IPSec and NAT on CCNP

JackaceJackace Senior MemberMember Posts: 335
Just wondering how much of this is needed on the CCNP Route exam? I understand the concepts pretty well, but when it comes to configuring both I'm a little rusty.

Comments

  • SecurityThroughObscuritySecurityThroughObscurity Senior Member Member Posts: 212 ■■■□□□□□□□
  • instant000instant000 Senior Member Member Posts: 1,745
    According to the objectives posted at cisco.com:
    • Describe basic VPN technologies
    source: 642-902 ROUTE - IT Certification and Career Paths - Cisco Systems


    If you look in the ROUTE Lab Manual:
    Chapter 7 Lab 7-1, Configure Routing Facilities to the Branch Office:

    Objectives
    • Configure NAT.
    • Configure an IPsec VPN.
    • Configure a GRE tunnel over IPsec.
    • Enable dynamic routing over a GRE tunnel.
    • Verify the configuration and operation using show and debug commands.
    source: https://learningnetwork.cisco.com/servlet/JiveServlet/previewBody/10182-102-1-37273/CCNP%20ROUTE%206.0%20SLM.pdf

    I will not say whether or not this is covered on this test (as I took the ROUTE exam already). However, I will say that you are HIGHLY advised to KNOW the PROTOCOLS and PRACTICE ALL the scenarios covered in the ROUTE Lab Manual.

    Hope this helps.
    Currently Working: CCIE R&S
    LinkedIn: http://www.linkedin.com/in/lewislampkin (Please connect: Just say you're from TechExams.Net!)
  • lrblrb Senior Member Member Posts: 526
    Basiclly, know how to configure a site to site IPSec VPN and pop a GRE tunnel over the top of it and why this is even a good idea
  • JackaceJackace Senior Member Member Posts: 335
    Thanks for the info everyone. The main reason I asked the question is I have the CCNP Route Lab manual and I read the following note:

    "Note: How to configure an IPsec VPN is beyond the scope of this lab. For more information on cryptography, IPsec VPNs, and GRE, see the Cisco Networking Academy CCNA Security courses or www.cisco.com."

    I took the CCNA Security and I remember these topics, but I'm a little rusty and just wondered how true the above quote is when taking the test.
  • Danielh22185Danielh22185 Senior Member Member Posts: 1,195 ■■■■□□□□□□
    I haven't got to this point in my studies yet. Is this stuff that is covered more in 'Branch Internet Connections' section of OCG? That will be what I hit next after IPv6.
    Currently Studying: IE Stuff...kinda...for now...
    My ultimate career goal: To climb to the top of the computer network industry food chain.
    "Winning means you're willing to go longer, work harder, and give more than anyone else." - Vince Lombardi
  • instant000instant000 Senior Member Member Posts: 1,745
    JackAce:

    I see that same text, on page 308/352 in the manual.

    Also, I see this on page 300:
    Note: The intent of this lab is to illustrate the impact on routing services and addressing schemes when deploying IPsec VPNs at branch office routers. Although sample configurations are provided, detailed
    explanations of Network Address Translation (NAT), IPsec VPNs, and GRE are beyond the scope of this
    course. For more details on these technologies, see the Cisco Networking Academy CCNA Security course or
    Cisco Systems, Inc.


    I just want to caution against doing the minimum. I remember this test. There was a good bit on it, from BGP, EIGRP, OSPF, Path Control, IP-SLA, IPv6, Route Maps, I think NAT was on there somehow, Redistribution, how the protocols work in different network types, etc. A good bit of stuff, I would guess.

    I wouldn't want you to go in under-prepared, is all.
    Currently Working: CCIE R&S
    LinkedIn: http://www.linkedin.com/in/lewislampkin (Please connect: Just say you're from TechExams.Net!)
  • Vasco_exeVasco_exe Junior Member Registered Users Posts: 1 ■□□□□□□□□□
    I am trying to install ipsec vpn in a cisco router remotely. I am facing some problem with that.. is there anybody who can help me with this. Dont know where i should post this. thats the reason i am send this as reply.
    thanks
    Vasco
  • JackaceJackace Senior Member Member Posts: 335
    instant000 wrote: »
    JackAce:

    I see that same text, on page 308/352 in the manual.

    Also, I see this on page 300:




    I just want to caution against doing the minimum. I remember this test. There was a good bit on it, from BGP, EIGRP, OSPF, Path Control, IP-SLA, IPv6, Route Maps, I think NAT was on there somehow, Redistribution, how the protocols work in different network types, etc. A good bit of stuff, I would guess.

    I wouldn't want you to go in under-prepared, is all.

    Yep I asked because I don't want to be under-prepared myself.
  • instant000instant000 Senior Member Member Posts: 1,745
    Vasco_exe wrote: »
    I am trying to install ipsec vpn in a cisco router remotely. I am facing some problem with that.. is there anybody who can help me with this. Dont know where i should post this. thats the reason i am send this as reply.
    thanks
    Vasco
    Vasco:

    You'd be best served to post that in the CCNP-Security or the CCNA-Security forums. If you can't make a new thread, try to find one about making a VPN in the CCNP-Security or CCNA-Security forum, and we'll assist you there.

    I am not sure what the requirement is, before one can make new threads.
    Currently Working: CCIE R&S
    LinkedIn: http://www.linkedin.com/in/lewislampkin (Please connect: Just say you're from TechExams.Net!)
Sign In or Register to comment.