Presentation is loading. Please wait.

Presentation is loading. Please wait.

CCNA 5.0 Planning Guide Chapter 7: Securing Site-to-Site Connectivity

Similar presentations


Presentation on theme: "CCNA 5.0 Planning Guide Chapter 7: Securing Site-to-Site Connectivity"— Presentation transcript:

1 CCNA 5.0 Planning Guide Chapter 7: Securing Site-to-Site Connectivity Connecting Networks

2 Chapter 7: Objectives After completing this chapter, students will be able to: Describe benefits of VPN technology. Describe site-to-site and remote access VPNs. Describe the purpose and benefits of GRE tunnels. Configure a site-to-site GRE tunnel. Describe the characteristics of IPsec. Explain how IPsec is implemented using the IPsec protocol framework. Explain how the Anyconnect client and clientless SSL remote access VPN implementations support business requirements. Compare IPsec and SSL remote access VPNs. 2

3 Chapter 7: Overview This chapter:
Explains the concepts and processes related to VPNs Explains the benefits of VPN implementations and the underlying protocols required to configure VPNs 3

4 Chapter 7: Activities What activities are associated with this chapter? Class Activity – VPNs at a Glance Activity – Identifying the Benefits of VPNs Activity – Compare Types of VPNs Packet Tracer – Configuring VPNs (Optional) Activity – Identifying GRE Characteristics Syntax Checker – Configure and Verify GRE Packet Tracer – Configuring GRE Packet Tracer – Troubleshooting GRE Lab – Configuring a Point-to-Point GRE VPN Tunnel 4

5 Chapter 7: Activities (cont.)
What activities are associated with this chapter? Activity – Identifying IPsec Terminology and Concepts Packet Tracer – Configuring GRE over IPsec (Optional) Activity – Compare Cisco SSL VPN Solutions Activity – Identify Remote-Access Characteristics Class Activity – VPN Planning Design Packet Tracer – Skills Integration Challenge 5

6 Chapter 7: Packet Tracer Activity Password
The password for all the Packet Tracer activities in this chapter is: PT_ccna5 6

7 Chapter 7: Assessment Students should complete Chapter 7 Exam after completing Chapter 7. Worksheets, labs and quizzes can be used to informally assess student progress. 7

8 Chapter 7: New Terms and Commands
What terms and commands are introduced in this chapter? VPNs Tunnel Generic Routing Encapsulation (GRE) Cisco Adaptive Security Appliance (ASA) Site-to-site VPNs VPN Gateway Remote Access VPNs Cisco AnyConnect Secure Mobility Client interface tunnel number command tunnel source command tunnel destination command show interface tunnel command IP Multicast Tunneling IPsec Anti-replay Protection Encryption Decryption 8

9 Chapter 7: New Terms and Commands (cont.)
What terms are introduced in this chapter? Symmetric Encryption Asymmetric Encryption Public Key Encryption Diffie-Hellman Key Exchange OAKLEY IKE protocol Hash Hash-based Message Authentication Code (HMAC) MD5 SHA Pre-shared Key (PSK) RSA Signature Certificate Authority (CA) Digital Signature Algorithm (DSA) Authentication Header (AH) Encapsulating Security Payload (ESP) 9

10 Chapter 7: New Terms and Commands (cont.)
What terms are introduced in this chapter? Secure Sockets Layer (SSL) VPN IP Security (IPsec) VPN Cisco AnyConnect Secure Mobility Client with SSL  Cisco Secure Mobility Clientless SSL VPN Cisco Easy VPN Server Cisco Easy VPN Remote Cisco VPN Client 10

11 Chapter 7: Best Practices
For best practices, the instructor should: Use this chapter as an introduction to CCNA Security. Make this chapter as hands-on as possible. Encourage students to complete chapter activities, labs, and to use the Syntax Checker. Refer to the CCNA Security curriculum for more labs and reference materials. Use for additional VPN materials. 11

12 Chapter 7: Additional Help
For additional help with teaching strategies, including lesson plans, analogies for difficult concepts, and discussion topics, visit the CCNA Community at If you have lesson plans or resources that you would like to share, upload them to the CCNA Community to help other instructors. 12

13 Chapter 7: Topics Not in ICND2 200-101
This section lists topics covered by this chapter that are NOT listed in the ICND Blueprint. Those topics are posted at Instructors could skip these sections; however, they should provide additional information and fundamental concepts to assist the student with the topic. 13

14 Chapter 7: Topics Not in 200-101 ICND2
What sections of this chapter are NOT in the ICND2 certification blueprint? 7.0.1 Topic - Introduction 7.1 Section - VPNs 7.2 Section – Site-to-Site GRE Tunnels 7.3 Section – Introducing IPsec 7.4 Section – Remote Access 7.5 Summary 14

15

16


Download ppt "CCNA 5.0 Planning Guide Chapter 7: Securing Site-to-Site Connectivity"

Similar presentations


Ads by Google