IKEv1, IKEv2, GETVPN, GRE, SVTI, IPSEC Profile and Crypto Map

IKEv1, IKEv2, GETVPN, GRE, SVTI, IPSEC Profile and Crypto Map


Get 30% off ITprotv.com with: You can use promo code: OSCAROGANDO2 Follow Me on Twitter: https://twitter.com/CCNADailyTIPS

In computing, Internet Key Exchange (IKE, sometimes IKEv1 or IKEv2, depending on version) is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP.[1] IKE uses X.509 certificates for authentication ‒ either pre-shared or distributed using DNS (preferably with DNSSEC) ‒ and a Diffie–Hellman key exchange to set up a shared session secret from which cryptographic keys are derived.[2][3] In addition, a security policy for every peer which will connect must be manually maintained

GETVPN:

Cisco Group Encrypted Transport VPN, eliminates the need for compromise between network intelligence and data privacy in private WAN environments. Service providers can finally offer managed encryption without a provisioning and management nightmare since GET VPN simplifies the provisioning and management of VPN. GET VPN defines a new category of VPN, one that does not use tunnels.

GRE:

Generic Routing Encapsulation (GRE) is a protocol that encapsulates packets in order to route other protocols over IP networks. GRE is defined by RFC 2784. GRE was developed as a tunneling tool meant to carry any OSI Layer 3 protocol over an IP network.

SVTI:

Cisco started offering an alternative for configuring IOS based VPN’s. This method is called SVTI, or static virtual tunnel interfaces. SVTI is one category of VTI that is basically a configuration alternative for Lan to Lan VPNs. There is also a variant called DVTI, or dynamic virtual tunnel interface, that is a alternative for remote access VPNs. From the perspective of the wire, SVTI based VPN packets look similar to traditional “crypto-map” based VPN traffic. However, the configuration is based on a virtual interface as opposed to using crypto map based configuration. This virtual interface gives some distinct advantages.

IPSEC Profile:

“A major difference is that GRE tunnels allow multicast packets to traverse the tunnel whereas IPSec VPN does not support multicast packets.”

Comments


Books
Nothing here yet!!