Course Outline

Objectives

  • Review TCP/IP and the fields in the IP Header.
  • Describe the fields and headers in the ISAKMP Protocol.
  • Describe Main Mode negotiation to set up Phase 1 of a VPN
  • Describe Aggressive Mode negotiation to set up Phase 1 of a VPN.
  • Describe Quick Mode negotiation to set up Phase 2 of a VPN.
  • Compare IKEv1 and IKEv2 protocols.
  • Describe Symmetric and Public/Private Key encryption.
  • Describe ISAKMP Security Associations.
  • Describe IPSec Security Associations.
  • Describe IPSec AH Protocol.
  • Describe IPSec ESP Protocol.
  • Describe and Explain Diffie-Hellman Key Exchange.
  • Describe prime and primitive root of a prime number.
  • Describe, explain and configure site to site VPN’s using Cisco Routers and/or ASA Firewalls.
  • Describe Remote Access VPN’s using ADSL and Dial-up.
  • Use debug commands in Cisco CLI and wireshark to demonstrate and troubleshoot VPN negotiation.

Practical Exercises:

  • Lab Exercise 1: IPSec using manual, symmetric encryption keys.
  • Lab Exercise 2: IPSec using IKE and shared secret
  • Lab Exercise 3: IPSec using IKE and certificate authentication.

Requirements

Knowledge of TCP/IP and Cisco IOS would be an advantage.

 14 Hours