cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

TAC Security Podcast Episode #30 - Introducing FlexVPN

3707
Views
10
Helpful
4
Comments

 

Episode Name: Episode 30 - Introducing FlexVPN

Contributors:  Magnus Mortensen, Jay Young, Wen Zhang and special guest Frederic Detienne

Posting Date: September 12, 2012

Description: Magnus interviews a panel of VPN experts on a new shift in VPN technologies, Flex VPN. The panel includes VPN escalation engineers Wen and Jay Young as well as a special guest, Frederic Detienne. Fred hails from our Brussels location and is a Distinguished Support Engineer specializing in VPN and crypto technologies. The crew talks about Flex VPN and the new IKEv2 technology.

 


Listen Now    (MP3 38.7 MB; 40:16 mins)

 

Subscribe to the Podcast in iTunes by clicking the image below:

button_itunes.gifrss.gif

 

About the Cisco TAC Security Podcast

 

The Cisco TAC Security Podcast Series is created by Cisco TAC engineers. Each episode provides an in-depth technical discussion of Cisco product   security features, with emphasis on troubleshooting.

 

Complete episode listing and show information

 

 

Show Notes

Worthy links for configuring and setting up FlexVPN:

 

Config guide:

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_ike2vpn/configuration/15-2mt/sec-flex-vpn-15-2mt-book.html

 

Support Forums articles on Flex and IKEv2:
FlexVPN at a glance

https://supportforums.cisco.com/community/netpro/security/vpn/blog/2012/03/19/flexvpn-at-a-glance

IKE Version 2 at a glance

https://supportforums.cisco.com/community/netpro/security/vpn/blog/2010/12/22/ike-version-2-at-a-glance

 

Support Forums configuration examples:
FlexVPN: Anyconnect to IOS headend over IPsec with IKEv2 and certificates

https://supportforums.cisco.com/docs/DOC-23967

FlexVPN / IKEv2: Windows 7 Builtin-Client: IOS Headend: Part I - Certificate Authentication

https://supportforums.cisco.com/docs/DOC-24022

 

Comments

Awesome! Thanks.

pgasparovic
Beginner

Umm..I can't wonder enough how the sec technologies have advanced since my major interest in them in 2010, and working quickly with EasyVPN in 2012, that FlexVPN became such a blockbuster in the meanwhile... definitely worth studying it to become ready for whatever sec VPN challenge may appear.

Also discovered Cisco Live web page with VoD sessions! Excellent resource!!

Regards

Peter Gasparovic

stevehille84
Community Member

Thanks guys, I've managed to setup a FlexVPN site to site and it has been much much more stable than my old static site to site tunnels but I can't find any guide on how to configure hub and spoke networks.

I've got a core router that all of my site VPN's currently terminate on (around 10) and I want to migrate them over to FlexVPN but I just can't find any good examples on the internet. I want to do this using PSK only, does anyone know of any good resource please?

Regards,

Steve

wzhang
Cisco Employee

Hi, Steve:

Good to know FlexVPN is working out for you. You can find most of the FlexVPN configuration examples here:

http://www.cisco.com/c/en/us/support/security/flexvpn/products-configuration-examples-list.html

Specifically, for what you want to do, you can check out this example (just ignore the BFD or redundancy part if you don't need it):

http://www.cisco.com/c/en/us/support/docs/security/flexvpn/118888-configure-flexvpn-00.html

If you are looking for examples using the flexvpn client block, use something like this:

http://www.cisco.com/c/en/us/support/docs/security/flexvpn/116413-configure-flexvpn-00.html

Another good FlexVPN resource is this CiscoPress book:

https://www.amazon.com/IKEv2-IPsec-Virtual-Private-Networks/dp/1587144603/ref=sr_1_1?ie=UTF8&qid=1497451550&sr=8-1&keywords=ikev2

It has plenty of examples for all kinds of FlexVPN deployment situations.

Hope this helps.

Thanks,

Wen

Content for Community-Ad