Create a Cisco IPsec protected tunnel interface!

Подписаться 182 тыс.

Просмотров 19 тыс.

50% 1

Tunnels aren't enough, they also need to be encrypted. See how an IPsec profile on a tunnel interface on a Cisco router can protect the tunneled traffic.
Free RU-vid Playlists from Keith:
▶ Master Playlist for Cisco CCNA 200-301 ogit.online/sloth
🔐 Cisco CCNA 200-301 Security ogit.online/200-301_Security
💻 Cisco CCNA 200-301 IPv4 Subnetting ogit.online/subnet
💬 Join our Discord server (free) ogit.online/Join_OGIT_on_Discord
🏪 Keith Barker Amazon Affiliate Store www.amazon.com/shop/keithbarker
And…
🏫 Keith’s Content at CBT Nuggets ogit.online/Keith-CBT
#KeithBarker #CCNA #200-301

Опубликовано:

15 окт 2020

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 78

@TheWextin Месяц назад

Great explanation. Sometimes you can read about a topic, think you understand it, but there are grey areas between the components. This really helps put it all together in my head. Thanks!!

@kaihu6776 Год назад

Hey, Mr. OG! You have changed many lives, mine included. Now I work with advanced networks, and a new thing (for me) can benefit from your amazing style of teaching. IPsec tunnels dual encryption using CA signed certificates. Don't even know where to start making even a lab for this. Different vendor devices participate in this type of layered security architecture. I am quite sure you know already. Guidance much much appreciated 😊

@KeithBarker Год назад

Thank you Kai Hu! And congratulations on all your accomplishments over the years!!! All the best.

@John-pp8qv 3 года назад

Although the routers can ping each other’s tunnel interfaces - R1 still requires an appropriate destination-route pointing down the tunnel for the /24 network at R2 (and vice versa). Without them, traffic will be default-routed in the clear to the gateway, which of course doesn’t guarantee it making it past the gateway. Great vid!

@KeithBarker 3 года назад

Thank you John! Spot on. Appreciate you taking time for the comments. More videos to come.

@tamoorali5768 8 месяцев назад

you are one of the top teacher i have seen so far on the youtube stay blessed

@tamoorali5768 8 месяцев назад

you are just awsome hats off and you deserve a salute, you explain and draft the lab in the most simplified /detailed and summarize way it is realy amazing

@afakhpatel8522 3 года назад

Keith I'm watching your videos on the Network + .. YOU ROCK !!!

@KeithBarker 3 года назад

Thank you Afakh Patel!

@umairm8595 3 года назад

Thank you Keith this was a very well explained video, I appreciate it

@KeithBarker 3 года назад

Very welcome

@OutJoke 3 года назад

Thanks Keith, another well explained educational video. 😀

@KeithBarker 3 года назад

Thanks 👍

@tamoorali5768 8 месяцев назад

now i will watch and recomend your channel

@sunkoko1 2 года назад

a pleasure to hear your explanation

@KeithBarker 2 года назад

Thank you Mehdi Hamid!

@sinae7409 3 года назад

Fabulous content like always

@KeithBarker 3 года назад

Thank you sina e!

@danielmamaniaguilar4609 3 года назад

You are the best!! Your youtube channel should have more subscribers!!

@KeithBarker 3 года назад

Maybe one day!

@theotherguy6155 3 месяца назад

you have so many videos it's impossible to find the one after this you've alluded too

@KeithBarker 3 месяца назад

Thank you, @theotherguy6155, for letting me know. If you go to my channel, and use the search from there, along with the keyword or topic you are looking for, that may help you to find the content you are looking for.

@lannetsolutions1042 Год назад

Watchig this video on 4/11/2022. I also watch your videos on CBT nuggets. great teacher I appreciate your efforts for network engineers community, i study online. Thanks

@KeithBarker Год назад

Thank you Lannet Solutions!

@user-me4et3bp7k Год назад

Well done

@KeithBarker Год назад

Thank you S76!

@eslammohamedahmed4601 2 года назад

So interesting, keith!

@KeithBarker 2 года назад

Thank you!

@troysipple2591 3 года назад

Thanks again.

@KeithBarker 3 года назад

My pleasure!

@kwiatriot6190 3 года назад

Thank you for the content! Two items for feedback. One, I would have liked to see the IPSec profile creation because that is the part I struggle to remember. Two, I dig the new "lipstick" cam but it was tracking your face at times and that was slightly distracting. Just my views and wanted to share! Thank you again for sharing your knowledge with us!

@tamaspeter3599 3 года назад

Yes, it would be great to see the ISAKMP & IPSEC part of the config file....@Keith Barker please show us!

@KeithBarker 3 года назад

Noted, thank you Wayne!

@RITUALAOS 3 года назад

Will be protected!

@KeithBarker 3 года назад

Thank you RITUALAOS! More videos to come, including pointing out some routing challenges. Get subscribed and stay tuned for more.

@tamoorali5768 8 месяцев назад

we need your more videos on fortinet and on paloalto

@jetmelt 3 года назад

Great use of color. Of the many different parts of the configuration, the colors help separate and focus on them as you’re presenting.

@KeithBarker 3 года назад

Thanks so much!

@jesusmendoza4166 2 года назад

Great video! Extremely helpful for some troubleshooting I have to do this coming week! Glad I found this. One thing I am having trouble with is configuring an ipsec profile on my router. Can you point me to video where this is explained by any chance?

@riwz1603 6 месяцев назад

Hi, I couldn't find any from Keith regarding the ipsec profile configuration but I found another video that might help: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-xZrzcJxla4o.htmlfeature=shared

@MrAlazawi 3 года назад

The traffic won't be forwarded unless a static route or a dynamic routing protocol is configured on both Routers so that the Routers will know/learn where to send the traffic. Thanks Keith

@KeithBarker 3 года назад

Thank you Ibrahim Alazawi! Perfectly correct. More vids to come.

@qudratullahludin 2 месяца назад

Will it work in cisco asa firewalls

@kevinpunya 3 года назад

about the last question, so where is the video that is going to discuss it? a little confusing as you have a ton of very insightful videos =)

@arshameq 3 года назад

Hi Keith, what simulation program are you using these days for your demonstrations and labs? VIRL 199$?

@KeithBarker 3 года назад

Thank you for the question ARSHAM EQ. I have a license for CML personal edition (from Cisco), but often use Eve-NG. Both get the job done for most of what I am working on.

@andreicraciun7870 3 года назад

Looking at 3:22 clearly there's no route from 10.2.0.0 to 10.1.0.0 other than the default "internet" route, therefore it won't go through the tunnel. Just as many comments already pointed, it will need a route (something like #ip route 10.1.0.0 255.255.255.0 10.12.12.2)

@KeithBarker 3 года назад

Thank you Andrei Craciun! Perfectly correct.

@gordonasturias6604 3 месяца назад

Andre, thanks for the help with that.

@joshkindy4826 3 года назад

Your face tracking is neat but extremely distracting. Thank for the great content in the CBT Nuggets CCNA Course im currently taking

@KeithBarker 3 года назад

Noted! Will be correcting that. Thank you Josh Kindy!

@dennisreyes3872 3 года назад

I’m here

@KeithBarker 3 года назад

Thank you Dennis Reyes! Welcome.

@rohidahamad1023 3 года назад

Yes the traffic is encrypted/protected from PC1 to PC2.

@KeithBarker 3 года назад

Thank you ROHID AHAMAD! More videos to come, including details on how routing is required to get this working. Stay tuned.

@MohammedIrfan-wc3zm 3 года назад

PC1 to PC2 bound (vice versa) traffic will work and be protected via GRE / IPSec tunnel. Why and how? GRE Tunnel is up. Both Tunnel interfaces have reachability. Question for you Keith - which emulation software was used for packet capture? Thanks!

@tajammulhsyed 3 года назад

Following

@MrAlazawi 3 года назад

you have missed an important point (Routing), therefore the traffic won't be forwarded unless a static route or dynamic routing protocol is configured on both Routes so that the Routers will now where to send the traffic.

@mehdifar995 3 года назад

@@MrAlazawi if we don't have a route , how can the ping work ?

@tajammulhsyed 3 года назад

@@mehdifar995 and also missing access list

@MrAlazawi 3 года назад

@@mehdifar995 ping worked because Keith pinged an IP Adresse which belongs to a connected network 10.12.12.0/24 for connected networks we don't need neither static route nor dynamic routing protocol for the Router to know where to send the packet to. Regards

@navneet6121986 2 года назад

We call it "GRE over IPSEC" or "IPSEC over GRE" ?

@gbadri1 3 года назад

Hey Keith, I am subscribed for all your courses but I am not getting alerts. hmm weird

@KeithBarker 3 года назад

Thank you G. BadrichIndian I will check my settings, thank you for the heads up, and welcome.

@renegonzalez8181 3 года назад

Hey Keith, what is the diference between this and a VPN? This seems easier, but is it the same? Can i use this in the real world? How?

@KeithBarker 3 года назад

Thank you for the question Rene Gonzalez. This is one of several ways to implement an IPsec VPN tunnel. The fancy name for it is a Virtual Tunnel Interface (VTI). More VPN videos coming. Get subscribed, and stay tuned for more.

@renegonzalez8181 3 года назад

thanks a lot @@KeithBarker i´m a huge fan, i´ve been learning from you for over a decade. Thanks for the reply.

@Ebraptus Год назад

need to get into the configuration more, not very in depth on this one

@Kazuha_oppa 3 года назад

Keith, I challenge you to create a IPSec protected tunnel between a Cisco ISR and a Meraki MX.

@KeithBarker 3 года назад

Thank you David. I may not be that brave.

@Kazuha_oppa 3 года назад

@@KeithBarker You chose wisely

@JoeSmith-gb6mq Год назад

Is there a reason this is different for IPSEC than the video from 11yrs ago did something change, that makes Keith's older video not relevant?

@riwz1603 6 месяцев назад

Thank you very much for your explanation, the colours used makes it really easy to visualise and undertsand the concept. Love your videos too! Just wanted to add on for those who are wondering for the ipsec profile configuration, I found this video that might help: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-xZrzcJxla4o.htmlfeature=shared

@KeithBarker 5 месяцев назад

Thank you @riwz1603!