Index
[SYMBOL]
[A]
[B]
[C]
[D]
[E]
[F]
[G]
[H]
[I]
[K]
[L]
[M]
[N]
[O]
[P]
[Q]
[R]
[S]
[T]
[U]
[V]
[W]
[X]
[Z]
SAD (Security Association Database)
SAR (Segmentation and Reassembly) sublayer (AAL)
SAs (security associations)
defined
IKE, configuring
L2TP/IPsec
management
IKEv1
IKEv2
manual
NAT/PAT timeouts
permit statements
scaling IPsec VPNs
authentication
digital signatures
encrypted nonces
preshared keys
configuration complexity, reducing
DMVPN
advantages
hub site gateways, configuring
operation of
overview
sample topology
spoke site gateways, configuring
overview
TED
tunnels required, reducing
SCEP (Simple Certificate Enrollment Protocol)
CAs
defined
SDU (Service Data Unit)
secondary-color command
secret keys (Diffie-Hellman)
Secure Desktop
[See installing, Cisco Secure Desktop.]
Secure Desktop General module (Cisco Secure Desktop)
Secure Hash Algorithm
IKE
IPsec
Secure Sockets Layer
[See authentication, SSL remote access VPNs.]
security
AH
Cisco Secure Desktop
Cache Cleaner Settings (Mac/Linux)
Cache Cleaner Settings (Windows)
enabling
installing
location criteria
Secure Desktop settings
VPN Feature Policy settings
ESP
IPsec 2nd
L2TP
split tunneling
Security Association Database (SAD)
security associations
[See IPsec VPNs, SAs.]
security gateway, defined
Security Policy Database (SPD)
Segmentation And Reassembly (SAR) sublayer (AAL)
ServerHello SSL/TLS handshake protocol message 2nd 3rd 4th
ServerHelloDone SSL/TLS handshake protocol message 2nd
ServerKeyExchange SSL/TLS handshake protocol message
Service Data Units (SDU)
service policy command
service provider provisioned VPNs
overview
site-to-site
Service Specific Convergence Sublayer
service-policy input command
Session ID field (L2TPv3 data channel messages)
session keys
IPsec
manual
session messages, LDP
sessions (L2TPv3)
overview
setup
teardown
set ip dscp tunnel command 2nd
set ip precedence tunnel command 2nd
set isakmp-profile command
set mpls experimental imposition value command
set nat demux command
set peer command
set pfs command
set security-association level per-host command
set transform-set command 2nd 3rd
Set-Link-Info
set-soo command
Set/Acknowledgment method, ISAKMP
SHA-1 (Secure Hash Algorithm)
IKE
IPsec
shared keys
shared service VPNs
shim headers. MPLS
Short Pipe Model, DiffServ tunneling
implementing
overview
show 12tun session command
AAL5 SDU mode L2TPv3 pseudowires
ATM port mode cell relay L2TPv3 pseudowires
ATM VCC cell relay mode L2TPv3 pseudowires
ATM VPC cell relay L2TPv3 pseudowires
Ethernet port L2TPv3 pseudowires
Ethernet VLAN L2TPv3 pseudowires
Frame Relay DLCI-to-DLCI switching L2TPv3 pseudowires
HDLC L2TPv3 pseudowires
static L2TPv3 pseudowires
show atm cell-packing command 2nd
show atm pvc command
show atm vc command
show atm vp vpi command
show caller user command
show connection name
show connection name command
show crypt isakmp sa command
show crypto accelerator statistics command
show crypto ca certificates command
show crypto ca crls command
show crypto engine connections active command
show crypto ipsec ezvpn client command
show crypto ipsec sa command 2nd 3rd 4th 5th
show crypto isakmp sa command 2nd
show crypto isakmp sa detail command 2nd
show crypto key mypubkey command
show crypto pki certificate command
show frame-relay pvc command 2nd
show interface virtual access command
show ip bgp command
show ip bgp ipv4 mdt all command
show ip bgp neighbor ip-address command
show ip bgp vpnv4 all command
show ip bgp vpnv4 vrf vrf-name command
show ip bgp vpnv4 vrf vrf-name network-address command
show ip eigrp neighbors command
show ip local pool command
show ip mroute command
show ip pim neighbor command
show ip route vrf vrf-name command
show ip router vrf vrf-name command
show ip vrf detail vrf-name command
show ipsec sa command
show ipsec stats command
show isakmp sa command
show isakmp stats command
show mpls 12 transport vc command
show mpls 12transport vc detail command
show mpls 12transport vc vcid command 2nd 3rd 4th 5th
show mpls forwarding-table command
show mpls interface command
show mpls ldp neighbor neighbor-ip-address detail
show policy-map command
show vpdn session all command
show vpdn session command
show vpdn tunnel command
show vpn-sessiondb command
Simple Certificate Enrollment Protocol
[See CAs (certificate authorities), SCEP.]
Simple Public Key Infrastructure (SPKI)
Site of Origin attribute
site-to-site VPNs [See also crypto maps, IPsec VPNs.]
customer provisioned VPNs
deploying 2nd
devices
overview
protocols
service provider provisioned
SKEME (Secure Key Exchange Mechanism), IKEv1
SLI messages
software clients
SoO (Site of Origin) attribute
SPD (Security Policy Database)
specific VPN models
SPKI (Simple Public Key Infrastructure)
split tunneling
defined
IPsec
spoke site gateways (DMVPN), configuring
dynamically assigned IP addresses
GRE tunnel interface
overview
routing protocol for site-to-site reachability
sample configuration
SSCS (Service Specific Convergence Sublayer)
SSL (Secure Sockets Layer)
packet format
protocol overview
versions
ssl encryption command
SSL remote access VPNs
advantages/disadvantages
Cisco Secure Desktop
Cache Cleaner settings (Mac/Linux)
Cache Cleaner settings (Windows)
enabling
installing
location criteria
overview
Secure Desktop settings
VPN Feature Policy settings
closing connections
enabling on Cisco ASA 5500 Series appliances
cryptographic algorithms, configuring
e-mail proxy, configuring
file access/entry/browsing, configuring
HTTP server, configuring
login/home pages, customizing
operation of, verifying
overview
port forwarding, configuring
SSL trustpoint, specifying
SSL versions, restricting
URL lists, specifying
user authentication, configuring
user group policy, configuring
WebVPN, enabling on outside interface
enabling on Cisco IOS devices
basic SSL parameters, configuring
domain name address, configuring
IOS router, enrolling with a CA
login/home pages, customizing
name server address, configuring
overview
port forwarding, configuring
remote AAA, configuring
URLs, specifying
webvpn enable command
enabling on Cisco VPN 3000 concentrators
e-mail proxy
file server access
overview
TCP-based application access
web server access
overview
resuming sessions
RSA handshake authentication
with client
with VPN gateway only
thick-client connectivity
ssl trustpoint command
Start-Control-Connection-Connected (SCCCN) message (L2TPv2)
Start-Control-Connection-Reply (SCCRP) message (L2TPv2)
Start-Control-Connection-Request (SCCRQ) message (L2TPv2)
stateful IPsec high availability
stateless IPsec high availability
overview
with HSRP on inside interface
with RRI
static routes
configuring for connectivity between customer VPN sites
GRE tunnels
static session setup, L2TPv3-based L2VPNs
advantages/disadvantages
overview
with control connection
without control connection
static VRF routes, redistributing into MP-BGP
Statistics tab (Cisco SSL VPN Client)
status codes
Stop-Control-Connection-Notification (StopCCN) message (L2TPv2)
StopCCN (Stop-Control-Connection-Notification) message
stream ciphers
SUCCESS messages (CA)
switching
AToM-based pseudowires
DLCI-to-DLCI
symmetric encryption algorithms
block ciphers
IPsec
stream ciphers
symmetric key exchange
sysopt connection permit-ipsec command
|
