Partial preparation for • Crypto 1.

Describe the purpose and operation of VPNs

CCNA Security Exam – 640-554 IINS
• VPN 2. Differentiate between the various types of VPNs
3. Describe the IPSec protocol and its basic functions
• Simple Lab 4. Differentiate between AH and ESP
5. Describe the IKE protocol and modes
6. Describe the five steps of IPSec operation

1
 Business Partner
with a Cisco Router
Mobile Worker
with a Cisco
VPN Client Business Partner Remote-access
IPSec with a Cisco Router
VPNs
Mobile Worker
with a Cisco
VPN Client

CSA
VPN

SOHO with a Cisco

Internet Firewall VPN
Internet
IPSec MARS
VPN
DSL Router
Corporate SOHO with a Cisco DSL
Router
SOHO with a
Cisco DSL Router
Internet Firewall

WAN
VPN
Network Site-to-Site VPN
IP
VPNs WAN S

• Generic routing encapsulation (GRE)

– Virtual: Information within a private network
VPN
VPN

• Multiprotocol Label Switching (MPLS)

Iron Port CSA
Regional branch with Regional branch with
a VPN enabled is transported over a public network. a VPN enabled
CSA CSA
CSA
CSACSA

Cisco ISR router

– Private: The traffic is encrypted to keep the Cisco ISR router

data confidential. • IPSec Web Email

Server Server DNS

2
 Remote-access
Business Partner
with a Cisco VPNs
Router Hosts send and receive normal
Mobile Worker
TCP/IP traffic through a VPN gateway with a Cisco
VPN Client
MARS
CSA
SSL IPSec
CSA

MARS Applications Web-based applications, file All IP-based applications are

Internet
VP
Firewall sharing, email (if not using full available to the user. The
N Internet Firewall
SOHO with a client). With the full experience is like being on the
Cisco DSL
Router
AnyConnect client, all IP-based local network.
Site-to-Site VPN
VPN
IPS applications, similar to IPsec,
IP
VPNs WAN S are available.

VPN
Iron CSA
Iron Port CSA
Port
Regional branch with CS
a VPN enabled
CSA CSA
CS A CS CSA CSA CSA CSA Encryption Moderate range of key lengths. Stronger range of longer key
A A CSA
Cisco ISR router lengths.
Web Email
Server Server DNS
Web Email
Server Server DNS

3
 Remote Site Central Site Main Site
SSL IPSec
Authentication Moderate, one-way or two- Strong, two-way Business Partner
Internet with a Cisco Router IPsec Perimeter
way authentication using shared Router
authentication. secrets or digital certificates.
Intranet Legacy ASA
Concentrator Firewall
Ease of Use Very high. Moderate. Can be challenging POP
Remote User Regional Office with a ASA
for nontechnical users, and
deployment is more time
Extranet Cisco ASA Firewall

consuming.
Mobile Worker Corporate
• Flexible platform • VPN infrastructure for SOHO with a Cisco
Router
• Resilient clustering contemporary
Overall Security Moderate. Any device can Strong. Only specific devices
• Clientless applications
initially with specific configurations,
connect. such as a VPN client, can • Integrated web-based • Works at the network layer, protecting and authenticating IP packets.
connect.
• AnyConnect – It is a framework of open standards which is algorithm-independent.
management
– It provides data confidentiality, data integrity, and origin authentication.

4
 Least secure Most secure

Least secure Most secure

Key length:
- 56-bits

Key length:
- 56-bits (3 times)
Key length:
- 128-bits
Key lengths:
Diffie-Hellman DH7 Diffie-Hellman -128-bits Key length:
DH7
-192 bits Diffie-Hellman - 160-bits) DH7
-256-bits

Key length:
- 160-bits

5
 Authentication Header
R1 All data is in plaintext.
R2

AH provides the following:

 Authentication
 Integrity

Encapsulating Security Payload

R1 Data payload is encrypted.
R2

ESP provides the following:

 Encryption
Diffie-Hellman
 Authentication
DH7
Diffie-Hellman  Integrity
DH7

6
 R1 R2
Host A Host B
R1 R2
Establish DH Key
10.0.2.3 Host A Host B
10.0.1.3 Private value, XA Private value, XB
Negotiate IKE Proposals
IKE Phase 1 Exchange 10.0.1.3 10.0.2.3 Alice Public value, YA Public value, YB
Bob
YA = g XA mod p YB = gXB mod p
Policy 10 Policy 15
1. Negotiate IKE policy sets DES DES 1. Negotiate IKE policy sets
MD5 MD5 Policy 10 Policy 15
pre-share pre-share
DH1 DH1 DES DES
lifetime lifetime
MD5 MD5 YA
2. DH key exchange 2. DH key exchange
pre-share IKE Policy Sets pre-share
DH1 DH1
lifetime lifetime
YB
3. Verify the peer identity 3. Verify the peer identity
Policy 20
3DES
SHA
pre-share
IKE Phase 2 Exchange DH1 XA XB
lifetime (YB ) mod p = K (YA ) mod p = K
Negotiate IPsec policy Negotiate IPsec policy
Negotiates matching IKE policies to protect IKE exchange A DH exchange is performed to establish keying material.

7
 R1 R2
Host A Host B

Authenticate Peer R1 R2
10.0.1.3 10.0.2.3
Remote Office Corporate Office Host A Host B

IKE Phase 1 Aggressive Mode Exchange

10.0.1.3 Negotiate IPsec 10.0.2.3
Internet 1.Send IKE policy set
Policy 10
DES
MD5
Policy 15
DES
MD5 Security Parameters
and R1’s DH key pre-share pre-share

HR
DH1
lifetime
DH1
lifetime
2. Confirm IKE policy
Servers set, calculate
Peer shared secret and
Authentication 3.Calculate shared
send R2’s DH key • IKE negotiates matching IPsec policies.
secret, verify peer
• Upon completion, unidirectional IPsec Security
Peer authentication methods identify, and confirm
with peer
4. Authenticate peer
and begin Phase 2.
• PSKs Associations(SA) are established for each protocol and
• RSA signatures IKE Phase 2 Exchange algorithm combination.
• RSA encrypted nonces
Negotiate IPsec policy Negotiate IPsec policy

A bidirectional IKE SA is now established.

8
 AH
10.0.1.3 R1 R2 10.0.2.3 ESP
Site 1 IKE Site 2
10.0.1.0/24 10.0.2.0/24
10.0.1.3 R1 R2 10.0.2.3
Site 1 AH
Site 2
1. Host A sends interesting traffic to Host B. ESP
Internet
10.0.1.0/24 IKE 10.0.2.0/24 S0/0/0 S0/0/0
2. R1 and R2 negotiate an IKE Phase 1 session. 10.0.2.3 172.30.1.2 172.30.2.2
10.0.1.3 R1 R2
IKE SA IKE Phase 1 IKE SA R1(config)# access-list 102 permit ahp host 172.30.2.2 host 172.30.1.2
Internet R1(config)# access-list 102 permit esp host 172.30.2.2 host 172.30.1.2
R1(config)# access-list 102 permit udp host 172.30.2.2 host 172.30.1.2 eq isakmp
3. R1 and R2 negotiate an IKE Phase 2 session. S0/0/0 S0/0/0 R1(config)#
172.30.1.2 172.30.2.2 R1(config)# interface Serial0/0/0
IPsec SA IKE Phase 2 IPsec SA R1(config-if)# ip address 172.30.1.2 255.255.255.0
R1(config-if)# ip access-group 102 in
!

4. Information is exchanged via IPsec tunnel.
IPsec Tunnel
5. The IPsec tunnel is terminated.
• Ensure that protocols 50 (ESP), 51 (AH) and UDP port 500 (ISAKMP) R1(config)# exit
R1#
traffic are not blocked by incoming ACLs on interfaces used by IPsec. R1# show access-lists
access-list 102 permit ahp host 172.30.2.2 host 172.30.1.2
access-list 102 permit esp host 172.30.2.2 host 172.30.1.2
access-list 102 permit udp host 172.30.2.2 host 172.30.1.2 eq isakmp
R1#

9
 10.0.1.0/24 10.0.2.0/24
10.0.1.3 R1 R2 10.0.2.3

Internet Default 10.0.1.0/24 10.0.2.0/24

Parameter Keyword Accepted Values Description 10.0.1.3
Site 2 Value R1 R2 10.0.2.3
Site 1 Policy 110
DES Internet
MD5 Tunnel Site 2
Site 1
Preshare des
86400 56-bit Data Encryption Standard
DH1
3des Triple DES R1(config)# R2(config)#
Message encryption
encryption aes 128-bit AES des
algorithm crypto isakmp policy 100 crypto isakmp policy 100
router(config)# aes 192 192-bit AES
hash md5 hash md5
256-bit AES
aes 256 authentication pre-share authentication pre-share
crypto isakmp policy priority
! !
crypto isakmp policy 200 crypto isakmp policy 200
Defines the parameters within the IKE policy sha SHA-1 (HMAC variant) Message integrity
hash sha hash sha hash sha
R1(config)# crypto isakmp policy 110 md5 MD5 (HMAC variant) (Hash) algorithm
authentication rsa-sig authentication rsa-sig
R1(config–isakmp)# authentication pre-share ! !
R1(config–isakmp)# encryption des crypto isakmp policy 300 crypto isakmp policy 300
R1(config–isakmp)# group 1 pre-share preshared keys hash md5 hash md5
authenticatio Peer authentication
R1(config–isakmp)# hash md5 rsa-encr RSA encrypted nonces rsa-sig authentication pre-share authentication rsa-sig
n method
R1(config–isakmp)# lifetime 86400 rsa-sig RSA signatures

1 768-bit Diffie-Hellman (DH) Key exchange

group 2 1024-bit DH 1 parameters (DH
5 1536-bit DH group identifier)

Can specify any number of 86,400 sec ISAKMP-established

lifetime seconds seconds (one day) SA lifetime

10
 router(config)#
10.0.1.0/24
crypto isakmp key keystring address peer-address 10.0.2.0/24
10.0.1.3 R1 R2 10.0.2.3
router(config)#
10.0.1.0/24 10.0.2.0/24 Internet
crypto isakmp key keystring hostname hostname Site 1
10.0.1.3 R1 R2 10.0.2.3 Site 2
Internet R1(config)# crypto isakmp policy 110
Site 1 Site 2 Parameter Description R1(config–isakmp)# authentication pre-share
Policy 110 R1(config–isakmp)# encryption 3des
Preshare R1(config–isakmp)# group 2
3DES Tunnel This parameter specifies the PSK. Use any combination of alphanumeric characters R1(config–isakmp)# hash sha
SHA keystring R1(config–isakmp)# lifetime 43200
DH2
43200
R2 must have an ISAKMP policy up to 128 bytes. This PSK must be identical on both peers.
R1(config-isakmp)# exit
configured with the same parameters. R1(config)# crypto isakmp key cisco123 address 172.30.2.2
R1(config)#
peer- Note:
R1(config)# crypto isakmp policy 110 R2(config)# crypto isakmp policy 100 This parameter specifies the IP address of the remote peer.
R1(config–isakmp)# authentication pre-share R2(config–isakmp)# authentication pre-share
address • The keystring cisco1234 matches.
R2(config)# crypto
R2(config–isakmp)#
isakmp policy 110
authentication pre-share
R1(config–isakmp)# encryption 3des R2(config–isakmp)# encryption 3des R2(config–isakmp)# encryption 3des
R1(config–isakmp)# group 2 R2(config–isakmp)# group 2 • The peer-address or peer-hostname can be used, but must be • The address identity method is R2(config–isakmp)# group 2
This parameter specifies the hostname of the remote peer. specified. R2(config–isakmp)# hash sha
R1(config–isakmp)# hash sha R2(config–isakmp)# hash sha
R1(config–isakmp)# lifetime 43200 R2(config–isakmp)# lifetime 43200
used consistently
hostname This isbetween peers.
the peer hostname concatenated with its domain name (for example, • The ISAKMP policies are compatible. R2(config–isakmp)# lifetime 43200
R2(config-isakmp)# exit
• If the peer-hostname
myhost.domain.com).
is used, then the crypto isakmp • Default values do not have to be R2(config)# crypto isakmp key cisco123 address 172.30.1.2
configured. R2(config)#
identity hostname command must also be configured.

11
 router(config)# Host A Host B Host A
R1 172.30.1.2 R2
crypto ipsec transform–set transform-set-name R1
Internet
transform1 [transform2] [transform3]] 10.0.1.3 10.0.2.3 Internet
172.30.2.2
crypto ipsec transform-set Parameters
1
transform-set ALPHA transform-set RED
Description esp-3des 2 esp-des Outbound
Command Encrypt
tunnel tunnel Traffic
3 Bypass (Plaintext)
This parameter specifies the name of the transform set 4
transform-set-name transform-set BETA transform-set BLUE
to create (or modify). esp-des, esp-md5-hmac 5 esp-des, ah-sha-hmac Permit Inbound
Traffic
tunnel 6 tunnel Bypass
7

transform-set CHARLIE 8 transform-set YELLOW

Type of transform set. You may specify up to four esp-3des, esp-sha-hmac 9 Match esp-3des, esp-sha-hmac Discard (Plaintext)
transform1, "transforms": one Authentication Header (AH), one tunnel tunnel
transform2, transform3
Encapsulating Security Payload (ESP) encryption, one • Outbound indicates the data flow to be protected by IPsec.
ESP authentication.
A transform set is a combination of IPsec These transforms
transforms thatdefine
enact theaIP • Transform sets are negotiated during IKE Phase 2.
• Inbound filters and discards traffic that should have been
security policy for traffic. Security (IPSec) security protocols and algorithms. • The 9th attempt found matching transform sets (CHARLIE - YELLOW). protected by IPsec.

12
 Site 1 Site 2
10.0.1.0/24 10.0.2.0/24
10.0.1.3 R1 R2
10.0.2.3
Internet
S0/0/0 S0/0/0
172.30.1.2 172.30.2.2
Site 1 Site 2 Site 1 Site 2
10.0.1.0/24 10.0.2.0/24
R1 R2
router(config)# 10.0.1.3 R1 R2 10.0.2.3
access-list access-list-number [dynamic dynamic-name [timeout minutes]]{deny |
permit} protocol source source-wildcard destination destination-wildcard
Internet Internet
S0/0/0 S0/0/0
[precedence precedence] [tos tos] [log] 172.30.1.2 172.30.2.2
S0/1 10.0.1.3 10.0.2.3

access-list access-list-number Parameters

access-list access-list-number Description Applied to R1 S0/0/0 outbound traffic:
Crypto maps define the following:
Command R1(config)# access-list 110 permit tcp 10.0.1.0 0.0.0.255 10.0.2.0 0.0.0.255  ACL to be used
This option causes all IP traffic that matches the specified conditions to be protected by
cryptography, using the policy described by the corresponding crypto map entry.
(when evaluating inbound traffic– source: 10.0.2.0, destination: 10.0.1.0)  Remote VPN peers Encrypted Traffic
permit
 Transform set to be used
This option instructs the router to route traffic in plaintext. Applied to R2 S0/0/0 outbound traffic:
deny
R2(config)# access-list 101 permit tcp 10.0.2.0 0.0.0.255 10.0.1.0 0.0.0.255
 Key management method Router
This option specifies which traffic to protect by cryptography based on the protocol, Interface
protocol
such as TCP, UDP, or ICMP. If the protocol is IP, then all traffic IP traffic that matches
that permit statement is encrypted.
 SA lifetimes or Subinterface
(when evaluating inbound traffic- source: 10.0.1.0, destination: 10.0.2.0)

If the ACL statement is a permit statement, these are the networks, subnets, or hosts
between which traffic should be protected. If the ACL statement is a deny statement,
source and destination then the traffic between the specified source and destination is sent in plaintext.

13
router(config)#
crypto map map-name seq-num ipsec-manual Site 1 Site 2
10.0.1.0/24 10.0.2.0/24
R1 R2
crypto map map-name seq-num ipsec-isakmp [dynamic dynamic-map-name] Command Description 10.0.1.3
10.0.2.3
Internet
Used with the peer, pfs, transform-set, and security-association S0/0/0
crypto map Parameters
set commands. 172.30.2.2

Command Parameters Description peer [hostname | ip- R3

Specifies the allowed IPsec peer by IP address or hostname.
address]
Defines the name assigned to the crypto map set or indicates the name of the crypto S0/0/0
map-name map to edit. 172.30.3.2
pfs [group1 | group2] Specifies DH Group 1 or Group 2.
seq-num The number assigned to the crypto map entry.

Indicates that ISAKMP will not be used to establish the IPsec SAs. R1(config)# crypto map MYMAP 10 ipsec-isakmp
ipsec-manual Specify list of transform sets in priority order. When the ipsec-manual R1(config-crypto-map)# match address 110
transform-set parameter is used with the crypto map command, then only one transform set
R1(config-crypto-map)# set peer 172.30.2.2 default
Indicates that ISAKMP will be used to establish the IPsec SAs. can be defined. When the ipsec-isakmp parameter or the dynamic parameter
ipsec-isakmp [set_name(s)] is used with the crypto map command, up to six transform sets can be R1(config-crypto-map)# set peer 172.30.3.2
specified. R1(config-crypto-map)# set pfs group1
(Default value) Indicates that CET will be used instead of IPsec for protecting the
cisco R1(config-crypto-map)# set transform-set mine
traffic.
R1(config-crypto-map)# set security-association lifetime seconds 86400
(Optional) Specifies that this crypto map entry references a preexisting static crypto
map. If this keyword is used, none of the crypto map configuration commands are
security-association
dynamic Sets SA lifetime parameters in seconds or kilobytes.
available. lifetime Multiple peers can be specified for redundancy.
(Optional) Specifies the name of the dynamic crypto map set that should be used as
dynamic-map-name the policy template. match address [access- Identifies the extended ACL by its name or number. The value should match
the access-list-number or name argument of a previously defined IP-extended
list-id | name] ACL being matched.

no Used to delete commands entered with the set command.

exit Exits crypto map configuration mode.

14
 Site 1 Site 2
10.0.1.0/24 10.0.2.0/24
10.0.1.3 R1 R2
10.0.2.3
Site 1 Site 2 Internet
10.0.1.0/24 10.0.2.0/24 S0/0/0 S0/0/0
R1 R2 Show Command Description 172.30.1.2 172.30.2.2
10.0.1.3
10.0.2.3 router#
Internet show crypto map Displays configured crypto maps
S0/0/0
172.30.1.2
S0/0/0
172.30.2.2
show crypto map
show crypto isakmp policy Displays configured IKE policies Displays the currently configured crypto maps
MYMAP R1# show crypto map
Crypto Map “MYMAP" 10 ipsec-isakmp
router(config-if)# show crypto ipsec sa Displays established IPsec tunnels Peer = 172.30.2.2
Extended IP access list 110
crypto map map-name
access-list 102 permit ip host 10.0.1.3 host 10.0.2.3
show crypto ipsec Displays configured IPsec transform Current peer: 172.30.2.2
R1(config)# interface serial0/0/0 transform-set sets Security association lifetime: 4608000 kilobytes/3600 seconds
R1(config-if)# crypto map MYMAP PFS (Y/N): N
Transform sets={ MYSET, }
debug crypto isakmp Debugs IKE events
• Applies the crypto map to outgoing interface
• Activates the IPsec policy
Debugs IPsec events
debug crypto ipsec

15
 Site 1 Site 2 Site 1 Site 2
10.0.1.0/24 10.0.2.0/24 Site 1 Site 2 10.0.1.0/24 10.0.2.0/24
10.0.1.3 R1 R2 10.0.1.0/24 10.0.2.0/24
10.0.1.3 R1 R2
10.0.2.3 10.0.1.3 R1 R2 10.0.2.3
Internet 10.0.2.3 Internet
router#
S0/0/0
172.30.1.2
S0/0/0 Internet S0/0/0 S0/0/0
172.30.2.2 S0/0/0 S0/0/0 172.30.1.2 172.30.2.2
172.30.1.2 172.30.2.2
show crypto isakmp policy

show crypto ipsec transform-set

R1# show crypto ipsec sa
R1# show crypto isakmp policy Interface: Serial0/0/0
Protection suite of priority 110
Displays the currently defined transform sets Crypto map tag: MYMAP, local addr. 172.30.1.2
encryption algorithm: 3DES - Data Encryption Standard (168 bit keys). local ident (addr/mask/prot/port): (172.30.1.2/255.255.255.255/0/0)
hash algorithm: Secure Hash Standard R1# show crypto ipsec transform-set remote ident (addr/mask/prot/port): (172.30.2.2/255.255.255.255/0/0)
authentication method: preshared Transform set AES_SHA: { esp-128-aes esp-sha-hmac } current_peer: 172.30.2.2
Diffie-Hellman group: #2 (1024 bit) PERMIT, flacs={origin_is_acl,}
lifetime: 86400 seconds, no volume limit will negotiate = { Tunnel, }, #pkts encaps: 21, #pkts encrypt: 21, #pkts digest 0
Default protection suite #pkts decaps: 21, #pkts decrypt: 21, #pkts verify 0
encryption algorithm: DES - Data Encryption Standard (56 bit keys). #send errors 0, #recv errors 0
hash algorithm: Secure Hash Standard local crypto endpt.: 172.30.1.2, remote crypto endpt.: 172.30.2.2
authentication method: Rivest-Shamir-Adleman Signature path mtu 1500, media mtu 1500
Diffie-Hellman group: #1 (768 bit) current outbound spi: 8AE1C9C
lifetime: 86400 seconds, no volume limit

16
 router#
debug crypto isakmp
• Integrated security and routing
1d00h: ISAKMP (0:1): atts are not acceptable. Next payload is 0 1d00h: ISAKMP (0:1); no
offers accepted!
1d00h: ISAKMP (0:1): SA not acceptable! • Browser-based full network SSL VPN access
1d00h: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Main Mode failed with peer at 172.30.2.2

SSL VPN
Internet
• This is an example of the Main Mode error message. Headquarters
• The failure of Main Mode suggests that the Phase I policy
does not match on both sides.
• Verify that the Phase I policy is on both peers and ensure that
SSL VPN
all the attributes match.
Tunnel
Workplace
Resources

17
18
• Negotiates tunnel parameters
• Establishes tunnels according to set parameters
• Automatically creates a NAT / PAT and associated ACLs
• Authenticates users by usernames, group names,
and passwords
• Manages security keys for encryption and decryption
• Authenticates, encrypts, and decrypts data through the tunnel

19
• Packet Tracer labs up on Moodle • Test Week
• Covers content of all 5 weeks
• ~10 questions on each week
• Pass – 70% for Certificate of Completion

20