Cisco Systems CL-28826-01 Security Camera User Manual

Open as PDF

of 2616

CHAPTER

24-1

User Guide for Cisco Security Manager 4.4

OL-28826-01

Managing Site-to-Site VPNs: The Basics

A virtual private network (VPN) consists of multiple remote peers transmitting private data securely to

one another over an unsecured network, such as the Internet. Site-to-site VPNs use tunnels to

encapsulate data packets within normal IP packets for forwarding over IP-based networks, using

encryption to ensure privacy and authentication to ensure integrity of data.

In Cisco Security Manager, site-to-site VPNs are implemented based on IPsec policies that are assigned

to VPN topologies. An IPsec policy is a set of parameters that define the characteristics of the site-to-site

VPN, such as the security protocols and algorithms that will be used to secure traffic in an IPsec tunnel.

Security Manager translates IPsec policies into CLI commands that can be deployed to the devices in the

VPN topology. Several policy types might be required to define a full configuration image that can be

assigned to a VPN topology, depending on the IPsec technology type.

The Site-to-Site VPN Manager defines and configures site-to-site VPN topologies and policies on Cisco

IOS security routers, PIX Firewalls, Catalyst VPN Service Modules, and Adaptive Security Appliance

(ASA) firewall devices.

Tip In ASA documentation, site-to-site VPNs are called LAN-to-LAN VPNs. These phrases are equivalent,

and we use “site-to-site VPN” in this documentation.

You can access the Site-to-Site VPN Manager by selecting Manage > Site-To-Site VPNs or clicking the

Site-To-Site VPN Manager button on the toolbar.

You can also configure shared policies in Policy view and view and configure topologies in Device view.

In Policy View, you can assign IPsec policies to VPN topologies.

This chapter contains the following topics:

• Understanding VPN Topologies, page 24-2

• Understanding IPsec Technologies and Policies, page 24-5

• Accessing Site-to-Site VPN Topologies and Policies, page 24-17

• Site-To-Site VPN Discovery, page 24-19

• Creating or Editing VPN Topologies, page 24-28

• Creating or Editing Extranet VPNs, page 24-63

• Deleting a VPN Topology, page 24-67

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems CL-28826-01 Security Camera User Manual