NIL Data Communications Ltd.

1. Navigation
2. Main Menu
3. Left sidebar
4. Content
5. Right sidebar
6. Footer

Content

Deploying Cisco ASA VPN Solutions Remote Labs v1.0

This set of lab exercises contains all exercises associated with the Deploying Cisco ASA VPN Solutions (VPN) v1.0 course. The lab exercises address a wide range of the Cisco ASA features, especially the configuration of different types of the access, ranging from site-to-site VPN tunnels, remote access, clientless access, SSL access, and Cisco Secure Desktop. In some exercisec you will also use certificate-based authentication. In one of the exercises you will set and configure load balancing SSL VPN cluster. Exercises in this bundle are mostly using ASDM forr configuration and verification of the ASA, and are designed for advanced administrators.

Content

This set of lab exercises contains the following exercises:

• Deploying a Basic Cisco ASA IPsec Site-to-Site VPN
• Deploying a Certificate-Based Cisco ASA IPsec Site-to-Site VPN
• Deploying Basic Easy VPN
• Deploying Advanced Easy VPN Server with Certificate-based Authentication
• Deploying the Cisco ASA 5505 Adaptive Security Appliance as a Hardware Easy VPN Client
• Configuring a Basic Cisco AnyConnect Full Tunnel SSL VPN using Local Password Authentication
• Deploying the Cisco AnyConnect Client with Centralized Management
• Configuring a Basic AnyConnect Full Tunnel SSL VPN Using the Local CA
• Configuring Basic Clientless VPN Access
• Configuring Advanced Application Access in Clientless SSL VPNs
• Customizing the SSL VPN Portal
• Deploying AnyConnect Full Tunnel SSL VPN Access Policies and Authorization Parameters
• Deploying Cisco Secure Desktop and DAP in SSL VPNs
• Configuring a Load Balancing SSL VPN Cluster

Objectives

Upon finishing this set of exercises, you will be able to:
Configure IKE parameters

• Configure crypto map
• Define traffic to be encrypted
• Monitor established VPN sessions
• Enroll the Cisco ASA adaptive security appliance in PKI
• Configure PKI-based authentication
• Monitor established site-to-site IPsec sessions
• Configure basic Easy VPN server support on the Cisco ASA adaptive security appliance
• Configure a local group policy
• Configure a user in the local database
• Configure split tunneling and IP address assignment
• Configure the Cisco VPN Client
• Launch the Cisco VPN Client
• Establish an IPsec VPN tunnel between the client and the gateway
• Verify the VPN connection
• Configure Easy VPN server support on the Cisco ASA adaptive security appliance with client certificate authentication
• Configure certificate users and group policies using a remote (Cisco ACS) database
• Configure the security appliance for remote access
• Configure the Cisco VPN Client for remote access
• Establish an IPsec VPN tunnel between the client and the gateway and authorize the client using RADIUS parameters
• Verify Easy VPN authorization configuration and test connectivity over the configured VPN connection
• Configure the Cisco ASA 5520 Adaptive Security Appliance as an Easy VPN server
• Configure the Cisco ASA 5505 Adaptive Security Appliance as a NEM Easy VPN client
• Establish an IPsec VPN tunnel between the Cisco ASA 5505 Adaptive Security Appliance and Cisco ASA 5520 Adaptive Security Appliance
• Verify Easy VPN authorization configuration and test connectivity over the configured VPN connection
• Enroll the Cisco ASA adaptive security appliance into PKI
• Configure the Cisco ASA adaptive security appliance for SSL VPN
• Configure group policy on the Cisco ASA adaptive security appliance
• Create user accounts in the local database
• Install Cisco AnyConnect client
• Test and verify SSL VPN connection
• Manage Cisco AnyConnect VPN Client software
• Manage Cisco AnyConnect VPN Client using XML profiles
• Create local CA on the Cisco ASA adaptive security appliance and create certificate users
• Enroll the Cisco AnyConnect client into Cisco ASA adaptive security appliance local CA
• Configure certificate authentication and connection profile mapping on the Cisco ASA adaptive security appliance
• Manage client certificates on the Cisco ASA adaptive security appliance
• Enroll the Cisco ASA adaptive security appliance into a PKI
• Import the CA’s certificate to the client
• Configure basic clientless SSL VPN support on the Cisco ASA adaptive security appliance
• Configure a local user in the local user database and local group policy on the Cisco ASA adaptive security appliance
• Configure basic clientless portal features on the Cisco ASA adaptive security appliance
• Establish a clientless SSL VPN between the client and the Cisco ASA adaptive security appliance
• Tune content rewriting on the Cisco ASA adaptive security appliance
• Verify SSL VPN configuration and test connectivity over the clientless SSL VPN connection
• Verify basic clientless functionality on the Cisco ASA adaptive security appliance
• Configure and verify plug-ins operations on the Cisco ASA adaptive security appliance
• Configure and verify port forwarding on the Cisco ASA adaptive security appliance
• Configure and verify Smart Tunnels on the Cisco ASA adaptive security appliance
• Configure basic clientless SSL VPN support on the Cisco ASA adaptive security appliance
• Configure basic customization of the VPN portal on the Cisco ASA adaptive security appliance
• Configure advanced (HTML) customization of the portal on the Cisco ASA adaptive security appliance
• Integrate the Cisco AnyConnect VPN Client with the clientless portal
• Verify SSL VPN configuration and test connectivity over the configured VPN connection
• Configure complex group policies on the Cisco ASA adaptive security appliance
• Configure complex group policies on RADIUS server
• Configure external authentication and authorization for SSL VPN sessions on the Cisco ASA adaptive security appliance
• Install and enable CSD on the Cisco ASA adaptive security appliance
• Configure basic prelogin criteria on the Cisco ASA adaptive security appliance
• Configure basic prelogin policies on the Cisco ASA adaptive security appliance
• Configure DAP-based policies on the Cisco ASA adaptive security appliance
• Configure SSL VPN cluster on the Cisco ASA adaptive security appliances
• Verify cluster functionality on the Cisco ASA adaptive security appliances

Importance

The lab exercises in this set are important for all network engineers, administrators, and designers involved in designing, implementing, and operating security solutions based on Cisco ASA devices.

Target Audience

The primary audience for this course comprises network and system engineers responsible for security solutions deployment and troubleshooting using Cisco ASA devices. Because most of the exercises are done using the Cisco ASDM, labs are also suitable for administrators who wish to expedite and simplify a Cisco ASA configuration process.

Prerequisite Knowledge

To successfully complete exercises, a good knowledge of basic TCP/IP principles, as well as advanced knowledge of Cisco security appliance features and VPN security technologies, such as IPsec VPN, Easy VPN, SSL VPN or Clientless VPN, is needed. This knowledge is best gained by attending the Deploying Cisco ASA VPN Solutions (VPN) v1.0 course.

Left sidebar

• Learning Options
  • Classroom Training
  • E-Learning
  • Remote Labs
  • Virtual Classrooms
• Technology Area
• Cisco Certifications
• Cisco Specializations

Right sidebar