Documente Academic
Documente Profesional
Documente Cultură
CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357
DeployingCiscoASAVPNSolutionsVolume1
CourseIntroduction
Overview
LearnerSkillsandKnowledge
CourseGoalandObjectives
CourseFlow
AdditionalReferences
CiscoGlossaryofTerms
YourTrainingCurriculum
EvaluationoftheCiscoASAAdaptiveSecurityApplianceVPNSubsystem
Overview
ModuleObjectives
EvaluatingtheCiscoASAAdaptiveSecurityApplianceSoftwareArchitecture
Overview
Objectives
CiscoASAAdaptiveSecurityApplianceAccessControlModelRefresher
CiscoASAAdaptiveSecurityAppliancePacketRoutingRefresher
CiscoASAAdaptiveSecurityApplianceNATRefresher
CiscoASAAdaptiveSecurityApplianceAAARefresher
Summary
References
EvaluatingtheCiscoASAAdaptiveSecurityApplianceVPNSubsystemArchitecture
Overview
Objectives
PKITechnology
ThePublicKeyoftheCA
CertificateRevocationLists
OnlineCertificateStatusProtocol
AAABasedCertificateAuthorization
PublicKeyExchangeScalability
WhatdoesaPKIEnable?
ComparisonofCiscoASAAdaptiveSecurityApplianceVPNTechnologies
IPsecSecurityAssociations
IKEPhases
IKEMainandAggressiveMode
SSL/TLSSessionEstablishmentandKeyManagement
CiscoSecureDesktop
IPsecandNAT
VPNTerminationonCiscoASAAdaptiveSecurityApplianceNetworkInterfaces
PacketFlowinCiscoASAAdaptiveSecurityApplianceVPNFunctions
CCNPSecurityVPNversion1.0
CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357
CiscoASAAdaptiveSecurityApplianceVPNAccessControlModel
CiscoASAAdaptiveSecurityApplianceVPNLicensing
Summary
References
ApplyingCommonCiscoASAAdaptiveSecurityApplianceRemoteAccessVPN
ConfigurationConcepts
Overview
Objectives
CiscoASAAdaptiveSecurityApplianceVPNPolicyConfiguration
ConnectionProfiles
GroupPolices
ExternalPolicyStorage
RADIUSAttributeReference
Summary
References
ModuleSummary
DeploymentofCiscoASAAdaptiveSecurityApplianceIPsecVPNSolutions
Overview
ModelObjectives
DeployingBasicSitetoSiteIPsecVPNs
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
ConfiguringBasicPeerAuthentication
ConfiguringTransmissionProtection
TroubleshootingaCiscoASAAdaptiveSecurityApplianceSitetoSiteVPN
Summary
DeployingCertificateAuthenticationinSitetoSiteIPsecVPNs
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
DeployingCertificateBasedAuthentication
ConfiguringPKIBasedPeerAuthentication
Summary
DeployingtheCiscoVPNClient
Overview
Objectives
EvaluatingCiscoVPNClientFeatures
InstallingCiscoVPNClientSoftware
ConfiguringCiscoVPNClientProfiles
AdjustingthePeerResponseTimeoutValue
ConfiguringAdvancedProfileSettings
Summary
DeployingBasicCiscoEasyVPNSolutions
Overview
CCNPSecurityVPNversion1.0
CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
ConfiguringBasicCiscoASAAdaptiveSecurityApplianceCiscoEasyVPNServerFeatures
CiscoVPNClientandIKEPolicies
CryptoMaps
ConfiguringGroupPSKAuthentication
ConfiguringExtendedUserAuthentication
ConfiguringClientNetworkSettings
ConfiguringBasicAccessControlandSplitTunneling
ConfiguringtheCiscoVPNClient
TroubleshootingBasicCiscoEasyVPNOperation
Summary
DeployingAdvancedAuthenticationinCiscoEasyVPNSolutions
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
DeployingCiscoVPNClientCertificateAuthentication
ConfiguringHybridAuthentication
DeployingAdvancedPKIIntegration
TroubleshootingPKIIntegration
Summary
DeployingtheCiscoASA5505AdaptiveSecurityApplianceasCiscoEasyVPNRemote
Overview
Objectives
ChoosingCiscoEasyVPNRemoteModes
DeployingaBasicCiscoEasyVPNRemoteProfile
ConfiguringAdvancedCiscoEasyVPNRemoteFeatures
CiscoEasyVPNRemoteSide
CiscoEasyVPNServerSide
TroubleshootingtheCiscoEasyVPNRemote
Summary
ModuleSummary
CCNPSecurityVPNversion1.0
CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357
DeployingCiscoASAVPNSolutionsVolume2
DeploymentofCiscoASAAdaptiveSecurityApplianceAnyConnectRemoteAccess
VPNSolutions
Overview
ModuleObjectives
DeployingaBasicCiscoAnyConnectFullTunnelSSLVPNSolution
Overview
Objectives
ConfigurationsChoices,basicProcedures,andRequiredInputParameters
ConfiguringBasicCiscoASAAdaptiveSecurityApplianceSSLVPNGatewayFeatures
ConfiguringLocalPasswordBasedUserAuthentication
ConfiguringClientIPAddressManagement,BasicAccessControl,andSplitTunneling
InstallingandConfiguringtheCiscoAnyConnectClient
WebLaunch(ViaSSLVPNClientlessSession)
ManualInstallation
TroubleshootingBasicFullTunnelSSLVPNOperation
InstallingDARTwithCiscoAnyConnect
ManuallyinstallingDARTontheHost
Summary
DeployingAdvancedCiscoAnyConnectVPNClient
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
DeployingDTLS
ManagingCiscoAnyConnectSoftware
ConfiguringCiscoAnyConnectClientProfiles
DeployingAdvancedCiscoAnyConnectOperatingSystemIntegrationOptions
CustomizingtheCiscoAnyConnectUserInterface
MicrosoftWindows
Linux
MacOSX
Summary
References
DeployingAdvancedAuthenticationinCiscoAnyConnectFullTunnelSSLVPNs
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
DeployingExternalAAAAuthentication
DeployingCertificateBasedClientAuthenticationUsingtheCiscoASAAdaptiveSecurityAppliance
LocalCA
DeployingAdvancedPKIIntegration
DeployingMultipleClientAuthentication
CCNPSecurityVPNversion1.0
CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357
Summary
References
ModuleSummary
DeploymentofCiscoASAAdaptiveSecurityApplianceClientlessRemoteAccess
VPNSolutions
Overview
ModuleObjectives
DeployingaBasicClientlessVPNSolution
Overview
Objectives
ConfigurationChoices,BasicProcedure,andRequiredInputParameters
ConfiguringBasicCiscoASAAdaptiveSecurityApplianceSSLVPNGatewayFeatures
ConfiguringLocalPasswordBasedUserAuthentication
ConfiguringBasicPortalFeaturesandAccessControl
TroubleshootingClientlessSSLVPNs
Summary
DeployingAdvancedApplicationAccessforClientlessSSLVPN
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
ConfiguringApplicationPlugIns
SpecifyingAppletSettings
ConfiguringSmartTunnels
ConfiguringPortForwarding
TroubleshootingAdvancedApplicationAccess
Summary
DeployingAdvancedAuthenticationandSSOinaClientlessSSLVPN
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
DeployingClientCertificateBasedAuthentication
DeployingAdvancedGatewayPKIIntegration,ExternalCertificateAuthorization,andDouble
Authentication
TroubleshootingPKIIntegration
DeployingClientlessSSLVPNSSCO
Summary
CustomizingtheClientlessSSLVPNUserInterfaceandPortal
Overview
Objectives
DeployingBasicNavigationCustomization
DeployingFullPortalCustomization
DeployingPortalLocalization
DeployingPortalHelpCustomization
CCNPSecurityVPNversion1.0
CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357
CiscoAnyConnectPortalIntegration
Summary
ModuleSummary
DeployingCiscoASAVPNSolutionsVolume3
DeploymentofAdvancedCiscoASAAdaptiveSecurityApplianceVPNSolutions
Overview
ModuleObjectives
DeployingVPNAuthorization,AccessControl,andAccounting
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
DeployingLocalAuthorization
DeployingExternalAuthorization
ConfiguringSessionAccounting
TroubleshootAuthorizationandAccountingofaClientlessSSLVPN
Summary
DeployingCiscoSecureDesktopinSSLVPNs
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
Installing,Enabling,andCustomizingCiscoSecureDesktop
ConfiguringPreloginCriteria
ConfiguringPreloginPolicies
BasicHostScan
EndpointAssessment
AdvancedEndpointAssessment
ConfiguringAdvancedEndpointAssessment
TroubleshootingCiscoSecureDesktopOperationforClientlessConnections
Summary
DeployingDynamicAccessPolicies
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
ConfiguringDAP
AggregatingDAPRecords
IntegratingCiscoSecureDesktopwithDAP
UsingLUAExpressionsinDAP
TroubleshootingDAP
Summary
References
CCNPSecurityVPNversion1.0
CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357
DeployingHighAvailabilityandHighPerformanceinSSLandIPsecVPNs
Overview
Objectives
ConfigurationChoices,BasicProcedures,andRequiredInputParameters
DeployingRedundantPeering
DeployingCiscoASAAdaptiveSecurityApplianceActive/StandbyFailover
DeployingDynamicRoutingBasedVPNFailover
DeployingCiscoASAAdaptiveSecurityApplianceVPNClustering
DeployingHighAvailabilityandHighPerformanceUsingNetworkSLB
DeployingVPNQoS
TroubleshootingCiscoASAAdaptiveSecurityApplianceVPNFailoverandClustering
Summary
ModuleSummary
DeployingExternalAuthenticationinCiscoAnyConnectFullTunnelSSLVPNs
Overview
Objectives
DeployingCertificateBasedClientAuthenticationUsingExternalCAs
LDAPPasswordManagement
Summary
CCNPSecurityVPNversion1.0
CCBOOTCAMP
375NorthStephanieStreetBldg.21,Suite2111Henderson,Nevada89014
Website:www.ccbootcamp.comTollFree:877.654.2243Fax:702.446.0357
DeployingCiscoASAVPNSolutions
LabGuide
Overview
Thisguiderepresentstheinstructionsandotherinformationconcerningthelabactivitiesforthis
course.YoucanfindthesolutionsintheLabActivityAnswerKey.
Outline
Thisguideincludestheseactivities:
Lab21:DeployingabasicCiscoASAAdaptiveSecurityApplianceIPsecSitetoSiteVPN
Lab22:DeployingaCertificateBasedCiscoASAAdaptiveSecurityApplianceIPsecSitetoSiteVPN
Lab23:DeployingBasicCiscoEasyVPN
Lab24:DeployingAdvancedCiscoEasyVPNServerwithCertificateBasedAuthentication
Lab25:DeployingtheCiscoASA5505AdaptiveSecurityApplianceasCiscoEasyVPNRemote
Lab31:ConfiguringaBasicCiscoAnyConnectFullTunnelSSLVPNUsingLocalPassword
Authentication
Lab32:DeployingtheCiscoAnyConnectClientwithCentralizedManagement
Lab33:ConfiguringaBasicCiscoAnyConnectFullTunnelSSLVPNUsingtheLocalCA
Lab41:ConfiguringBasicClientlessVPNAccessontheCiscoASAAdaptiveSecurityAppliance
Lab42:ConfiguringAdvancedApplicationAccessinClientlessSSLVPNs
Lab43:CustomizingtheSSLVPNPortalontheCiscoASAAdaptiveSecurityAppliance
Lab51:DeployingSSLVPNAccessPoliciesandAuthorizationParameters
Lab52:DeployingCiscoSecureDesktopandDAPinSSLVPNs
Lab53:ConfiguringaLoadBalancingSSLVPNCluster
AnswerKey