Cisco Secure VPNs

(CSVPN 1.01)

© 2000, Cisco Systems, Inc.  CSVPN1.01—1­1
Course Introduction

© 2000, Cisco Systems, Inc.  CSVPN1.01—1­2
 Course Objectives

Upon completion of this course, you will be 
able to perform the following tasks: 
• Identify the features, functions, and benefits of Cisco 
Secure VPN products.
• Identify the component technologies that are 
implemented in Cisco Secure VPN products.
• Identify the procedure steps and commands required 
to configure and test IPSec in Cisco IOS software.
• Identify the procedure steps and commands required 
to configure and test IPSec in the Cisco Secure PIX 
Firewall.

© 2000, Cisco Systems, Inc.  www.cisco.com CSVPN 1.01—1­3

 Course Objectives (cont.)

• Install and configure the Cisco VPN Client to 
create a secure tunnel to a Cisco VPN 
Concentrator or PIX Firewall.
• Configure and verify IPSec in the Cisco VPN 
Concentrator, Cisco router, and the Cisco Secure 
PIX Firewall.
• Configure the Cisco VPN Concentrator, Cisco 
router, and the Cisco Secure PIX Firewall for 
interoperability.

© 2000, Cisco Systems, Inc.  www.cisco.com CSVPN 1.01—1­4

 Course Agenda

Day 1 AM
• Chapter 1–Course Introduction
• Chapter 2–Overview of VPN and IPSec Technologies
• Chapter 3–Cisco VPN 3000 Concentrator Series Hardware Overview
Lunch
• Chapter 4–Configure Cisco VPN 3000 for Remote Access Using Pre-
shared Keys
Day 2 AM
• Chapter 5–Configure Cisco VPN 3000 for Remote Access Using
Digital Certificates
Lunch
• Chapter 6–Monitor and Administer Cisco VPN 3000 Remote Access
Networks
• Chapter 7–Configure Cisco IOS IPSec for Pre-shared Keys Site-to-
Site

© 2000, Cisco Systems, Inc.  www.cisco.com CSVPN 1.01—1­5

 Course Agenda (cont.)

Day 3 AM
• Chapter 8–Configure Cisco IOS IPSec Certificate Authority Support
Site-to-Site
Lunch
• Chapter 9–Configure the PIX Firewall for IPSec Pre-Shared Keys Site-
to-Site
Day 4 AM
• Chapter 10–Configure PIX Firewall Certificate Authority Support Site-
to-Site
Lunch
• Chapter 11–Scale Cisco IPSec VPNs

© 2000, Cisco Systems, Inc.  www.cisco.com CSVPN 1.01—1­6

 Participant Responsibilities

Student Responsibilities
• Complete prerequisites
• Participate in laboratory 
exercises
• Ask questions
• Provide feedback

© 2000, Cisco Systems, Inc.  www.cisco.com CSVPN 1.01—1­7

 General Administration

Class–related Facilities–related
• Sign­in sheet • Participant materials
• Length and times • Site emergency 
• Break and lunch room  procedures
locations • Restrooms
• Attire • Telephones/faxes

© 2000, Cisco Systems, Inc.  www.cisco.com CSVPN 1.01—1­8

 Graphic Symbols

PIX R2 NAS Workgroup  Router PC, Workstation, or 

VPN 3000
Firewall Switch Server
Concentrator

Dialup Ethernet link Internet CSIDS  CS Scanner

client Director or Sensor

High­End 
NT server: Web,
 FTP, TFTP, syslog server Switch

© 2000, Cisco Systems, Inc.  www.cisco.com CSVPN 1.01—1­9

 Participant Introductions

•Your name
•Your company
•Pre­req  skills
•Brief history
•Objective

© 2000, Cisco Systems, Inc.  www.cisco.com CSVPN 1.01—1­10

Lab Topology 
Overview

© 2000, Cisco Systems, Inc.  CSVPN1.01—1­11
 VPN Lab Visual Objective
Server:
 FTP, 
Web, TFTP
NT1 server: 172.30.1.50/24 W2K server:
VPN Client CA Server
 172.31.1.P  172.30.1.51/24

Pod 1 Pod 2
R1 perimeter R2 perimeter
router e0/1 172.30.P.2 /24
Internet 172.30.P.2 /24 e0/1 
router
.1 e0/0 .1 e0/0
RTS Term. Server:
192.168.P.0/24 172.31.1.100 192.168.P.0/24
e0 Outside .2 .5 10.1.P.100 .5 e0 Outside .2
PIX PIX
Firewall VPN  Firewall
Concentrator
e1 Inside .1 .5 .5 e1 Inside .1
10.0.P.0 /24 10.0.P.0 /24
IS IS
Server: Server:
NTP 
NTP server FTP, Web,  FTP, Web, 
server
10.0.P.3 CS ACS CS ACS
10.0.P.3
10.0.P.10 10.0.P.10

© 2000, Cisco Systems, Inc.  www.cisco.com CSVPN 1.01—1­12

Summary

© 2000, Cisco Systems, Inc.  CSVPN1.01—1­13
 Summary

• The objectives of the course, the course 
agenda, and general administrative details 
were explained.
• The lab topology was presented along with the 
basic lab procedures and paradigms used in 
the course.

© 2000, Cisco Systems, Inc.  www.cisco.com CSVPN 1.01—1­14