This chapter introduces the Cisco IOS FlexVPN server. The FlexVPN server acts as a VPN headend for the remote-access and hub-spoke VPN topologies. The FlexVPN server leverages the IKEv2 configuration and the FlexVPN building blocks discussed in the earlier chapters. It dynamically instantiates a point-to-point tunnel interface for every peer session and leverages AAA to support EAP authentication, AAA-based pre-shared keys, session accounting, and for authorization to derive session policy attributes that are sent to the peer via configuration exchange and/or applied on the session interface. The chapter discusses the features that are relevant to FlexVPN server.
The chapter covers the following main topics