Chapter 7. Auto-Configuration Architectures for Site-to-Site IPSec VPNs
In Chapter 5, “IPSec VPN Architectures,” you saw various IPSec VPN architectural models. The IPSec VPN configuration can become quite complex with any architecture, especially as the number of IPSec endpoints becomes significantly large. In this chapter, you will examine mechanisms to alleviate the configuration complexity of a large-scale IPSec VPN. The principle advantage of these mechanisms is the dynamic creation of the IPSec security associations without requiring pre-defined IPSec proxy profiles. This attribute is particularly important when building large full-, partial-, or temporal-mesh topologies. In this chapter, you will explore two mechanisms used to automate ...
Get IPSec VPN Design now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
