Course: VPN section 2
November 3, 2013 | By Boyd |
Course Outline
Day 1: Common ASA VPN Configurations
- ASA VPN licensing requirements.
- AnyConnect 3.0 Mobility (VPN, NAM, Web Sec (ScanSafe), and Telemetry)
- Implementing ASA VPN connection profiles, group policies, and user policies.
- Implementing SCEP proxy operations using Cisco ASDM.
- Local and external VPN authorization using ASDM.
- VPN session accounting using ASDM.
- Cisco Secure Desktop and Independent Host Scan operations with ASDM.
- Implementing DAP operations using ASDM.
- Secure Sockets Layer (SSL) VPNs using ASDM.
- Implementing certificate maps using ASDM.
- Identify the ASA IPv6 VPN capabilities
- Verifying CLI commands from the various VPN configurations on the ASA.
Day 2: ASA IP SEC S2S VPN and EZVPN
- Implementing a high-level security design using ASA IPSec S2S VPN features.
- Configuring basic IPSEC S2S VPN operations with PSK and digital certificates.
- Implementing basic IKEv2 based IPSEC S2S VPN operations.
- Troubleshooting IPSec S2S VPN.
- Implementing basic EZVPN server operations on the ASA using ASDM.
Day 3: EZVPN Remote Operations and ASA AnyConnect SSL VPNs
- Implementing AnyConnect 3.0 IKEv2 RA VPN operations.
- Implementing Client Services Server (CSS) features.
- Troubleshooting IPSec RA VPNs.
- DTLS operations using ASDM.
- Configuring AnyConnect 3.0 full-tunnel SSL VPN operations.
- Troubleshooting AnyConnect SSL VPN operations using DART.
- Implementing AnyConnect Profiles using ASDM.
- Advanced authentication in AnyConnect Full Tunnel SSL VPNs.
- Troubleshooting SSL VPN applications.
Day 4-5: ASA Clientless SSL VPNs and High Availability
- Implementing basic Clientless SSL VPN operations using ASDM.
- Implementing advanced applications access using ASDM.
- SSO features on the ASA in a clientless SSL VPN environment.
- Advanced authentication in clientless SSL VPNs.
- Managing the clientless SSL VPN user interface and portal using ASDM.
- Basic portal customization.
- Troubleshooting Clientless SSL VPN applications due to misconfiguration.
- Implementing SSL and IPSEC VPN high availability features.