including:
VPNs can be established as site-to-site, where remote LANs are interconnected over a WAN, or can be established as client-to-site, where individual devices connect securely to a remote network.
Links
https://networklessons.com/cisco/ccna-200-301/introduction-to-vpns
Links to this page:
- home
- ASA - AnyConnect Management VPN Tunnel
- ASA - Clientless VPN
- ASA - Using FQDN in an ACL for VPN split tunnelling
- ASA - VTI VPN and MSS
- ASA - crypto hardware processing
- ASA - multiple AnyConnect packages
- ASA - multiple VPNs between the same endpoints
- ASA - split-tunnel-policy command
- ASA CTM ipsec poll ctl DU_IOCTL_RESUME_POLL ioctl failed error
- ASA Site-to-Site IKEv1 IPSec VPN recv errors
- ASA VPN with overlapping IP address spaces
- ASA crypto map and tunnel group preshared keys
- ASA group policies
- ASA packet processing algorithm
- ASA troubleshooting IPSec
- ASA tunnel-group
- ASA
- Access-List (ACL)
- BGP - Labeled Unicast
- BGP - multiprotocol BGP
- BGP - using private ASNs with private IPs
- BGP Asymmetric routing when using ASA with AWS
- BGP Extended Community
- CCNP SCOR exam topics
- DHCP relay support for MPLS VPN
- DMVPN - NHRP purge request
- DMVPN - spoke redundancy
- DMVPN
- Ethernet VPN (EVPN)
- FlexVPN Hub and Spoke backup routes
- FlexVPN
- Frame Relay - is it a relevant technology anymore
- IPSec - Encapsulating Security Payload (ESP)
- IPSec - crypto map multiple peers
- IPSec NAT Transparency
- L2TPv3 over IPSec
- MPLS - Connecting IPv6 sites over an IPv4 backbone
- MPLS - Layer 2 VPNs
- MPLS - Multi-VRF CE
- MPLS - VPNv4 Labels are assigned per route
- MPLS - Virtual Private Network (VPN)
- MPLS - label distribution using MP-BGP
- MPLS L3VPN Inter-AS Options
- MPLS Layer 3 VPN communication between CE and PE routers
- MPLS Layer 3 VPN communication between CE routers
- MPLS Route Distinguisher
- MPLS Route Target
- MPLS Troubleshooting
- MPLS VPN extranet route leaking unique addressing
- MPLS VRF names locally significant
- MPLS
- MetroEthernet - VLAN design considerations
- NAT - Virtual Interface (NVI)
- NAT vrf-aware
- Network Design - Choosing a technology for multiple datacenter topology
- Network Flapping
- Networks - Overlay Network
- Networks - Underlay Network
- Next Generation Multicast Virtual Private Network (NG-MVPN)
- OSPF sham-link
- Routing - Distance-vector routing protocol use cases
- SD-WAN OMP VPN Route Status Codes
- STP - Shortest Path Bridging (SPB)
- Security - Cisco AnyConnect Secure Mobility Client
- Security - Cisco Secure Client
- Security - Cisco VPN Client
- Security - Cisco VPN client software
- Security - Diffie-Hellman groups
- Security - GETVPN
- Security - WebVPN
- VLANs - 802.1Q tunneling (QinQ)
- VPN - IKEv2 peer address of 0.0.0.0 0.0.0.0
- VPN - Interesting Traffic
- VPN - NAT Exemption
- VPN - default gateway for site to site VPN
- VPN - default gateway of VPN client
- VPN - split tunneling
- VPN DVTI tunnel source
- VRF Communication and Route Target Configuration
- Virtual Private Wire Service (VPWS)
- WAN - how to choose a WAN technology
- Wide Area Network