SIMOS 1.0: Deploying Cisco IOS Site-to-Site FlexVPN Solutions

Network security engineers and learners preparing for Cisco CCNP Security certification


Expected Duration
102 minutes

Cisco FlexVPN is a new framework to simplify configuration if IKEv2 VPNs on IOS hardware. This course covers the configuration of FlexVPNs in point-to-point and hub-and-spoke topologies. This course is one of a series in the Skillsoft learning path that prepares the learner for Cisco certification exam 300-209 SIMOS. This exam counts toward CCNP Security certification.


Introducing Cisco FlexVPN Solution

  • start the course
  • describe the typical usage scenario for Cisco FlexVPN
  • describe the use of PKI in FlexVPN
  • describe the architecture of FlexVPN
  • describe the features of FlexVPN
  • compare IKEv1 and IKEv2
  • describe the IKE message exchange process for IKEv2
  • describe protection mechanisms in IKEv2 from DoS attacks
  • describe the differences between IKEv1 and IKEv2 in FlexVPN
  • Deploying Point-to-Point FlexVPNs

  • describe the use of FlexVPN in configuring point-to-point VPNs
  • describe the use of IKEv2 Smart Defaults to minimize FlexVPN configuration
  • deploy a point-to-point FlexVPN with IPv4 static routes
  • deploy a point-to-point FlexVPN with OSPF version 3
  • describe the configuration of an advanced router-to-ASA FlexVPN
  • describe IKE configuration in an advanced router-to-ASA FlexVPN
  • configure advanced router-to-ASA FlexVPN
  • verify the functionality of a FlexVPN
  • Deploying Hub-and-Spoke FlexVPNs

  • describe the hub-and-spoke topology for FlexVPNs
  • describe shortcut switching for spoke-to-spoke FlexVPN deployment
  • describe the use of next hop resolution protocol in FlexVPNs
  • configure a FlexVPN spoke in a spoke-to-spoke shortcut scenario
  • Practice: FlexVPN Deployment

  • deploy a point-to-point and hub-and-spoke FlexVPN




    Multi-license discounts available for Annual and Monthly subscriptions.