Appendix C
Memory Tables
Chapter 2
Table 2-3 Comparing VPN Options
Network Design |
DMVPN (mGRE) |
GETVPN (tunnel-less) |
SSL VPN (TLS) |
FlexVPN (DVTI, IKEv2) |
EasyVPN (dynamic Crypto Map/DVTI, IKEv1) |
Static IPsec (Crypto Map, SVTI, IPsec/GRE) |
|---|---|---|---|---|---|---|
Remote access (software client) |
|
|
|
|
|
|
Hub-and-spoke only (hardware client) |
|
|
|
|
|
|
Hub-and-spoke with spoke-and-spoke |
|
|
|
|
|
|
Chapter 3
Table 3-2 Comparison of IKEv1 and IKEv2
Parameter |
IKEv1 |
IKEv2 |
|---|---|---|
|
|
One |
Exchange messages |
Nine for main mode; six for aggressive mode |
|
Authentication methods |
|
|
Authentication |
Both peers use the same authentication |
Each peer can use different authentication (for example, one using PSK and the other using RSA-Sig) |
Number of combinations ... |
Get CCNP Security Virtual Private Networks SVPN 300-730 Official Cert Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
