VPNs and VPN Technologies

Chapter Description

This sample chapter defines virtual private networks (VPNs) and explores fundamental Internet Protocol Security (IPSec) technologies. This chapter also covers IPSec crypto components, an overview of IKE, IPSec security, and a certificate authority (CA) support overview.

Review Questions

1. What are the three types of VPNs?

2. What type of VPNs link outside customers, suppliers, partners, or communities of interest to an enterprise customer's network over a shared infrastructure using dedicated connections?

3. IPSec consists of which two components?

4. You configure an IPSec transform set to use AH. Is the data payload encrypted?

5. You want to establish an extranet VPN over the Internet. Which type of IPSec mode (transport or tunnel) would be the best solution in this scenario?

6. Which is the most secure encryption algorithm: DES, 3DES, or Diffie-Hellman?

7. Step one of configuring IPSec is defining interesting traffic. What Cisco IOS feature do you use to define this?

8. With preshared keys, can each of the keys be different or must each be the same (have the same value as the other's public key)?

9. What is used to relay the shared key to the VPN peer?

10. IKE peers authenticate themselves using one of four methods. What are these four methods?