Networks Training

  • About
  • My Books
  • SUGGESTED TRAINING
  • HOME
  • Cisco Networking
    • Cisco General
    • Cisco IOS
    • Cisco VPN
    • Cisco Wireless
  • Cisco ASA
    • Cisco ASA General
    • Cisco ASA Firewall Configuration
  • Certifications Training
    • CCNA Training
    • Cisco Certifications
    • I.T Training
  • General
    • General Networking
    • IP Telephony
    • Network Security
    • Product Reviews
    • Software
  • Cisco Routers
  • Cisco Switches
You are here: Home / Cisco VPN / Which Cisco VPN Topic Are you Interested in – Vote Below

Which Cisco VPN Topic Are you Interested in – Vote Below

Written By Harris Andrea

Recently I have been thinking to write a new Cisco book which will be about Cisco VPN configuration. The topic of Virtual Private Networks (used to connect remote sites  together over the Internet or to allow mobile users to establish remote access connections to their corporate network resources) is a hot topic in networking. I receive a lot of emails and comments from my website visitors about various VPN configuration scenarios which shows that a practical book in this subject will be valuable for many professional network engineers.

The book will offer step-by-step instructions about VPN configurations (lan-to-lan and client remote access) and also offer several practical and real world complete configuration examples. Moreover, the book will cover VPN configuration for both Cisco Routers and ASA firewalls and also scenarios including mixture of Routers with ASA.

However I need your help to decide which specific topics I should include in the book. I prepared a poll and I would really appreciate if you could vote below about the VPN topics that you are most interested in. You can select multiple topics and also you can leave a comment in the appropriate section (bottom of this page) if you want me to include something not found in the poll answers.

MORE READING:  Site-to-Site IPSEC VPN Between Two Cisco ASA - one with Dynamic IP

Thanks for your time.

[poll id=”2″]

Related Posts

  • VPN Failover with HSRP High Availability (Crypto Map Redundancy)
  • Cisco IPsec Tunnel vs Transport Mode with Example Config
  • Cisco DMVPN Configuration Example
  • Site to Site IPSEC VPN Between Cisco Router and Juniper Security Gateway
  • Site-to-Site IPSEC VPN Between Cisco ASA and pfSense

Filed Under: Cisco VPN

Download Free Cisco Commands Cheat Sheets

Enter your Email below to Download our Free Cisco Commands Cheat Sheets for Routers, Switches and ASA Firewalls.

We use Elastic Email as our marketing automation service. By submitting this form, you agree that the information you provide will be transferred to Elastic Email for processing in accordance with their Terms of Use and Privacy Policy. Also, you allow me to send you informational and marketing emails from time-to-time.

About Harris Andrea

Harris Andrea is an Engineer with more than two decades of professional experience in the fields of TCP/IP Networks, Information Security and I.T. Over the years he has acquired several professional certifications such as CCNA, CCNP, CEH, ECSA etc.

He is a self-published author of two books ("Cisco ASA Firewall Fundamentals" and "Cisco VPN Configuration Guide") which are available at Amazon and on this website as well.

Comments

  1. Roberto Pederzani says

    September 9, 2012 at 10:04 am

    Active Directory integration with ASA can be very interesting.

    Good Work!

  2. Melvin says

    September 9, 2012 at 10:04 am

    It would be beneficial if you include IPSec VPN between ASA firewalls with SIP aware-traffic and DSCP QoS configuration. Will be useful for VOIP traffic.

  3. Andy says

    September 9, 2012 at 10:21 am

    Can you cover a trouble shooting also maybe how PC works with Browser and ties into AD when connecting to corporate domains.

  4. Shadab says

    September 9, 2012 at 10:31 am

    site to site VPN from Cisco ASA with Stonegate firewall, Juniper firewall and other vendors.

  5. Jonny says

    September 9, 2012 at 10:38 am

    Hello Harris.

    The HUB-AND-SPOKE IPSEC VPN is also interesting.
    We have a discussion on work regarding implementing a star situation on the 3 asa 5540. (all tree 5540 speak to each other) The challenge here vil be the dynamic routing against the asa’s.

    BR

    Jonny

  6. unes says

    September 9, 2012 at 10:59 am

    vpn between hub ans spoks based on certificate server

  7. Sven-Owe says

    September 9, 2012 at 11:10 am

    The problem tjat i nedan clear solution for is the best Wayne to axes the ASA fom à VPN – client (laptop, PC or orter)

  8. ola says

    September 9, 2012 at 11:26 am

    Please include troubleshooting steps.

  9. Udo Edwin Foth says

    September 9, 2012 at 12:02 pm

    Hi Harris,

    i) all of the topics

    ii) the more complex ones like ASA->RSA->CSACS->Win AD
    (with tokens, 802.1x and enforced security)
    ==> this would be great because there is no really good documentation (i did ASA->RSA->CSACS – it was really hard – i’ve some other things inbetween (CP !)

    I assume a lot of guys out there would appreciate some helpful advices

    Best regards

    Udo

  10. luis gimenez says

    September 9, 2012 at 12:23 pm

    Branch office asa with others partner watchguard cyberoam,netgear , palo alto , fortinet, juniper

  11. Geert Jackers says

    September 9, 2012 at 12:25 pm

    Interoperability cisco ipsec vpn lan to lan and other manufacturers.

  12. Ron says

    September 9, 2012 at 1:04 pm

    would like to see setting up connections using browser SSL to ASA 5505 firewall.

    thx

  13. Mark says

    September 9, 2012 at 1:05 pm

    Would be interested to see an IPSEC site to site vpn configuration using vrf lite on a Cisco ASR series router (i.e., ASR1002).

  14. Michael says

    September 9, 2012 at 1:53 pm

    It would be great to also have a chapter on ASA Full Mesh VPNs.

    Thanks

    Michael Hewitt

  15. Paul Hauck says

    September 9, 2012 at 2:25 pm

    Other VPN topic suggestions:

    1) Cisco ASA licensing as it relates to VPN types and quantities (by type and totals).

    2) VPN types compared and contrasted with respect to features; capabilities; limitations; and the basics of how each one works.

    3) Walk-throughs of each VPN type in use; including not only what should happen step-by-step but also common issues and suggested resolutions.

    4) VPN troubleshooting; including debugs and CLI queries with highlighted examples showing what to look for and what each item means with respect to VPN establishment (success and failure); maintenance; and teardown.

    5) Discussion of endpoint security (threat management and access control).

  16. Stefano Bertotti says

    September 9, 2012 at 2:32 pm

    Lan-to-Lan IPSEC VPN between Routers and ASA using VTI, in case of hub-and-spoke vpn. Aliasing IPSEC for overlapping networks.
    Differences in IPSEC aliasing between ASA 8.2 and ASA 8.4. NAT of the destination network over IPSEC, iF the counterpart don’t provide to alias the overlapped network.

  17. Gareth says

    September 9, 2012 at 3:20 pm

    I do find thta the subject of overlapping NAT addresses needs more explanation, and perhaps a tutorial on debugging, using ASDM or CLI filters and the more common error messages.
    Good luck!
    Gareth Tomlinson CISSP

  18. Karl says

    September 9, 2012 at 3:21 pm

    I also think and have been looking for a reasonable priced training DVD on ASA 5500 series setup from scratch. instructional dvd/download of actual working examples would be great to.

  19. Paolo says

    September 9, 2012 at 4:33 pm

    Hi Harris, asa with 2 ISP at the same time.(you have already answered this question by mail).

  20. Vince Tran says

    September 9, 2012 at 4:57 pm

    -setup and utililize webVPN
    -allowing trusted traffic into L2L VPN (other subnet from different VPN offices)
    -VPN troubleshooting techniques that not already introduced by Cisco
    -setup L2L IPSEC with some other non Cisco router like Netgear, D-Link, CradlePoint

  21. Sameer Ahmad says

    September 9, 2012 at 5:47 pm

    GETVPN , DMVPN , MPLS VPN , SSL VPN

  22. Arthit says

    September 9, 2012 at 6:13 pm

    -Site to site with duplicate subnets

  23. Joon says

    September 9, 2012 at 6:21 pm

    Would like a topic on how to tie remote access VPN with FreeRadius with grouplock feature. Thank Harris!

  24. m w says

    September 9, 2012 at 7:02 pm

    How configure support for SuiteB IPsec.

  25. Benjamin says

    September 9, 2012 at 7:32 pm

    Vpn client for Android mobile and iphone with license and with license on ASA.

  26. Roberto (aka...The Doctor) says

    September 9, 2012 at 10:37 pm

    I am familiar with fully meshed IPSEC site-to-site VPN tunnels over ASA-to-ASA and ASA-to-Router configs, but I would like to see fully meshed IPSEC site-to-site VPNs with HA and over different ISPs. I think that as companies move toward a cloud-based model, this will become more common place. This might even leverage IP SLA…thoughts…

  27. Vincent says

    September 9, 2012 at 11:57 pm

    -Remote access(webvpn profiles) & L2L VPN configuration and troubleshooting.
    -QOS design, configuration and troubleshooting
    -Logging

  28. Mohammad Khan says

    September 10, 2012 at 12:26 am

    Checkpoint has Firewall Manager to centrally manage all the Firewalls,rules and policies. I like to see similar on ASA firewalls.Also if you discuss on rules and policies with example would be great help.Thanks

  29. Mohammad Khan says

    September 10, 2012 at 12:29 am

    I saw someone already mentioned this topic,I like to repeat again.see below for the topic:

    ASA->RSA->CSACS->Win AD
    (with tokens, 802.1x and enforced security)

  30. Ali says

    September 10, 2012 at 2:25 am

    – VTI Tunnels
    – VPN IPSec and VTI with Dynamic IP’s on Cisco ASA and IOS Routers (I know ASA won’t do the VTI part)
    – I think book should have a primary focus on Cisco technologies I would much rather have a well written book on Cisco than you trying to make every one else happy with Juniper, Netgear, D-Link :)

  31. Ken Hughes says

    September 10, 2012 at 3:29 am

    Harris,
    Your books have been full of GREAT information. They have help me alot. I work in a medical environment where where we are constantly having physicians connect to our network via VPN. Sometimes these physicians have Pix or ASA firewalls but many times they will have a Sonic Wall or a Watchguard or Linux Firewall or LinkSys Router, etc…. we never know what we are going to run into. I would really like to see the configuration to these types of devices. I do not know if you can get your hands on possibly some demo equipment, but it would be really nice to see screen shots from those devices. Typically the easy part is our Cisco ASA but telling the physician IT staff how to configure their firewall properly can sometimes be a difficult task. Additionally, I would like to see just like Arthit said examples where our physicians all use the same subnet and we have to NAT another subnet to them. While I understand the process, it is about as clear as mud to me:)

  32. Jonathan Schwartz says

    September 10, 2012 at 4:16 am

    Multicast setup between two routers, using gee and a site to site connection – plus. Routers behind a asa site to site vpn using gee to

  33. Joe Yadacus says

    September 10, 2012 at 4:49 am

    It all looks pretty useful to me. I would probably get the most benefit from SSL based Remote Access examples, but all of the topics you list look good.

  34. Vinod Chahal says

    September 10, 2012 at 5:15 am

    1:- How to integrate Active Directory authentication in remote VPN scenario.
    2:- GRE tunnels with IPsec.

  35. Prakash says

    September 10, 2012 at 5:20 am

    -set up L2L Ipsec with router to Cisco Check Point

    – ASA -> Cicso Check Point

    – set up Cisco VPN Concentrator

    – Is their any chance to Loadbalance using two ISP Links?????

  36. Prakash says

    September 10, 2012 at 5:22 am

    – Is their any chance to Loadbalance using two ISP Links in L2L VPN?????

  37. safaa says

    September 10, 2012 at 7:17 am

    integrate voip solution with vpn using cisco routers &ASA with step by step configuration and explanation and all what the above guys commented …wil be great book.
    thanks

  38. TonyB says

    September 10, 2012 at 8:12 am

    VPN connectivity between say net screen/srx or checkpoint and a a would be a good real world subject. You see this out there loads and there very often issues.

  39. Aji N C says

    September 10, 2012 at 10:19 am

    Vpn with different vendors , like juniper , paloalto , sonicwall, cyberom etc. with Static and Dynamic addressing.

  40. Blog Admin says

    September 10, 2012 at 11:18 am

    I would like to express my appreciation for all of you guys and girls that left a comment here. I started taking notes and I will definitely consider all of your feedback and suggestions. As you understand it might not be possible to include all of your suggestions in a book, but in one way or another I will try to satisfy your requests (if not in a book, maybe in future articles and configuration examples that I will be posting on this site).

    Thanks a lot everyone…

    Harris

  41. EarlM says

    September 10, 2012 at 11:25 am

    A chapter on BGP and OSPF used on ASA and router with real world situations would be interesting and beneficial.

  42. Jesse says

    September 10, 2012 at 12:30 pm

    I would to see how to setup multiple subnet across the vpn such data, voice (voip) databases etc… with DHCP and dynamic ip addresses.

  43. Mike says

    September 10, 2012 at 1:07 pm

    Please include iPad configurations for VPN.
    I am using my ipad more and more for network administration – and, I think others are, too.
    Thanks,
    Mike

  44. inam says

    September 10, 2012 at 1:47 pm

    It would be very usefull if you include VPN Connectivity with other vendor’s firewall like checkpoit and some other famous firewalls with ASA.

    Regards
    iNAM

  45. Steve says

    September 10, 2012 at 3:41 pm

    Troubleshooting all the above

  46. Mal Brassfield says

    September 10, 2012 at 5:52 pm

    First of all, your book(s) have been very informative and help for us. Thanks. I would like to see remote VPN connections authenticated via LDAP, Radius, or TACACS servers, and how those systems are implemented. Also, potentially the use of CAC card readers with remote VPN access.

  47. George says

    September 10, 2012 at 8:09 pm

    -Site-to-Site VPN protocol filtering
    -AnyConnect integration with Secure Desktop and registry checks

  48. George says

    September 10, 2012 at 8:12 pm

    Forgot to mention
    -Backup GRE tunnel through IPSec VPN for WAN links, using dynamic routing.

  49. Allisson Cândido says

    September 10, 2012 at 8:44 pm

    Please include all authentication types like local or using radius infrastructure and if possible certificate usage.

  50. sid says

    September 11, 2012 at 7:21 am

    Would suggest something about block asa traffic to specified websites. and something on logging events would be very useful.
    regards,
    pietro stefanelli

  51. Sathish Damodaran Suresh says

    September 11, 2012 at 8:44 am

    It will be more useful if you can cover the VPN mechanism in more details. For example ISAKMP policy exchange and IPSEC tunnel establishment, SPI, SA negotiation and VPN connection statee etc ….

  52. Bob Kiep says

    September 11, 2012 at 10:22 pm

    Regarding “Other” – a special chapter or section addressing in-board openconnect offered in Ubuntu, Android, etc., that no longer requires the AnyConnect client – could the chapter discuss key features we would be losing if we did away with AnyConnect? What are the gotcha’s of configuring OpenConnect on these platforms, etc., etc.

  53. Ray says

    September 12, 2012 at 4:29 am

    Resolving the issue between Microsoft Lync and Desktop Sharing through the ASA.

  54. Ali says

    September 12, 2012 at 3:02 pm

    I agree with you, perhaps having couple of books to cover the topics would be better. Remote VPN on the mobile devices is something new that is being asked these days too by the way so coverage on that would be great.

    I’m looking forward to your next book.

  55. Kingshuk Sinha says

    September 12, 2012 at 6:29 pm

    DMVPN,GET VPN,Active/Active Failover in Multiple Context mode real time scenarios & troubleshooting.New NATing Concept,New Object grouping concepts & on VPN Failover.
    How to intergrate cisco vpn technology with mobile phone?
    ASA Troubleshooting Book in depth-by Harris Andrea
    If you have advanced books on routers & switches do let me know.
    WAITING WAITING WAITING…All the Best

  56. Dave says

    September 13, 2012 at 11:15 am

    It would be good to have more information of setting up SSL Certificates on the ASA.

    Thanks

  57. John says

    September 13, 2012 at 5:58 pm

    Explanation of Certificates as Dave mentions above.

  58. Jay says

    September 14, 2012 at 12:15 am

    Topics.
    1. GetVPN
    2. Static VTI
    3. Dynamic VTI

  59. Steve says

    September 14, 2012 at 12:28 am

    Harris, your books have been very useful. Keep up the good work!

    – How and why to configure multiple remote ssl/webvpn profiles and the rules you could apply to them
    – QoS policies (maybe even traffic limiting/shaping)
    – DNS doctoring (and why you might use this)

  60. Daniel says

    September 14, 2012 at 12:48 pm

    Remote-Access using Apple-Products (iPAD, iPhone, Macbook..) with Built-In VPN-Client as well as Anyconnect.

  61. Ali says

    September 18, 2012 at 8:13 pm

    Anything on the IPS by any chance?

  62. Raazak says

    September 21, 2012 at 10:04 am

    Yes, I would say
    1) ASA->RSA->CSACS->Win AD
    (with tokens, 802.1x and enforced security)

    2) anyconnect with soft token, ASA, RSA, AD. No PKI use.

  63. Larry says

    September 23, 2012 at 3:38 pm

    LABS !!!!
    A series of labs to sharpen skills from basic through complex, with the solutions at the back.
    I would pay double of what i have already paid for your other materials for a good lab book.

  64. David says

    September 24, 2012 at 4:53 pm

    I would like to see a section on increasing the security of VPNs by requiring digital certificates, RSA tokens or other means and how to install and configure them or alternately by only allowing certain MAC addresses to log in.

  65. Bello says

    September 25, 2012 at 12:22 pm

    Sir, is it possible to show configuration of VPN between two routers obtaining dynamic addresses from the ISP

  66. EarlM says

    November 1, 2012 at 12:07 am

    Your methods of addressing complicated are very clear and precise. I would like to see you address configuring Remote Access VPN on the ASA where the VPN client can access multiple subnets on the corporate network to include user restrictions.

  67. Anders says

    February 14, 2013 at 7:12 pm

    VRF based Router with EasyVPN server (VTI) and ASA EasyVPN client with dynamic ip.
    alt. DMVPN.

    Thanks

  68. ron says

    May 8, 2013 at 4:02 pm

    Hi,

    I have a Cisco ASA 5505 firewall and my internal network is in the range 192.168.x.x, and I use NAT. However, I’m required to NAT the address range 10.205.x.x for a VPN tunnel.

    If my internal network is in the 192.168.x.x range, how can I NAT this to the 10.205.x.x range for use with the tunnel?

    Is this possible? If yes, how can this be done with the GUI?

    thank you!

  69. Blog Admin says

    May 8, 2013 at 8:04 pm

    Ron

    This is possible but I have never done it with GUI (only CLI). I don’t remember all the commands out of my head but you should search “cisco asa vpn with duplicate subnets” to get some examples and ideas.

  70. Cyberoam course says

    June 16, 2020 at 9:52 am

    very nice post thanks for sharing this post.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search this site

About Networks Training

We Provide Technical Tutorials and Configuration Examples about TCP/IP Networks with focus on Cisco Products and Technologies. This blog entails my own thoughts and ideas, which may not represent the thoughts of Cisco Systems Inc. This blog is NOT affiliated or endorsed by Cisco Systems Inc. All product names, logos and artwork are copyrights/trademarks of their respective owners.

Amazon Disclosure

As an Amazon Associate I earn from qualifying purchases.
Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates.

Search

Suggested Cisco Training

CISCO CERTIFICATION TRAINING
CISCO CCNA 200-120 TRAINING
CCNA SECURITY 640-554 TRAINING
CCENT ICND1 TRAINING
CISCO ICND2 TRAINING
CISCO CCNP TRAINING

BLOGROLL

Tech21Century
Firewall.cx

Copyright © 2022 | Privacy Policy | Terms and Conditions | Hire Me | Contact | Amazon Disclaimer | Delivery Policy

0 shares