Here we will see how to configure simple Site-to-Site Hub and Spoke IPsec tunnel between Cisco Firepower Threat Defense NGFW and a Router at remote sites. I configure the FTD by using FMC in sepa...
Dual HUB Single Cloud HUB2 Configuration Let’s bring up the second Hub by using similar config like on HUB1. csr2_hub2(config)# interface Tunnel0 csr2_hub2(config-if)# ip address 10.1.1.2 255....
DMVPN PHASE 3 Theory Continuing on , let’s see the basic difference between Phase 3 and Phase 2 in theory first. Phase 2 DMVPN packet forwarding is being done using IP routing table, all next-h...
DMVPN is an overlay hub and spoke transport technology where hub acts like centralized control plane leveraging the NHRP (Next hop resolution protocol) protocol which is used to register/map the...
GRE (Generic Routing Encapsulation) is tunneling mechanism which uses IP for transport and it can encapsulate and carry other protocols over the tunnel. The tunnels are like p2p links. For exampl...
Continuing the IPsec story, this time there will be Router to ASA firewall Crypto Map IPsec configuration. Also we will see how NAT affects the traffic while using IPsec. csr1_1 csr1(config-if)...
I’ll just briefly write about IKE and ISAKMP from theory side, you can always dig up more on the internet. I’ve also written more theory on IPsec on my old blog post regarding IPsec between Sonic...
Continuing on from previous post, let’s start this one by configuring IGP protocol between PE and P routers so we can do LDP and BGP adjacencies over the underlay IGP, in our case we will use OS...
Our goal as we said previously in this lab is to connect remote customer sites so that they can communicate privately over the Service Providers network. This is where BGP/MPLS VPNs come in, sep...
VPN Virtual Private Networks provide users the ability to connect remote sites and having a private network over some shared infrastructure. IPsec VPNs provide data confidentiality, data authentic...