Cisco VPN Configuration Guide – By Harris Andrea

I wanted to let you know about my new eBook “Cisco VPN Configuration Guide” which I have launched recently.

This ebook (PDF Format) consists of 240 pages filled with raw practical concepts, step-by-step configuration tutorials, around 40 colorful network diagrams to explain the scenarios, troubleshooting instructions, 20 complete configurations on actual devices etc. There is no fluff or redundant information. There is a little bit (2-3 pages) of basic theory (especially on IPSEC Protocol) but other than that you will find only practical and real-world concepts and tutorials.

Moreover, by purchasing an electronic book instead of a regular hard copy book, you have the advantage of getting discounted updates of the material for life. Just make sure to subscribe to my email list after purchasing (a subscription form will be located at the download page) in order to be eligible for the low cost updates.

Cisco VPNs are mostly implemented on IOS Routers and ASA Firewalls. That’s why the “Cisco VPN Configuration Guide” covers VPN configurations on both of these two device types.

The prevalent VPN topologies that you will encounter in real-world (and are covered in the book) are the following:

Topologies Covered:

  • Site-to-Site VPNs (also called Lan-to-Lan VPN networks): Used to connect two distant LAN networks over the Internet or over any untrusted medium. Very common in Small Enterprise networks.
  • Hub-and-Spoke VPNs: Several remote branch sites (Spokes) are connected with VPN to a central Hub site. Very common in Medium to Large Enterprise networks.
  • User Remote Access VPNs (with VPN Client and Anyconnect SSL VPN): Offering connectivity of teleworkers and remote users to central network resources. Very common to any type of Enterprise.
  • Full Mesh VPNs: All sites of a network can communicate with each other. This is usually implemented using Dynamic Multipoint VPN (DMVPN).

All of the above topologies are covered in the book. Also, variations of the above topologies with special scenarios are included. Some of the special cases that we will be covering include the following:

Special Scenarios:

  • VPNs with sites having Dynamic public IP.
  • Implementations of hub-and-spoke together with remote access VPNs on the same device.
  • VPN authentication using Microsoft Active Directory, Radius and RSA servers.
  • Using Dynamic Routing Protocols (EIGRP) to make VPNs on Routers more scalable.
  • Spoke to Spoke communication via the Hub Site (using VPN Hairpinning on ASA)
  • Remote Access users to communicate with Spoke sites via the Hub (using VPN Hairpinning on ASA).
  • Site-to-Site IPSEC VPN with duplicate subnets on the two sites.
  • IPSEC VPN Failover with backup ISP.
  • VPN between Router and ASA
  • PPTP
  • etc

The VPN protocols and technologies covered in the eBook include:

  • GRE VPN with IPSEC Protection
  • Virtual Tunnel Interface (VTI)
  • Static VTI (SVTI) and Dynamic VTI (VTI)
  • PPTP
  • IPSEC VPN Client for remote access
  • Cisco Anyconnect SSL VPN

Most Cisco VPN books out there are outdated (published around 2005) and they are also twice the price for what I’m offering right here. I believe that this VPN Configuration Guide will be a valuable resource for any Cisco Professional for years to come. Again, keep in mind that by purchasing this ebook you will be getting low cost updates of the book for life. Just make sure to subscribe to my “Customers’ email list” (at the download page after purchasing the book) in order to be eligible for the discounts on updated versions.


Get Free Cisco Tutorials – Sign Up Below

Fill out your e-mail address below to receive free
Cisco Configuration Examples and Tutorials
(Your email is safe with us)
My Email Address is:


  1. Mauricio Parra says:

    Hi Harris, I would like to buy the book but first, could you tell me exactly to what IOS and ASA versions are the configuration examples and guides targeted? Thanks!

  2. Blog Admin says:

    Hi Mauricio,

    For Cisco Routers I used IOS 12.4(23) and for ASA its version 8.4.
    However, the configurations will work even for older or newer versions. The only exception is ASA. Versions prior to 8.3 have some differences in NAT commands.

  3. Shawn Chan says:

    Hello Harris

    I have brought your ebooks before. It’s nice and comprehensive enough for most IT professionals of various levels. I was looking forward to the new ebook with content of OSPF in mind. Finally your new ebook is available. However it seems that your new ebook has a little content on EIGRP but none on OSPF which is more propular in the networking world. Hope there is some free update with this topic convered soon.

  4. Blog Admin says:

    Hi Shawn,

    Thank you for your comment and feedback. Since the VPN Configuration Guide is for Cisco devices exclusively ( IOS Routers and ASA Firewalls), I have covered EIGRP instead of OSPF since its more straightforward and works great as well. However, your feedback gave me a great additional topic to include in future updates of the book. I will definitely include configuration scenarios with VPNs on Routers using OSPF as well. What is great with purchasing my ebooks is that you will be getting free updates as the content evolves.



  5. Hi Harris,

    That really a great eBook. Regarding a topic from in the new book “Remote Access VPN Authentication via Active Directory. Is this possible add more topic with administering Cisco Access Control Server console in the future update?


  6. Björn Albers says:

    Hello Harris,

    I just got your new ebook.
    One big feature request (although not about the actual content): Please ship also an epub version.
    I’ve already received your instructions about pdf2epub-conversion from a previous mailing, but I think your tablet-using customers would appreciate if you’d perform the required steps.

    Thanks and all the best with your sales!

  7. Thanks Björn for your comment. I will see what I can do for converting the ebook to epub format in addition to PDF. I will send you a message when I do it.


  8. Ken,

    Administering Cisco ACS is a whole new book by itself. You gave me an idea for a new book maybe!!



  9. Luis Gonzalez says:

    Hi Harris,

    I picked up the new ebook yesterday and I haven’t put it down for more than 20 minutes. I am a twenty year veteran and I find your guides are the best reference when I am explaining concepts to staff and junior engineers. I have instructed all my staff to pick up your guide if they really want to understand VPNs in practical context.

    Your scenarios are on point and provide for a clear understanding of what to apply and how to apply it. Thanks again for this additional contribution. I look forward to an ACS ebook.

  10. Blog Admin says:

    Hi Luis,

    I really appreciate your feedback about my new Cisco VPN ebook. I’m glad that network veterans like you find my guides valuable.

    Thanks a lot


  11. Excellent book, well worth the price. I wish there was more content involving mixed environments, i.e. using IPSEC site to site AND remote users on the same box, but the examples and insight the book provides are excellent.

  12. Blog Admin says:


    Thanks for your feedback. Regarding your comment about IPSEC site to site and remote access on same device, sections 2.1.4 and 3.1.5 already cover this scenario.

    Please let me know if I can assist you on anything.



  13. Harris –

    Do you have a hard copy books?

    Thanks, KT

  14. Blog Admin says:


    No, this is an electronic book (PDF Format) which you will be able to download immediately after payment.


  15. Excellent ebook. Very detailed information. It is clear, precise, and easy to understand. I have a task to replaced our pix firewall with hundreds of vpn connections and the ebook gave me the understanding of what I was doing and helped me with the CLI.

  16. Good eBook…Reading and comment later…


  17. Harris.
    Once gain a an execellent reference guide. I’ve been working with CISCO 871 and then CISCO ASA 5510s over the past 5 years and finally after reading this I have really begun to understand what certain Options mean and how they work.


  18. This book was very well written and has allowed me to learn much more when it comes to VPN’s. Thanks so much. Are you going to write more material based on the newer IOS 9.1?

  19. Joseph,

    Thanks for your feedback. If you have received my email today, yes I’m preparing for updating my ASA book to cover 9.1 as well. I will use the VPN related content from that book to the VPN Configuration guide as well. Make sure to subscribe to the customers’ email list so that to be eligible for the free updates of the book.

  20. I have both the ASA and the VPN books. Harris has a way of making a complex technology look simple. Thank you so much for sharing your knowledge. I would love to see you do something on MPLS VPN and BGP in the future.


  21. Love your e-books. I followed the step by step ASA configuration in the Cisco VPN Configuration Guide and it saved my bacon on my first site to site IPSEC VPN tunnel set up, as I knew it would.
    The Cisco world is difficult and confusing to learn. Unless you do it *every day* it’s hard to remember what is needed. Your books make this a lot easier when less experienced people such as myself are called upon to administer Cisco equipment. Thank you and I am very happy with my purchase.

  22. The Cisco VPN Configuration Guide is great. I am relatively new to VPN setups and configurations and found your ebook quite informative with good diagrams and examples as well as excellent format overall. Interesting to read and follow the practical examples. Well Done.

  23. Joe,

    I greatly appreciate your nice words and feedback about my book. Don’t hesitate to contact my if you ever need any assistance.


  24. Udo Edwin Foth says:

    Hi Harris,

    the book is very useful (btw: i bought the other one as well – the same – just useful)
    I’m preparing for the 618 exam in the moment. The book is a valuable source for the studies.

    I’d appreciate more of this


  25. Hi Harris,

    Does the ASA fundamentals book cover the nat concepts of ASA version 8.3 and 8.4 ?.


  26. Blog Admin says:


    Yes absolutely. Its the only book on the internet that covers NAT for pre 8.3 and after 8.3 ASA versions.

  27. I am back again here. I have already put my ASA in production and it works as expected without any issues. I followed only the ebook and many thanks to you Harris. Without your ebook I can not bring up the ASA in production. Do you have also ebook for cisco router and switches?

  28. Blog Admin says:

    Hi Chris,

    I’m glad my book helped you to setup your ASA and get it up and running. Unfortunately I don’t have a book for routers and switches at the moment.

  29. Hi Chris,

    In this VPN Book, Do we get to understand the step by step process of troubleshooting IPSEC L2L VPN
    Remote Access VPN ?.


  30. Blog Admin says:


    This VPN ebook is mostly about configuration from the administrator’s point of view. It has also troubleshooting instructions for IPSEC L2L VPNs

  31. I want the VPN config guide , I did purchase the ASA config guide which I loved. Thanks.
    I want vpn guide separately, I dont see options on your website for , all i see is combo of ASA guide and the VPN guide. I made my purchase by x
    and let me know about the discount also. thanks

  32. ok . I have the option to buy the VPN guide separately … but can i get discount ?

  33. Harris Andrea says:

    I have sent you email for this.



Speak Your Mind