Tunneling Overview - Cisco FirePOWER ASA 5500 series Configuration Manual
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Configuring IPSec and ISAKMP
This chapter describes how to configure the IPSec and ISAKMP standards to build Virtual Private
Networks. It includes the following sections:
•
•
•
•
•
•
•
•
Tunneling Overview
Tunneling makes it possible to use a public TCP/IP network, such as the Internet, to create secure
connections between remote users and a private corporate network. Each secure connection is called a
tunnel.
The security appliance uses the ISAKMP and IPSec tunneling standards to build and manage tunnels.
ISAKMP and IPSec accomplish the following:
•
•
•
•
•
•
•
The security appliance functions as a bidirectional tunnel endpoint. It can receive plain packets from the
private network, encapsulate them, create a tunnel, and send them to the other end of the tunnel where
they are unencapsulated and sent to their final destination. It can also receive encapsulated packets from
the public network, unencapsulate them, and send them to their final destination on the private network.
OL-10088-01
Tunneling Overview, page 27-1
IPSec Overview, page 27-2
Configuring ISAKMP, page 27-2
Configuring Certificate Group Matching, page 27-9
Configuring IPSec, page 27-11
Clearing Security Associations, page 27-27
Clearing Crypto Map Configurations, page 27-27
Supporting the Nokia VPN Client, page 27-28
Negotiate tunnel parameters
Establish tunnels
Authenticate users and data
Manage security keys
Encrypt and decrypt data
Manage data transfer across the tunnel
Manage data transfer inbound and outbound as a tunnel endpoint or router
C H A P T E R
Cisco Security Appliance Command Line Configuration Guide
27
27-1
Advertisement
Table of Contents
Troubleshooting
