IPsec cheat sheet

By stretch | Wednesday, April 23, 2008 at 5:36 a.m. UTC

I just uploaded a new cheat sheet on IPsec. This was one of the most difficult cheat sheets I've produced, simply because there is so much material to cover, from the underlying crypto theory to the real-world configuration. However, I'm pleased with the scope I've settled on, and I hope you will be too. This cheat, like many of the others, is CCNP-level and heavily Cisco oriented.

thumbnail.png

I should make one note concerning the configuration pictured: in keeping with the Cisco Press ISCW book, the example config does not involve GRE or VTIs, which are probably more commonly deployed in modern scenarios. Even with VTIs, the configuration isn't too different; you basically just lose the crypto ACL in favor of a dynamic routing protocol(s) and terminate the IPsec tunnel on a tunnel interface.

I'd also like to thank Carl Yost of CCIE Journey for his recent plug of PacketLife. Be sure to head over his way once you've snagged the IPsec cheat sheet!

CCIE_Journey.jpg

About the Author

Jeremy Stretch is a freelance networking engineer, instructor, and the maintainer of PacketLife.net. He currently lives in Fairfax, Virginia, on the edge of the Washington, DC metro area. Although primarily an R&S guy, he likes to get into everything, and runs a free network training lab out of his basement for fun. You can contact him by email or follow him on Twitter.

Posted in Announcements

Leave a Comment


Register to comment as a member. You'll look cooler.

Optional; will not be displayed publicly or given out.

No commercial links. Only personal (e.g. blog, Twitter, or LinkedIn) and/or on-topic links, please.
How long is an IPv6 address, in bits?