I pulled this topology from my older posts when I took a deep dive into the world of LSA's, how to read the Topology table like a laundry list and under stand it, and what type of routers did what. First I want to list links that are absolutely vital to read and understand for … Continue reading A collection of IMPORTANT links to review and know for exam day, then a quick overview of LSA Types / OSPF Router Types!
As I will not be doing a DEEP Dive or review of VRF-Lite outside of reviewing my own post on its configuration, I figured I would put the highlights of my VRF-Lite post here in terms of configuration. This way we can both get an overview of VRF-Lite, and how it compares to EVN, … Continue reading VPN: VRF-Lite review of behaviors, EVN Fundamentals, configuration explained, no labbing due to constraints even on 15.x IOS!
Since we are now efficient at all things GRE and IPSec VPN at this point, that makes for a smooth transition into DMVPN , though I want to be crystal clear that the ROUTE Blueprint mentions only "Describe DMVPN (Single Hub)" so I will not be configuring it all over again, I do have a … Continue reading VPN: DMVPN, NHRP, and mGRE – Brief initial configuration review, verification review, and a link to all the gritty details!
So this is very odd to me after going through the last two posts of GRE and IPSec configuration, however once I found good information, configuration was a breeze. **PLEASE READ EXAM DAY NOTE AT END OF POST FOR SCENARIOS WHERE THE ROUTES HAVE TO BE IN THE DYNAMIC ROUTING PROTOCOL FOR OTHER ROUTERS** You … Continue reading VPN: DEEP Dive into GRE over IPSec configuration, explanation, and very easy actually once you are familiar with GRE and IPSec!
This is more a Part 2 of 3 in the series of 1 being building a GRE tunnel which we now have, 2 building an IPSec Tunnel which we will have shortly, and 3 placing the GRE traffic into the IPSec VPN for transmission - As IPSec only sends Unicast but GRE takes any type … Continue reading VPN: DEEP Dive into IPSec, configurations / functions, the VPN fails, but is troubleshot with debugs / verification commands to fix the issue explained!
Now I've spent hours and hours trying to figure GRE out, this was not included in my CCNP ROUTE material except for some DMVPN using mGRE, however I did want to know for practical purposes how to encapsulate broadcast / multicast traffic over an IPSec tunnel which in turn needs a GRE tunnel as there … Continue reading VPN: DEEP Dive into GRE Tunnel configuration over OSPF, explanation of behaviors and how to overcome them!
This first image is a break down of the different types of VPN Packet Type by the headers / trailers (or lack thereof), and the following of your typical IPSec VPN Packet Type: The VPN generic representation of the IPSec VPN Packet above works for a general review, but there are details in the headers … Continue reading VPN: DEEP Dive into different VPN Packet Types, Packet Headers, and the differences between VPN Packets and their Modes!
Working from Sw1, I want 220.127.116.11 /24 traffic to initialize and be encrypted to the 18.104.22.168 /32 network when traffic hits R2, and vice versa from 22.214.171.124 /32 configured on R1. I want my traffic from this switch specifically destined to network 126.96.36.199 /32 to take the path of R2 - R1 - R5 and … Continue reading Complete guide to Basic IPSec VPN Configuration, explanations of concepts, debugs, and some show commands for tshooting issues!
As can be seen, I will be adding the configuration for a sweet new IPSec VPN between R1 and R2 in the next post which will be the actual lab session, as there is so much theory and acronym definitions that are important to know and understand that it really just needs its own post … Continue reading IPSec VPN Theory, acronyms, tunnel creation, important concepts (keeping it as brief and to the point as possible!)