Scribd
Upload
243 views

Syllabus VPN

This document provides an overview and objectives for a training course on deploying Cisco ASA VPN solutions. The course covers topics such as evaluating the Cisco ASA adaptive security appliance architecture and VPN subsystem, applying remote access VPN configuration concepts, and deploying site-to-site and remote access VPN solutions using technologies like IPsec, SSL VPN, and Cisco AnyConnect. It consists of three volumes that go over technologies, configurations, procedures, and troubleshooting for various VPN deployment scenarios.

Uploaded by

LaasyaSweet
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
243 views

Syllabus VPN

This document provides an overview and objectives for a training course on deploying Cisco ASA VPN solutions. The course covers topics such as evaluating the Cisco ASA adaptive security appliance architecture and VPN subsystem, applying remote access VPN configuration concepts, and deploying site-to-site and remote access VPN solutions using technologies like IPsec, SSL VPN, and Cisco AnyConnect. It consists of three volumes that go over technologies, configurations, procedures, and troubleshooting for various VPN deployment scenarios.

Uploaded by

LaasyaSweet
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

CCNPSecurityVPNversion1.

CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357

DeployingCiscoASAVPNSolutionsVolume1

CourseIntroduction
Overview
LearnerSkillsandKnowledge
CourseGoalandObjectives
CourseFlow
AdditionalReferences
CiscoGlossaryofTerms
YourTrainingCurriculum

EvaluationoftheCiscoASAAdaptiveSecurityApplianceVPNSubsystem
Overview
ModuleObjectives
EvaluatingtheCiscoASAAdaptiveSecurityApplianceSoftwareArchitecture
Overview
Objectives
CiscoASAAdaptiveSecurityApplianceAccessControlModelRefresher
CiscoASAAdaptiveSecurityAppliancePacketRoutingRefresher
CiscoASAAdaptiveSecurityApplianceNATRefresher
CiscoASAAdaptiveSecurityApplianceAAARefresher
Summary
References
EvaluatingtheCiscoASAAdaptiveSecurityApplianceVPNSubsystemArchitecture
Overview
Objectives
PKITechnology
ThePublicKeyoftheCA
CertificateRevocationLists
OnlineCertificateStatusProtocol
AAABasedCertificateAuthorization
PublicKeyExchangeScalability
WhatdoesaPKIEnable?
ComparisonofCiscoASAAdaptiveSecurityApplianceVPNTechnologies
IPsecSecurityAssociations
IKEPhases
IKEMainandAggressiveMode
SSL/TLSSessionEstablishmentandKeyManagement
CiscoSecureDesktop
IPsecandNAT
VPNTerminationonCiscoASAAdaptiveSecurityApplianceNetworkInterfaces
PacketFlowinCiscoASAAdaptiveSecurityApplianceVPNFunctions
CCNPSecurityVPNversion1.0

CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357

CiscoASAAdaptiveSecurityApplianceVPNAccessControlModel
CiscoASAAdaptiveSecurityApplianceVPNLicensing
Summary
References
ApplyingCommonCiscoASAAdaptiveSecurityApplianceRemoteAccessVPN
ConfigurationConcepts
Overview
Objectives
CiscoASAAdaptiveSecurityApplianceVPNPolicyConfiguration
ConnectionProfiles
GroupPolices
ExternalPolicyStorage
RADIUSAttributeReference
Summary
References
ModuleSummary
DeploymentofCiscoASAAdaptiveSecurityApplianceIPsecVPNSolutions
Overview
ModelObjectives
DeployingBasicSitetoSiteIPsecVPNs
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
ConfiguringBasicPeerAuthentication
ConfiguringTransmissionProtection
TroubleshootingaCiscoASAAdaptiveSecurityApplianceSitetoSiteVPN
Summary
DeployingCertificateAuthenticationinSitetoSiteIPsecVPNs
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
DeployingCertificateBasedAuthentication
ConfiguringPKIBasedPeerAuthentication
Summary
DeployingtheCiscoVPNClient
Overview
Objectives
EvaluatingCiscoVPNClientFeatures
InstallingCiscoVPNClientSoftware
ConfiguringCiscoVPNClientProfiles
AdjustingthePeerResponseTimeoutValue
ConfiguringAdvancedProfileSettings
Summary
DeployingBasicCiscoEasyVPNSolutions
Overview
CCNPSecurityVPNversion1.0

CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357

Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
ConfiguringBasicCiscoASAAdaptiveSecurityApplianceCiscoEasyVPNServerFeatures
CiscoVPNClientandIKEPolicies
CryptoMaps
ConfiguringGroupPSKAuthentication
ConfiguringExtendedUserAuthentication
ConfiguringClientNetworkSettings
ConfiguringBasicAccessControlandSplitTunneling
ConfiguringtheCiscoVPNClient
TroubleshootingBasicCiscoEasyVPNOperation
Summary
DeployingAdvancedAuthenticationinCiscoEasyVPNSolutions
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
DeployingCiscoVPNClientCertificateAuthentication
ConfiguringHybridAuthentication
DeployingAdvancedPKIIntegration
TroubleshootingPKIIntegration
Summary
DeployingtheCiscoASA5505AdaptiveSecurityApplianceasCiscoEasyVPNRemote
Overview
Objectives
ChoosingCiscoEasyVPNRemoteModes
DeployingaBasicCiscoEasyVPNRemoteProfile
ConfiguringAdvancedCiscoEasyVPNRemoteFeatures
CiscoEasyVPNRemoteSide
CiscoEasyVPNServerSide
TroubleshootingtheCiscoEasyVPNRemote
Summary
ModuleSummary

CCNPSecurityVPNversion1.0

CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357

DeployingCiscoASAVPNSolutionsVolume2

DeploymentofCiscoASAAdaptiveSecurityApplianceAnyConnectRemoteAccess
VPNSolutions
Overview
ModuleObjectives
DeployingaBasicCiscoAnyConnectFullTunnelSSLVPNSolution
Overview
Objectives
ConfigurationsChoices,basicProcedures,andRequiredInputParameters
ConfiguringBasicCiscoASAAdaptiveSecurityApplianceSSLVPNGatewayFeatures
ConfiguringLocalPasswordBasedUserAuthentication
ConfiguringClientIPAddressManagement,BasicAccessControl,andSplitTunneling
InstallingandConfiguringtheCiscoAnyConnectClient
WebLaunch(ViaSSLVPNClientlessSession)
ManualInstallation
TroubleshootingBasicFullTunnelSSLVPNOperation
InstallingDARTwithCiscoAnyConnect
ManuallyinstallingDARTontheHost
Summary
DeployingAdvancedCiscoAnyConnectVPNClient
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
DeployingDTLS
ManagingCiscoAnyConnectSoftware
ConfiguringCiscoAnyConnectClientProfiles
DeployingAdvancedCiscoAnyConnectOperatingSystemIntegrationOptions
CustomizingtheCiscoAnyConnectUserInterface
MicrosoftWindows
Linux
MacOSX
Summary
References
DeployingAdvancedAuthenticationinCiscoAnyConnectFullTunnelSSLVPNs
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
DeployingExternalAAAAuthentication
DeployingCertificateBasedClientAuthenticationUsingtheCiscoASAAdaptiveSecurityAppliance
LocalCA
DeployingAdvancedPKIIntegration
DeployingMultipleClientAuthentication
CCNPSecurityVPNversion1.0

CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357

Summary
References
ModuleSummary

DeploymentofCiscoASAAdaptiveSecurityApplianceClientlessRemoteAccess
VPNSolutions
Overview
ModuleObjectives
DeployingaBasicClientlessVPNSolution
Overview
Objectives
ConfigurationChoices,BasicProcedure,andRequiredInputParameters
ConfiguringBasicCiscoASAAdaptiveSecurityApplianceSSLVPNGatewayFeatures
ConfiguringLocalPasswordBasedUserAuthentication
ConfiguringBasicPortalFeaturesandAccessControl
TroubleshootingClientlessSSLVPNs
Summary
DeployingAdvancedApplicationAccessforClientlessSSLVPN
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
ConfiguringApplicationPlugIns
SpecifyingAppletSettings
ConfiguringSmartTunnels
ConfiguringPortForwarding
TroubleshootingAdvancedApplicationAccess
Summary
DeployingAdvancedAuthenticationandSSOinaClientlessSSLVPN
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
DeployingClientCertificateBasedAuthentication
DeployingAdvancedGatewayPKIIntegration,ExternalCertificateAuthorization,andDouble
Authentication
TroubleshootingPKIIntegration
DeployingClientlessSSLVPNSSCO
Summary
CustomizingtheClientlessSSLVPNUserInterfaceandPortal
Overview
Objectives
DeployingBasicNavigationCustomization
DeployingFullPortalCustomization
DeployingPortalLocalization
DeployingPortalHelpCustomization
CCNPSecurityVPNversion1.0

CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357

CiscoAnyConnectPortalIntegration
Summary
ModuleSummary

DeployingCiscoASAVPNSolutionsVolume3

DeploymentofAdvancedCiscoASAAdaptiveSecurityApplianceVPNSolutions
Overview
ModuleObjectives
DeployingVPNAuthorization,AccessControl,andAccounting
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
DeployingLocalAuthorization
DeployingExternalAuthorization
ConfiguringSessionAccounting
TroubleshootAuthorizationandAccountingofaClientlessSSLVPN
Summary
DeployingCiscoSecureDesktopinSSLVPNs
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
Installing,Enabling,andCustomizingCiscoSecureDesktop
ConfiguringPreloginCriteria
ConfiguringPreloginPolicies
BasicHostScan
EndpointAssessment
AdvancedEndpointAssessment
ConfiguringAdvancedEndpointAssessment
TroubleshootingCiscoSecureDesktopOperationforClientlessConnections
Summary
DeployingDynamicAccessPolicies
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
ConfiguringDAP
AggregatingDAPRecords
IntegratingCiscoSecureDesktopwithDAP
UsingLUAExpressionsinDAP
TroubleshootingDAP
Summary
References

CCNPSecurityVPNversion1.0

CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357

DeployingHighAvailabilityandHighPerformanceinSSLandIPsecVPNs
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
DeployingRedundantPeering
DeployingCiscoASAAdaptiveSecurityApplianceActive/StandbyFailover
DeployingDynamicRoutingBasedVPNFailover
DeployingCiscoASAAdaptiveSecurityApplianceVPNClustering
DeployingHighAvailabilityandHighPerformanceUsingNetworkSLB
DeployingVPNQoS
TroubleshootingCiscoASAAdaptiveSecurityApplianceVPNFailoverandClustering
Summary
ModuleSummary
DeployingExternalAuthenticationinCiscoAnyConnectFullTunnelSSLVPNs
Overview
Objectives
DeployingCertificateBasedClientAuthenticationUsingExternalCAs
LDAPPasswordManagement
Summary

CCNPSecurityVPNversion1.0

CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357

DeployingCiscoASAVPNSolutions

LabGuide

Overview
Thisguiderepresentstheinstructionsandotherinformationconcerningthelabactivitiesforthis
course.YoucanfindthesolutionsintheLabActivityAnswerKey.

Outline
Thisguideincludestheseactivities:
Lab21:DeployingabasicCiscoASAAdaptiveSecurityApplianceIPsecSitetoSiteVPN
Lab22:DeployingaCertificateBasedCiscoASAAdaptiveSecurityApplianceIPsecSitetoSiteVPN
Lab23:DeployingBasicCiscoEasyVPN
Lab24:DeployingAdvancedCiscoEasyVPNServerwithCertificateBasedAuthentication
Lab25:DeployingtheCiscoASA5505AdaptiveSecurityApplianceasCiscoEasyVPNRemote
Lab31:ConfiguringaBasicCiscoAnyConnectFullTunnelSSLVPNUsingLocalPassword
Authentication
Lab32:DeployingtheCiscoAnyConnectClientwithCentralizedManagement
Lab33:ConfiguringaBasicCiscoAnyConnectFullTunnelSSLVPNUsingtheLocalCA
Lab41:ConfiguringBasicClientlessVPNAccessontheCiscoASAAdaptiveSecurityAppliance
Lab42:ConfiguringAdvancedApplicationAccessinClientlessSSLVPNs
Lab43:CustomizingtheSSLVPNPortalontheCiscoASAAdaptiveSecurityAppliance
Lab51:DeployingSSLVPNAccessPoliciesandAuthorizationParameters
Lab52:DeployingCiscoSecureDesktopandDAPinSSLVPNs
Lab53:ConfiguringaLoadBalancingSSLVPNCluster
AnswerKey

You might also like