The Design of Cisco Virtual Private Networks

This course is included in our On-demand training solution.


To define the key technologies that enable VPNs and demonstrate how to design site-to-site and remote-access VPNs

Target Audience

System engineers, network designers, and network engineers responsible for designing enterprise-wide networks, which support a wide variety of large scale switching, routing, network management, and security infrastructures; individuals working towards the Cisco Certified Design Professional (CCDP) and Cisco Certified Internetwork Expert (CCIE) qualifications.


A comprehensive knowledge of networking and internetworking design, demonstrating competencies equivalent to CCDA level and CCNP level in routing, switching, remote access technologies, access control and communications, security, and network management solutions, including a detailed working knowledge of current technologies, media, protocols, operating systems, and devices

Expected Duration

180 min.

Course Objectives

The Design of Cisco Virtual Private Networks

  • list the attributes of VPN, define VPN tunneling, and identify the primary security technologies for VPN.
  • list the capabilities offered by scalable VPN concentrators and identify the features that a VPN management solution should support.
  • list the considerations for resiliency and high availability, identify key components, and sequence the steps for the design of site-to-site VPNs.
  • identify design considerations for routing protocol, packet fragmentation, and IPSec security for site-to-site VPNs.
  • outline some site-to-site VPN designs.
  • identify the advantages and design considerations of a remote-access VPN.
  • list the steps in capacity planning for a remote-access VPN and identify issues with NAT.
  • outline example designs for remote-access VPNs.
  • define a VPN solution to meet the requirements of a given enterprise network.