IPsec Direct Encapsulation VPN Design Guide

IPsec Direct Encapsulation VPN Design GuideShort Description
This design guide evaluates Cisco VPN product performance in scalable and resilient ….. depth in the High Availability for IPsec VPN Design Guide. …

Website: www.cisco.com | Filesize: 753kb

Content
Corporate Headquarters:
Copyright . 2006 Cisco Systems, Inc. All rights reserved.
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
IPsec Direct Encapsulation VPN Design Guide
This design guide provides guidelines and best practices for customer deployments of IP Security (IPsec) direct encapsulation VPNs. It is assumed that the reader has a basic understanding of IPsec.
Contents
Introduction???3
Design Overview???4
Design Components???5
Best Practices and Known Limitations???6
Best Practices Summary???6
Known Limitations Summary???7
Design and Implementation???8
IPsec Direct Encapsulation Deployment???8
Dead Peer Detection???10
Reverse Route Injection???10
Dynamic Crypto Maps???10
Tunnel Initiation???11
VPN High Availability???11
Configuration and Implementation???12
ISAKMP Policy Configuration???12
Dead Peer Detection???13
Reverse Route Injection???14
Static Route Redistribution???14
VPN High Availability (IPsec Failover)???15
HA Design Example???15
Hot Standby Router Protocol???162
IPsec Direct Encapsulation VPN Design Guide
OL-9022-01
Contents
Stateless Failover without HSRP???16
Stateful Failover???17
Stateless Failover with HSRP Configuration???17
Quality of Service???18
IP Multicast???19
Interactions with Other Networking Functions???19
Network Address Translation and Port Address Translation???19
Dynamic Host Configuration Protocol???19
Firewall Considerations???19
Common Configuration Errors???21
Crypto Peer Address Matching Using PSK???21
Transform Set Matches???21
ISAKMP Policy Matching???21
Scalability Considerations???21
General Scalability Considerations???22
IPsec Encryption Throughput???22
Packets Per Second-The Most Important Factor???22
Tunnel Quantity Affects Throughput???23
Headend Scalability???23
Sizing the Headend???23
Tunnel Aggregation Scalability???24
Aggregation Scalability???24
Customer Requirement Aggregation Scalability Case Studies???24
Branch Office Scalability???26
Scalability Test Results (Unicast Only)???27
Scalability Test Methodology???27
Overview???27
Headend Scalability Test Results???29
Branch Office Scalability Test Results???30
Scalability Test Results (AES Compared to 3DES)???30
Failover and Convergence Testing???31
Software Releases Evaluated???32
Scalability Test Bed Configuration Files???33
Cisco 7200VXR Headend Configuration???33
Cisco 7200VXR Headend Configuration???33
Cisco 7600 Headend Configuration???34
ISR Branch Configuration???36
Appendix A-Scalability Test Results for Other Cisco Products???37
Cisco Headend VPN Routers (Legacy)???37…

Get the file Download here

AddThis Social Bookmark Button
Related Books:
  • IPsec Direct Encapsulation VPN Design Guide
  • Multicast over IPsec VPN Design Guide
  • Multicast over IPsec VPN Design Guide
  • Microsoft Windows 2000 IPsec Guide
  • Digi Connect VPN Application Guide
  • FortiGate IPSec VPN User Guide
  • An Executive Guide to VPN TCO - A WatchGuard White Paper
  • USAGI IPv6 IPsec Development for Linux

    • Filed Under VPN, Internet 

    Related Searches:



    Comments

    Leave a Reply