Troubleshooting Virtual Private Networks (VPN)

Book

This publication currently is not for sale.

Save more by becoming a member.
Corporate, Academic, and Employee Purchases
International Buying Options

Online access to books, videos, and tutorials from Addison Wesley, Prentice Hall, Cisco Press, IBM Press, O'Reilly Media and others - starting as low as $22.99. Learn more and start a free trial.

By Mark Lewis.
Published by Cisco Press.
Series: Networking Technology.

Published: May 27, 2004
Copyright 2004
Dimensions: 7-3/8" x 9-1/8"
Pages: 840
Edition: 1st

Book
ISBN-10: 1-58705-104-4
ISBN-13: 978-1-58705-104-3
eBook
ISBN-10: 1-58705-366-7
ISBN-13: 978-1-58705-366-5

CCNP Wireless IUWMS Quick Reference: Implementing Location-Based Services: By Jerome Henry.; Jul 20, 2010
CCIE Routing and Switching Practice Lab 3—The VPN Lab: By Martin J. Duggan.; Jul 14, 2010
Network Security Auditing Tools and Techniques: By Chris Jackson.; Jun 29, 2010

Safari Bookshelf Titles

Cisco DCUCI Quick Reference (eBook): By James Casaletto, Jeremy Moulton.; Jul 28, 2010

Implementing Cisco IP Routing (ROUTE) Foundation Learning Guide: Foundation learning for the ROUTE 642-902 Exam: By Diane Teare.; Jun 28, 2010

Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide: Foundation learning for SWITCH 642-813: By Richard Froom, Balaji Sivasubramanian, Erum Frahim.; Jun 21, 2010

More Information

Description Downloads Extras Reviews Sample Content

Product Description

Master advanced troubleshooting techniques for IPSec, MPLS Layer-3, MPLS Layer-2 (AToM), L2TPv3, L2TPv2, PPTP, and L2F VPNs

Learn the step-by-step, end-to-end methodology essential for troubleshooting virtual private networks (VPNs)
Gain the in-depth knowledge necessary for fast and efficient troubleshooting of IPSec, MPLS Layer-3, MPLS Layer-2 (AToM), L2TPv3, L2TPv2, PPTP, and L2F VPNs
Master advanced troubleshooting tools and techniques for all applicable VPN types
Debug and fix IPSec site-to-site and remote access VPN issues, such as IKE (ISAKMP) phase 1 and phase 2 negotiation failure, ESP and AH traffic drops, certificate enrollment failures, and maximum transmission unit (MTU) problems
Locate and resolve MPLS Layer-3 VPN problems, such as those involving route exchange and label switched path (LSP) failure, MPLS VPN over traffic engineering tunnels, and Multicast VPNs (MVPN)
Discover solutions for issues in AToM and L2TPv3-based Layer-2 VPNs, including pseudowire setup failures, attachment circuit problems, and MTU issues
Obtain answers for L2TPv2, PPTP, and L2F control connection establishment, session setup, PPP negotiation, and VPN performance issues
Refer to specially designed flowcharts to identify issues and find solutions fast
Consolidate VPN troubleshooting knowledge through bonus hands-on labs
Read and understand detailed analysis of all relevant VPN show and debug command output

Troubleshooting Virtual Private Networks presents a systematic troubleshooting methodology for network engineers, administrators, and architects tasked with managing and deploying Cisco IOS VPNs. With eight self-contained chapters designed to facilitate rapid and straightforward troubleshooting, this book provides detailed information on addressing all common and not-so-common issues with IPSec VPNs, MPLS Layer-3 VPNs, Any Transport over MPLS (AToM)-based Layer-2 VPNs, L2TP Version 3 (L2TPv3)-based Layer-2 VPNs, L2TP Version 2 (L2TPv2) VPNs, PPTP VPNs, and L2F VPNs. This book not only shows you how to correct problems but also how to avoid them in the first place with expert VPN configuration guidance and optimization tips.

Each chapter in Troubleshooting Virtual Private Networks includes a step-by-step, end-to-end troubleshooting approach to a different VPN technology. In-depth technical discussions and configuration reviews orient you to the VPN technology and get you ready to work. To help you access the answers you need, you'll find flowcharts in each chapter that provide a roadmap for rapid issue resolution. Solutions to complex or unusual issues can be found in case studies at the end of each chapter, along with review questions that test your knowledge. Bonus troubleshooting labs are also included to help you consolidate the skills learned throughout the book.

Whether you are looking to update or hone your skills, Troubleshooting Virtual Private Networks is your first and last reference for mastering advanced VPN troubleshooting.

This book is part of the Networking Technology Series from Cisco Press¿ which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.

Downloads

Lab configurations prepared by the author to be used in conjunction with the book
Download - 58.4 KB - TroubleshootingVPNsLabs.zip

Tips

Tips for troubleshooting Virtual Private Networks
Mark Lewis

Virtual private networking technologies are many and varied. There are, however, a number of tips that will aid in the troubleshooting all of these technologies.

Baseline your network
Make sure that you baseline the performance of your network. Collect information and statistics such as utilization, latency, and error rates. This will enable you to quickly recognize any issues that crop up on your network.

Know your VPN technology
Fast and efficient troubleshooting of VPN technologies requires a good knowledge of the technologies themselves. It's too late to acquire this knowledge when things go wrong, so make sure you acquire it in advance!

Adopt a systematic approach
Virtual private network technologies are complex, and therefore require a systematic approach to troubleshooting.

Some VPN technologies such as L2TPv2 require an asymmetrical approach to troubleshooting. In this case, you should begin on the tunnel-initiating device, and methodically troubleshoot tunnel setup to the tunnel-terminating device.

Other VPN technologies such as MPLS require a symmetrical approach to troubleshooting. In this case, you should begin troubleshooting on the ingress provider edge (PE) router (or attached customer edge (CE) router), and methodically troubleshoot to the egress PE router (or connected CE router). You should then begin troubleshooting in the opposite direction.

Understand your troubleshooting tools
Ensure you have a good understanding of the troubleshooting tools available to you.

If you are troubleshooting MPLS VPNs, you'll need to familiarise yourself with the output of the show ip cef, show mpls, and show ip bgp vpnv4 vrf commands, for example.

Make sure you also understand the impact of debug commands on the network device, as well as methods of alleviating their effect. For example, you should consider using the debug condition command to limit the output of certain debug commands.

Praise For Troubleshooting Virtual Private Networks (VPN)

Review by Paul Miller, SCE, CNX
Review by Alan Sardella, CCNP

Index

Download - 380 KB -- Index

Introduction.

Basic Troubleshooting Methodology. reparatory Steps: Baselining Your Network. What to Do When Problems Occur. Open Systems Interconnection Model. End-to-End, Bottom-Up (or Top-Down) Troubleshooting. Troubleshooting Tools. Summary.

1. Troubleshooting Layer Two Forwarding Protocol VPNs.

Technical Overview of L2F. Configuring L2F. Troubleshooting L2F. Case Studies. Additional Commands for Troubleshooting. Error Messages. show and debug Command Summary. Review Questions. Troubleshooting Practice Labs.

2. Troubleshooting Point-to-Point Tunneling Protocol VPNs.

Technical Overview of PPTP. Configuring PPTP. Troubleshooting PPTP. Case Studies. Additional Troubleshooting Commands. show and debug Command Summary. Review Questions.

3. Troubleshooting the Layer 2 Tunneling Protocol Version 2 VPNs.

L2TPv2 Technical Overview. Case Studies. Additional L2TP Troubleshooting Commands. Error Messages. show and debug Command Summary. Review Questions. L2TP Troubleshooting Practice Labs.

4. Troubleshooting L2TPv3 Based VPNs.

Technical Overview of L2TPv3. Configuring L2TPv3. Troubleshooting L2TPv3. Other Commands. Command Summary. Review Questions.

5. Troubleshooting Multiprotocol Label Switching Layer 3 VPNs.

Technical Overview. Configuring MPLS VPNs. Configuring MVPNs. Configuring TE Tunnels to Carry MPLS VPN Traffic. Troubleshooting MPLS VPNs. Case Studies. Additional Troubleshooting Commands. show and debug Command Summary. Review Questions. MPLS VPN Troubleshooting Practice Labs.

6. Troubleshooting Any Transport over MPLS Based VPNs.

Technical Overview of AtoM. Configuring AtoM. Troubleshooting AtoM. Other AToM Troubleshooting Commands. Troubleshooting AToM: Command Summary. Review Questions.

7.Troubleshooting IPSec VPNs.

Technical Overview of IPSec. Configuring IPSec VPNs. Troubleshooting IPSec VPNs. Case Studies. Additional Troubleshooting Commands. show and debug Command Summary. Review Questions. Practice Labs.

Appendix A: view Questions and Answers.

Chapters 2-8 Review Questions & Answers.

Appendix B: Lab Instructions and Solutions.

Setting Up Your Routers and Loading the Configuration Files. Chapter 2: L2F Troubleshooting Lab Solutions. Chapter 4: L2TPv2 Troubleshooting Lab Solutions. Chapter 6: MPLS Layer 3 VPN Troubleshooting Lab Solutions. Chapter 8: IPSec Troubleshooting Lab Solutions.

Index

Downloadable Sample Chapter

Download - 587 KB -- Excerpt from Chapter 6: Troubleshooting Multiprotocol Label Switching Layer 3 VPNs