Cisco VPN Configuration Guide – By Harris Andrea

I wanted to let you know about my new eBook “Cisco VPN Configuration Guide” which I have launched recently.

This ebook (PDF Format) consists of 240 pages filled with raw practical concepts, step-by-step configuration tutorials, around 40 colorful network diagrams to explain the scenarios, troubleshooting instructions, 20 complete configurations on actual devices etc. There is no fluff or redundant information. There is a little bit (2-3 pages) of basic theory (especially on IPSEC Protocol) but other than that you will find only practical and real-world concepts and tutorials.

Moreover, by purchasing an electronic book instead of a regular hard copy book, you have the advantage of getting discounted updates of the material for life. Just make sure to subscribe to my email list after purchasing (a subscription form will be located at the download page) in order to be eligible for the low cost updates.

Cisco VPNs are mostly implemented on IOS Routers and ASA Firewalls. That’s why the “Cisco VPN Configuration Guide” covers VPN configurations on both of these two device types.

The prevalent VPN topologies that you will encounter in real-world (and are covered in the book) are the following:

Topologies Covered:

  • Site-to-Site VPNs (also called Lan-to-Lan VPN networks): Used to connect two distant LAN networks over the Internet or over any untrusted medium. Very common in Small Enterprise networks.
  • Hub-and-Spoke VPNs: Several remote branch sites (Spokes) are connected with VPN to a central Hub site. Very common in Medium to Large Enterprise networks.
  • User Remote Access VPNs (with VPN Client and Anyconnect SSL VPN): Offering connectivity of teleworkers and remote users to central network resources. Very common to any type of Enterprise.
  • Full Mesh VPNs: All sites of a network can communicate with each other. This is usually implemented using Dynamic Multipoint VPN (DMVPN).

All of the above topologies are covered in the book. Also, variations of the above topologies with special scenarios are included. Some of the special cases that we will be covering include the following:

Special Scenarios:

  • VPNs with sites having Dynamic public IP.
  • Implementations of hub-and-spoke together with remote access VPNs on the same device.
  • VPN authentication using Microsoft Active Directory, Radius and RSA servers.
  • Using Dynamic Routing Protocols (EIGRP) to make VPNs on Routers more scalable.
  • Spoke to Spoke communication via the Hub Site (using VPN Hairpinning on ASA)
  • Remote Access users to communicate with Spoke sites via the Hub (using VPN Hairpinning on ASA).
  • Site-to-Site IPSEC VPN with duplicate subnets on the two sites.
  • IPSEC VPN Failover with backup ISP.
  • VPN between Router and ASA
  • PPTP
  • etc

The VPN protocols and technologies covered in the eBook include:

  • GRE VPN with IPSEC Protection
  • Virtual Tunnel Interface (VTI)
  • Static VTI (SVTI) and Dynamic VTI (VTI)
  • PPTP
  • IPSEC VPN Client for remote access
  • Cisco Anyconnect SSL VPN

Most Cisco VPN books out there are outdated (published around 2005) and they are also twice the price for what I’m offering right here. I believe that this VPN Configuration Guide will be a valuable resource for any Cisco Professional for years to come. Again, keep in mind that by purchasing this ebook you will be getting low cost updates of the book for life. Just make sure to subscribe to my “Customers’ email list” (at the download page after purchasing the book) in order to be eligible for the discounts on updated versions.



  1. Mauricio Parra says

    Hi Harris, I would like to buy the book but first, could you tell me exactly to what IOS and ASA versions are the configuration examples and guides targeted? Thanks!

  2. Blog Admin says

    Hi Mauricio,

    For Cisco Routers I used IOS 12.4(23) and for ASA its version 8.4.
    However, the configurations will work even for older or newer versions. The only exception is ASA. Versions prior to 8.3 have some differences in NAT commands.

  3. Shawn Chan says

    Hello Harris

    I have brought your ebooks before. It’s nice and comprehensive enough for most IT professionals of various levels. I was looking forward to the new ebook with content of OSPF in mind. Finally your new ebook is available. However it seems that your new ebook has a little content on EIGRP but none on OSPF which is more propular in the networking world. Hope there is some free update with this topic convered soon.

  4. Blog Admin says

    Hi Shawn,

    Thank you for your comment and feedback. Since the VPN Configuration Guide is for Cisco devices exclusively ( IOS Routers and ASA Firewalls), I have covered EIGRP instead of OSPF since its more straightforward and works great as well. However, your feedback gave me a great additional topic to include in future updates of the book. I will definitely include configuration scenarios with VPNs on Routers using OSPF as well. What is great with purchasing my ebooks is that you will be getting free updates as the content evolves.



  5. Ken Leung says

    Hi Harris,

    That really a great eBook. Regarding a topic from in the new book “Remote Access VPN Authentication via Active Directory. Is this possible add more topic with administering Cisco Access Control Server console in the future update?


  6. Björn Albers says

    Hello Harris,

    I just got your new ebook.
    One big feature request (although not about the actual content): Please ship also an epub version.
    I’ve already received your instructions about pdf2epub-conversion from a previous mailing, but I think your tablet-using customers would appreciate if you’d perform the required steps.

    Thanks and all the best with your sales!

  7. Blog Admin says

    Thanks Björn for your comment. I will see what I can do for converting the ebook to epub format in addition to PDF. I will send you a message when I do it.


  8. Blog Admin says


    Administering Cisco ACS is a whole new book by itself. You gave me an idea for a new book maybe!!



  9. Luis Gonzalez says

    Hi Harris,

    I picked up the new ebook yesterday and I haven’t put it down for more than 20 minutes. I am a twenty year veteran and I find your guides are the best reference when I am explaining concepts to staff and junior engineers. I have instructed all my staff to pick up your guide if they really want to understand VPNs in practical context.

    Your scenarios are on point and provide for a clear understanding of what to apply and how to apply it. Thanks again for this additional contribution. I look forward to an ACS ebook.

  10. Blog Admin says

    Hi Luis,

    I really appreciate your feedback about my new Cisco VPN ebook. I’m glad that network veterans like you find my guides valuable.

    Thanks a lot


  11. says

    Excellent book, well worth the price. I wish there was more content involving mixed environments, i.e. using IPSEC site to site AND remote users on the same box, but the examples and insight the book provides are excellent.

  12. Blog Admin says


    Thanks for your feedback. Regarding your comment about IPSEC site to site and remote access on same device, sections 2.1.4 and 3.1.5 already cover this scenario.

    Please let me know if I can assist you on anything.



  13. Blog Admin says


    No, this is an electronic book (PDF Format) which you will be able to download immediately after payment.


  14. Chris says

    Excellent ebook. Very detailed information. It is clear, precise, and easy to understand. I have a task to replaced our pix firewall with hundreds of vpn connections and the ebook gave me the understanding of what I was doing and helped me with the CLI.

  15. says

    Once gain a an execellent reference guide. I’ve been working with CISCO 871 and then CISCO ASA 5510s over the past 5 years and finally after reading this I have really begun to understand what certain Options mean and how they work.


  16. Joseph says

    This book was very well written and has allowed me to learn much more when it comes to VPN’s. Thanks so much. Are you going to write more material based on the newer IOS 9.1?

  17. Blog Admin says


    Thanks for your feedback. If you have received my email today, yes I’m preparing for updating my ASA book to cover 9.1 as well. I will use the VPN related content from that book to the VPN Configuration guide as well. Make sure to subscribe to the customers’ email list so that to be eligible for the free updates of the book.

  18. Solomon says

    I have both the ASA and the VPN books. Harris has a way of making a complex technology look simple. Thank you so much for sharing your knowledge. I would love to see you do something on MPLS VPN and BGP in the future.


  19. Michael says

    Love your e-books. I followed the step by step ASA configuration in the Cisco VPN Configuration Guide and it saved my bacon on my first site to site IPSEC VPN tunnel set up, as I knew it would.
    The Cisco world is difficult and confusing to learn. Unless you do it *every day* it’s hard to remember what is needed. Your books make this a lot easier when less experienced people such as myself are called upon to administer Cisco equipment. Thank you and I am very happy with my purchase.

  20. Joe Mifsud says

    The Cisco VPN Configuration Guide is great. I am relatively new to VPN setups and configurations and found your ebook quite informative with good diagrams and examples as well as excellent format overall. Interesting to read and follow the practical examples. Well Done.

  21. Blog Admin says


    I greatly appreciate your nice words and feedback about my book. Don’t hesitate to contact my if you ever need any assistance.


  22. Udo Edwin Foth says

    Hi Harris,

    the book is very useful (btw: i bought the other one as well – the same – just useful)
    I’m preparing for the 618 exam in the moment. The book is a valuable source for the studies.

    I’d appreciate more of this


  23. Arvind says

    Hi Harris,

    Does the ASA fundamentals book cover the nat concepts of ASA version 8.3 and 8.4 ?.


  24. Blog Admin says


    Yes absolutely. Its the only book on the internet that covers NAT for pre 8.3 and after 8.3 ASA versions.

  25. Chris says

    I am back again here. I have already put my ASA in production and it works as expected without any issues. I followed only the ebook and many thanks to you Harris. Without your ebook I can not bring up the ASA in production. Do you have also ebook for cisco router and switches?

  26. Blog Admin says

    Hi Chris,

    I’m glad my book helped you to setup your ASA and get it up and running. Unfortunately I don’t have a book for routers and switches at the moment.

  27. Arvind says

    Hi Chris,

    In this VPN Book, Do we get to understand the step by step process of troubleshooting IPSEC L2L VPN
    Remote Access VPN ?.


  28. Blog Admin says


    This VPN ebook is mostly about configuration from the administrator’s point of view. It has also troubleshooting instructions for IPSEC L2L VPNs

  29. sukesh says

    I want the VPN config guide , I did purchase the ASA config guide which I loved. Thanks.
    I want vpn guide separately, I dont see options on your website for , all i see is combo of ASA guide and the VPN guide. I made my purchase by x
    and let me know about the discount also. thanks

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>