Implementing and Verifying an IPsec Site-to-Site VPN in Cisco IOS Devices

In this section, we take the information from our planning in the previous section to implement, verify, and troubleshoot the VPN using a combination of Cisco Configuration Professional (CCP) and the command-line interface (CLI).

In earlier chapters, we discussed important resources such as Network Time Protocol (NTP) and certificate authorities (CA). Because we chose to implement RSA-Signatures for this customer, we want to implement NTP as one of our first steps. This is because when exchanging certificates during IKEv1 Phase 1, if R1 thinks the year is 2040, and the certificate it just received from R2 is listed as being valid from 2012 through 2016, R1 will reject ...

Get Santos:CCNA Sec 210-260 OCG now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.