Category Archives: VPN

IKEv2 between IOS routers with certificate authentication

We are about to switch from pre-shared keys IKEv2 authentication to an authentication with digital certificates. Our topology remains the same, but router named SERVER has two more functions. It’s a time server and a CA server: Let’s change our … Continue reading

Posted in Certificates, Cisco, IOS, PKI, VPN | Tagged , , , , , , , | 3 Comments

IKEv2 between IOS routers (SVTI – Static Virtual Tunnel Interface)

Ok, let’s continue our IKEv2 saga… Last time we saw how to do do an IKEv2 tunnel between two IOS routers using crypto maps. This way of configuring IPSec tunnels is ok, but it evolved to SVTI or Static Virtual … Continue reading

Posted in Cisco, IOS, VPN | Tagged , , , , , , | 3 Comments

IKEv2 between two IOS routers (crypto map way)

Up to now, we saw how to do IKEv2 tunnel between two ASA firewalls and IKEv2 tunnel between an ASA firewall and an IOS router. We have solid knowledge about this IKEv2 stuff and because of that, this article will … Continue reading

Posted in Cisco, IOS, VPN | Tagged , , , , | Leave a comment

IKEv2 between ASA firewall and IOS router

In previous blog we saw hot to do a site to site IPSec VPN between two Cisco ASA devices. Using IKEv2 for policies negotiations and tunnel establishment. Now, we will change our scenario a bit so that “Company B” uses … Continue reading

Posted in ASA, Cisco, IOS, VPN | Tagged , , , , , | 7 Comments

IKEv2 between ASA devices

We have many IKEv1 VPN tunnels under our belts. Now more and more devices support version two of that protocol known as IKEv2. Cisco ASA is no different. We won’t discuss all changes and benefits that are brought to us … Continue reading

Posted in ASA, Cisco, VPN | Tagged , , , , | 4 Comments

Renewing Cisco ASA identity certificate

Let’s say that we use certificates for authenticating our VPN connections. It does not matter if they are traditional Cisco IPSec or new AnyConnect clients. If we did not set our PKI infrastructure and ASA for auto enroll, what is … Continue reading

Posted in ASA, Certificates, PKI, VPN | Tagged , , , | 3 Comments

L2TP/IPSec with Windows 8/7 and Cisco ASA 8.x/9.x

Well, Windows 8 is here and we will some day migrate to it. At least we who are using Microsoft OSes. This poses one problem. This problem is not directly attached to W8 itself, but with W8 we begin to … Continue reading

Posted in ASA, Cisco, Microsoft, Security, VPN | Tagged , , , | 28 Comments