Cisco SECURE 1.0: Site-to-Site VPN Architectures and Technologies

This course is included in our On-demand training solution.


An IP Security (IPSec) virtual private network (VPN) is a VPN that you deploy on a shared infrastructure using IPSec transmission protection technology. You can use site-to-site IPSec VPNs as an alternative to a WAN infrastructure to replace or augment existing private networks that interconnect enterprise sites and use leased-line or enterprise-owned Frame Relay and ATM networks. IPSec VPNs do not inherently change WAN requirements, such as support for multiple WAN Layer 2 protocols, high reliability, and extensive scalability, but instead meet these requirements more cost-effectively and with greater flexibility. This course provides you with configuration, verification, troubleshooting and general deployment guidelines for site-to-site IPSec VPN technologies available in Cisco IOS Software-based routers.

Target Audience

Network professionals responsible for securing and managing their network infrastructures who have CCNA certification, CCNA security certification and a working knowledge of Microsoft Windows operating systems.


Expected Duration

120 min.

Course Objectives

Site-to-Site VPN Topology and Technology

  • recognize how to choose an appropriate site-to-site VPN topology
  • recognize how to choose an appropriate IPSec VPN technology
  • Cryptographic Controls for a Site-to-Site VPNs

  • recognize how to implement IKE for an IPSec configuration
  • choose appropriate VPN cryptographic controls for a particular scenario
  • Implementing a VTI-based Site-to-Site IPSec VPN

  • recognize how to plan the deployment of a VTI-based site-to-site IPSec VPN
  • configure basic IKE peering for a particular scenario using PSKs
  • Verifying and Troubleshooting Basic IKE Peering

  • recognize how to verify basic IKE peering
  • recognize how to troubleshoot basic IKE peering
  • Configuring Static Point-to-Point IPSec VTI Tunnels

  • configure static point-to-point IPSec VTI tunnels
  • Configure VTI-Based Point-to-Point IPSec VPN Tunnel

    Verifying Static Point-to-Point Tunnels

  • verify static point-to-point IPSec VTI tunnels
  • sequence the recommended flow to troubleshoot static point-to-point IPSec VTI tunnels
  • Configuring Dynamic Point-to-Point IPSec VTI Tunnels

  • configure dynamic point-to-point IPSec VTI tunnels
  • Verifying Dynamic Point-to-Point Tunnels

  • verify dynamic point-to-point IPSec VTI tunnels