This is a sniplet from the Cisco SIMOS course, where we discuss the logical constructs behind a site-to-site IPSec VPN. I hope that this content helps you understand what's happening behind the scenes of your VPN's.
Just found this after trying to understand it by reading multiple online sources and the SVPN official cert guide material. Thanks, Ryan. Your videos are awesome.
I have literally been coming back to this video every 6 months for about 2-3 years. Every time i watch it again, I feel I have learned something I didn't pick up on the previous viewings. I found myself yelling "ip" at the screen for 13:34. Its never been more clear to me.
I think learning happens in layers, as the concepts go by we only capture so much of it. Glad that you've found it useful. Glad to hear I'm not the only one talking to the computer screen and an empty room :)
Awesome, I'm glad that helped :) You may already be familiar, but there are some neat reasons to put a tunnel in a tunnel. GRE inside of IPSec for example. It let's you take traffic that IPSec doesn't support (anything other than unicast IP) and do what you like with it. Protocols that would normally not leave a broadcast domain (ARP, LLMNR, STP, CDP, IGP's etc) can be collected and passed anywhere then dropped off anywhere you like, any number of hops, networks, devices, and they come off the other side like nothing happened.
I usually watch these at 1.5 times, happy to say it's one of the first videos that made me do a spit take and slow it down to 1.0 times haha. Good content.
This is by far the best tutorial I've seen to date on explaining AH v. EDP and ISAKMP in IPSec tunnels. Your whiteboard examples leave nothing to question or wonder about. Combine this with a Cisco LAN to LAN VPN config guide for ASA or router and you have a winning combination. Thanks!
This is the best video I've watched that goes into detail regarding the IPsec process, and I've used other resources like INE Udemy, and CIsco library. Thank you
Ryan, this video is the best one out there in youtube explaining site-to-site VPN's IPSec phases. Feel free to do DMPVN phases as well. Thanks a lot Ryan Lindfield
Dude, you're awesome! I tried to study IPsec several times and never managed to understand it so far but this vid just opened my eyes so I wanted to say: Thank you! Great work :)
I have to say this video is what finally nailed it for me! I've been trying to dive deep into the inner workings of IPSec for weeks and more I studied more I got confused. But this video finally cleared it all up! Thank You @RyanLindfield!
I think part of the learning process is hearing it explained multiple times by different people, then finally p00f you own it :) Happy that helped! IPSec should serve you well for many years to come!
Excellent intro! Very helpful for an Application Solution Architect who is working with his Infrastructure colleagues to allow remote access via IPSec VPN tunnels to understand what this is all about :-)
I truly regret Ryan stopped adding videos , one of the best networking lecturer , this lesson here , best explanation of differences between ESP and AH , take care Ryan
Thanks so much for your kind words, I'm glad you found the video helpful, it's a tricky thing to explain with words alone.. I promise to release more content in 2023 :).
This was such an amazing explanation! I thought I understood Phase1 but not Phase2, but it seems like I actually had understood it wrong all together. Seeing the two different uses and purposes of the ISAKMP SA contrary to the IPsec SA (or Crypto SA) has cleared my mind.