Lesson 5 презентация

Содержание

1. Lesson 5
2. Objectives Upon completion of this lesson, you
3. Overview of Remote Access Using Pre-Shared Keys
4. Internet service
5. Application server ISP ISP
6. IPSec Client-to-LAN Tunneling Application server 10.0.1.10
7. Cisco VPN Software Client for Windows
8. Initial Configuration of the Cisco VPN 3000 Series Concentrator for Remote Access
9. IPSec Server—Physical Connections
10. Configuration Options
11. GUI Table of contents Toolbar Toolbar Manager screen
12. Quick Configuration
13. Browser Configuration of the Cisco VPN 3000 Series Concentrator
14. IP Interfaces Ethernet 1 (private IP address) 10.0.P.5 Ethernet 2 (public IP address) 192.168.P.5
15. Public IP Interface Ethernet 1 (private IP
16. System Information
17. Protocols IPSec Internet
18. DHCP address Address Assignment DHCP server
19. Authentication NT domain 10.0.1.10 User authentication
20. Configuration of Users and Groups
21. Base group: Corporate Customer Service /Base/Service MIS
22. User and Group Policies
23. Group Database Internal server Group:
24. Admin Password
25. In-Depth Configuration Information
26. Authentication Cisco VPN Client (2.5) IKE Phase
27. Activate IKE Proposal 3002, 3.x or 4.x Client 2.5 Client Certicom client
28. Check IKE Proposal
29. Group Configuration—Identity /Base Training Service
30. Group Configuration—General Access
31. Group Configuration—IPSec IPSec User authentication NT domain server Internet
32. IKE Keepalives—DPD Application server Client DPD message
33. Remote Access Parameters
34. Client Configuration Parameters Cisco Client parameters Microsoft client parameters Common client parameters
35. Cisco Client Parameters Push NT domain
36. Tunneling Options Client Encrypt everything Client
37. Split Tunneling Policy— Tunnel Everything Tunnel everything
38. Split Tunneling Policy— Local LAN Option
39. Local LAN Option—Network List 10.0.1.X Client Encrypted 192.168.1.X
40. Split Tunneling—Before and After Before split
41. Split Tunneling Policy— Split Tunneling www.news.com
42. Split Tunneling—Network List 10.0.1.0 www.news.com Encrypted Client Clear text Clear text
43. Split DNS Match No match 10.0.1.0 Tunneled
44. Split DNS Configuration 10.0.1.0 www.news.com Tunneled DNS
45. DDNS DHCP server Client DNS server PC hostname PC hostname
46. Mode Configuration
47. Modifying Groups
48. Setting Up Group Attributes Global NT 10.0.1.10–60
49. Types of Authentication Group authentication User authentication
50. Testing Authentication Server
51. Public Interface— IPSec Fragmentation
52. Configuration of the Cisco VPN Software Client for Windows
53. Cisco VPN Software Client for Windows
54. Cisco VPN Software Client for Windows Run Mode
55. Main Tabs Connections Certificates Log
56. Menus—Connection Entries
57. Menus—Status
58. Menus—Certificates
59. Menus—Log
60. Menus—Options
61. Creating a New Connection—Authentication Concentrator authentication—The end user never sees this after initial configuration.
62. Creating a New Connection—Transport
63. Creating a New Connection—Backup Servers
64. Creating a New Connection—Dial-Up
65. Pre-configure Client for Remote Users oem.ini vpnclient.ini .pcf
66. .pcf File .pcf file—User profile
67. Silent Mode oem.ini—Installing the Cisco VPN Client
68. Client Program Menu
69. Setting MTU Size
70. Virtual Adapter
71. Viewing Connected Clients—Concentrator Connection Status
72. Viewing Connected Clients—Status Details
73. Summary
74. Summary The initial configuration of the Cisco
75. Summary (cont.) Mode configuration enables the Cisco
76. Lab Exercise
77. Lab Visual Objective 192.168.P.0 Student PC with

Objectives Upon completion of this lesson, you will be able to perform the following tasks: Configure the Cisco VPN 3000 Series Concentrator LAN interfaces via the CLI. Configure the Cisco VPN

Слайд 1Lesson 5
Configure the Cisco VPN 3000 Series Concentrator for Remote Access

Using Pre-Shared Keys

Слайд 2Objectives
Upon completion of this lesson, you will be able to perform

the following tasks:
Configure the Cisco VPN 3000 Series Concentrator LAN interfaces via the CLI.
Configure the Cisco VPN 3000 Series Concentrator Client-to-LAN application using the browser.
Configure the IPSec Client.
Monitor the IPSec Client-to-LAN tunnel.

Слайд 3Overview of Remote Access Using Pre-Shared Keys

Слайд 4

Internet service
provider

Telecommuter
Corporate office

Web server

File server
Client-to-LAN
Internet

Telecommuter

Telecommuter

Telecommuter

Слайд 5

Application
server
ISP
ISP

Concentrator
PPP connectivity
Dial access
IPSec tunnel or session
Telecommuter with the Cisco VPN 3000

Series Concentrator Client

Internet

IPSec Client-to-LAN Components

Client software
PPP
IPSec standards
VPN Concentrator

Слайд 6
IPSec Client-to-LAN Tunneling
Application
server
10.0.1.10
VPN private IP address
10.0.1.5
VPN public IP
192.168.1.5
Adapter (NIC) IP address
172.26.26.1
Client

IP address
10.0.1.20

192.168.1.5
172.26.26.1
ESP
10.0.1.10
10.0.1.20

Data

ISP

Internet

Telecommuter with the Cisco VPN 3000 Series Concentrator Client

Слайд 7Cisco VPN Software Client for Windows
Cisco VPN Software Client for Windows
Installed

on Windows system

Слайд 8Initial Configuration of the Cisco VPN 3000 Series Concentrator for Remote

Access

Слайд 9IPSec Server—Physical Connections

Console port
VPN private IP address
10.0.P.5
VPN public IP address
192.168.P.5
Power
10.0.P.10
Server
Client PC
172.26.26.P

Internet

Слайд 10Configuration Options

Слайд 11GUI
Table of contents
Toolbar
Toolbar
Manager screen

Слайд 12Quick Configuration

Слайд 13Browser Configuration of the Cisco VPN 3000 Series Concentrator

Слайд 14IP Interfaces
Ethernet 1 (private IP address)
10.0.P.5
Ethernet 2 (public IP address)
192.168.P.5

Слайд 15Public IP Interface
Ethernet 1 (private IP address)
10.0.P.5
Ethernet 2 (public IP address)
192.168.1.5

Слайд 16System Information

Слайд 17
Protocols

IPSec

Internet

Слайд 18DHCP address

Address Assignment
DHCP server
10.0.1.10

Internet

Слайд 19
Authentication
NT
domain
10.0.1.10
User
authentication

Internet
Cisco VPN 3000 Series Concentrator Client
Computer Name: BOSTON
Domain: Domain_BOSTON

Слайд 20Configuration of Users and Groups

Слайд 21Base group:
Corporate
Customer Service
/Base/Service
MIS
/Base/Sales
Finance
/Base/Finance
VP of
MIS
Groups:
Departments
Users:
Individuals
VP of
Finance
Groups and Users

Слайд 22User and Group Policies

Access rights
and
privileges

Слайд 23
Group Database
Internal
server

Group:
Training

Internet
Cisco VPN 3000 Series Concentrator Client

Слайд 24Admin Password

Слайд 25In-Depth Configuration Information

Слайд 26Authentication
Cisco VPN Client (2.5)
IKE Phase 1 complete
Xauth

Internal
server

Group:
Training
Concentrator
authentication
Network
authentication
(Xauth)
Cisco VPN Client

(3.0 or higher)
IKE Phase 1
Xauth
IKE Phase 1 complete

Internet

Слайд 27Activate IKE Proposal
3002, 3.x or
4.x Client
2.5 Client
Certicom client

Слайд 28Check IKE Proposal

Слайд 29Group Configuration—Identity
/Base
Training
Service

Слайд 30

Group Configuration—General
Access rights and
privileges
Tunneling
protocol
DNS
and
WINS

Слайд 31
Group Configuration—IPSec
IPSec
User
authentication
NT
domain
server

Internet

Слайд 32IKE Keepalives—DPD
Application
server
Client
DPD message (Are you there)
DPD message (Are you there ACK)
Worry
timer
expires
Receive

data

Internet

Слайд 33Remote Access Parameters

IPSec
User
authentication
NT
domain
server

Internet

Слайд 34Client Configuration Parameters

Cisco Client
parameters
Microsoft client
parameters
Common client
parameters

Слайд 35
Cisco Client Parameters
Push
NT
domain
server

Internet

Слайд 36Tunneling Options
Client

Encrypt
everything
Client

Clear text
Encrypted
www.news.com
Client

Encrypted
Clear
text
Clear text
Tunnel
everything
Tunnel everything except
local LAN traffic
Split
tunneling

Слайд 37Split Tunneling Policy— Tunnel Everything
Tunnel
everything
Client

Encrypt
everything

X

Слайд 38Split Tunneling Policy— Local LAN Option
Client

Encrypted

Clear text
Everything mode
with
local LAN option

Слайд 39Local LAN Option—Network List

10.0.1.X
Client

Encrypted

192.168.1.X

Слайд 40Split Tunneling—Before and After
Before split
tunneling

After split
tunneling

www.news.com

Client
Encrypted
Clear
text

www.news.com

Client
Encrypted
Clear
text

Слайд 41Split Tunneling Policy— Split Tunneling
www.news.com
Encrypted
Client

Clear
text
Clear text

Слайд 42Split Tunneling—Network List
10.0.1.0
www.news.com
Encrypted
Client

Clear
text
Clear text

Слайд 43Split DNS
Match
No match
10.0.1.0
Tunneled
DNS
Client

Clear text
DNS

www.cisco.com
DNS
server
www.news.com

Слайд 44Split DNS Configuration
10.0.1.0
www.news.com
Tunneled
DNS
Client

Clear text
DNS

www.cisco.com
DNS
server

Слайд 45DDNS
DHCP
server
Client

DNS
server
PC
hostname
PC
hostname

Слайд 46Mode Configuration

Push
NT
domain
server
WINS
DNS
virtual IP address

Internet

Слайд 47Modifying Groups

Слайд 48Setting Up Group Attributes
Global
NT
10.0.1.10–60
Engineering
RADIUS 2
10.0.20.60–90
Finance
RADIUS 5
10.0.30.50–80

Engineering group
RADIUS 5

RADIUS 2
Finance group

HR
NT
10.0.1.21
Finance
RADIUS 5
10.0.30.51
Engineering
RADIUS

2
10.0.20.71

Internet

Слайд 49Types of Authentication
Group authentication
User authentication

Слайд 50Testing Authentication Server

Слайд 51Public Interface— IPSec Fragmentation

Слайд 52Configuration of the Cisco VPN Software Client for Windows

Слайд 53Cisco VPN Software Client for Windows

Слайд 54Cisco VPN Software Client for Windows Run Mode

Слайд 55Main Tabs
Connections
Certificates
Log

Слайд 56Menus—Connection Entries

Слайд 57Menus—Status

Слайд 58Menus—Certificates

Слайд 59Menus—Log

Слайд 60Menus—Options

Слайд 61Creating a New Connection—Authentication
Concentrator authentication—The end user never sees this after

initial configuration.

Слайд 62Creating a New Connection—Transport

Слайд 63Creating a New Connection—Backup Servers

Слайд 64Creating a New Connection—Dial-Up

Слайд 65Pre-configure Client for Remote Users
oem.ini
vpnclient.ini
.pcf

Слайд 66.pcf File
.pcf file—User profile

Слайд 67Silent Mode
oem.ini—Installing the Cisco VPN Client without user intervention

Name of the

destination folder

Identifies whether or not to restart the system after the silent installation

Слайд 68Client Program Menu

Слайд 69Setting MTU Size

Слайд 70Virtual Adapter

Слайд 71Viewing Connected Clients—Concentrator Connection Status

Слайд 72Viewing Connected Clients—Status Details

Слайд 73Summary

Слайд 74Summary
The initial configuration of the Cisco VPN 3000 Series Concentrator occurs

via the CLI.
Subsequent configuration of the Cisco VPN 3000 Series Concentrator can be performed using a browser.
Groups and users are used to assign access and usage rights.
IPSec policies are assigned to groups.

Слайд 75Summary (cont.)
Mode configuration enables the Cisco VPN 3000 Series Concentrator to

push the network information to the Cisco VPN Software Client.
The Cisco VPN 3000 Series Concentrator can use several different types of authentication servers.
The Cisco VPN 3000 Series Concentrator provides extensive monitoring capabilities.

Слайд 76Lab Exercise

Слайд 77Lab Visual Objective
192.168.P.0
Student PC with Cisco VPN Client
172.26.26.P
.1
10.0.P.0
RTS
.5
.5
.150
Cisco VPN 3000
DHCP
server
.10
.100
RBB
172.26.26.0

Скачать презентацию

Lesson 5 презентация

Содержание

Слайд 1Lesson 5Configure the Cisco VPN 3000 Series Concentrator for Remote Access

Слайд 2ObjectivesUpon completion of this lesson, you will be able to perform

Слайд 3Overview of Remote Access Using Pre-Shared Keys

Слайд 4Internet service providerTelecommuterCorporate officeWeb serverFile serverClient-to-LANInternetTelecommuterTelecommuterTelecommuter

Слайд 5ApplicationserverISPISPConcentratorPPP connectivityDial accessIPSec tunnel or sessionTelecommuter with the Cisco VPN 3000

Слайд 6IPSec Client-to-LAN TunnelingApplicationserver10.0.1.10VPN private IP address10.0.1.5VPN public IP192.168.1.5Adapter (NIC) IP address172.26.26.1Client

Слайд 7Cisco VPN Software Client for WindowsCisco VPN Software Client for WindowsInstalled

Слайд 8Initial Configuration of the Cisco VPN 3000 Series Concentrator for Remote

Слайд 9IPSec Server—Physical ConnectionsConsole portVPN private IP address10.0.P.5VPN public IP address192.168.P.5Power10.0.P.10ServerClient PC172.26.26.PInternet

Слайд 10Configuration Options

Слайд 11GUITable of contentsToolbarToolbarManager screen

Слайд 12Quick Configuration

Слайд 13Browser Configuration of the Cisco VPN 3000 Series Concentrator

Слайд 14IP InterfacesEthernet 1 (private IP address)10.0.P.5Ethernet 2 (public IP address)192.168.P.5

Слайд 15Public IP InterfaceEthernet 1 (private IP address)10.0.P.5Ethernet 2 (public IP address)192.168.1.5

Слайд 16System Information

Слайд 17ProtocolsIPSecInternet

Слайд 18DHCP addressAddress AssignmentDHCP server10.0.1.10Internet

Слайд 19AuthenticationNTdomain10.0.1.10UserauthenticationInternetCisco VPN 3000 Series Concentrator ClientComputer Name: BOSTONDomain: Domain_BOSTON

Слайд 20Configuration of Users and Groups

Слайд 21Base group:CorporateCustomer Service/Base/ServiceMIS/Base/SalesFinance/Base/FinanceVP ofMISGroups:DepartmentsUsers:IndividualsVP ofFinanceGroups and Users

Слайд 22User and Group PoliciesAccess rightsandprivileges

Слайд 23Group DatabaseInternalserverGroup:TrainingInternetCisco VPN 3000 Series Concentrator Client

Слайд 24Admin Password

Слайд 25In-Depth Configuration Information

Слайд 26AuthenticationCisco VPN Client (2.5)IKE Phase 1 completeXauthInternalserverGroup:TrainingConcentrator authenticationNetwork authentication(Xauth)Cisco VPN Client

Слайд 27Activate IKE Proposal3002, 3.x or 4.x Client2.5 ClientCerticom client

Слайд 28Check IKE Proposal

Слайд 29Group Configuration—Identity/BaseTrainingService

Слайд 30Group Configuration—GeneralAccess rights and privilegesTunnelingprotocolDNSand WINS

Слайд 31Group Configuration—IPSec IPSecUserauthenticationNTdomainserverInternet

Слайд 32IKE Keepalives—DPDApplicationserverClientDPD message (Are you there)DPD message (Are you there ACK)WorrytimerexpiresReceive

Слайд 33Remote Access ParametersIPSecUserauthenticationNTdomainserverInternet

Слайд 34Client Configuration ParametersCisco ClientparametersMicrosoft clientparametersCommon clientparameters

Слайд 35Cisco Client ParametersPushNTdomainserverInternet

Слайд 36Tunneling OptionsClientEncrypteverythingClientClear textEncryptedwww.news.comClientEncryptedCleartextClear textTunnel everythingTunnel everything exceptlocal LAN trafficSplittunneling

Слайд 37Split Tunneling Policy— Tunnel EverythingTunneleverything ClientEncrypteverythingX

Слайд 38Split Tunneling Policy— Local LAN OptionClientEncryptedClear textEverything modewith local LAN option

Слайд 39Local LAN Option—Network List10.0.1.XClientEncrypted192.168.1.X

Слайд 40Split Tunneling—Before and AfterBefore split tunneling After split tunnelingwww.news.comClientEncryptedCleartextwww.news.comClientEncryptedCleartext

Слайд 41Split Tunneling Policy— Split Tunnelingwww.news.comEncryptedClientCleartextClear text

Слайд 42Split Tunneling—Network List10.0.1.0www.news.comEncryptedClientCleartextClear text

Слайд 43Split DNSMatchNo match10.0.1.0TunneledDNSClientClear textDNSwww.cisco.comDNSserverwww.news.com

Слайд 44Split DNS Configuration10.0.1.0www.news.comTunneledDNSClientClear textDNSwww.cisco.comDNSserver

Слайд 45DDNSDHCPserverClientDNSserverPChostnamePChostname

Слайд 46Mode ConfigurationPushNTdomainserverWINSDNSvirtual IP addressInternet

Слайд 47Modifying Groups

Слайд 48Setting Up Group AttributesGlobalNT10.0.1.10–60EngineeringRADIUS 210.0.20.60–90FinanceRADIUS 510.0.30.50–80Engineering groupRADIUS 5RADIUS 2Finance groupHRNT10.0.1.21FinanceRADIUS 510.0.30.51EngineeringRADIUS

Слайд 49Types of AuthenticationGroup authenticationUser authentication

Слайд 50Testing Authentication Server

Слайд 51Public Interface— IPSec Fragmentation

Слайд 52Configuration of the Cisco VPN Software Client for Windows

Слайд 53Cisco VPN Software Client for Windows

Слайд 54Cisco VPN Software Client for Windows Run Mode

Слайд 55Main Tabs Connections Certificates Log

Слайд 56Menus—Connection Entries

Слайд 57Menus—Status

Слайд 58Menus—Certificates

Слайд 59Menus—Log

Слайд 60Menus—Options

Слайд 61Creating a New Connection—AuthenticationConcentrator authentication—The end user never sees this after

Слайд 62Creating a New Connection—Transport

Слайд 63Creating a New Connection—Backup Servers

Слайд 64Creating a New Connection—Dial-Up

Слайд 65Pre-configure Client for Remote Usersoem.inivpnclient.ini.pcf

Слайд 66.pcf File.pcf file—User profile

Слайд 67Silent Modeoem.ini—Installing the Cisco VPN Client without user interventionName of the

Слайд 68Client Program Menu

Слайд 69Setting MTU Size

Слайд 70Virtual Adapter

Слайд 71Viewing Connected Clients—Concentrator Connection Status

Слайд 72Viewing Connected Clients—Status Details

Слайд 73Summary

Слайд 74SummaryThe initial configuration of the Cisco VPN 3000 Series Concentrator occurs

Слайд 75Summary (cont.)Mode configuration enables the Cisco VPN 3000 Series Concentrator to

Слайд 76Lab Exercise

Слайд 77Lab Visual Objective192.168.P.0Student PC with Cisco VPN Client172.26.26.P.110.0.P.0RTS.5.5.150Cisco VPN 3000DHCPserver.10.100RBB172.26.26.0

Похожие презентации

Слайд 1Lesson 5
Configure the Cisco VPN 3000 Series Concentrator for Remote Access

Слайд 2Objectives
Upon completion of this lesson, you will be able to perform

Слайд 4

Internet service
provider

Telecommuter
Corporate office

Web server

File server
Client-to-LAN
Internet

Telecommuter

Telecommuter

Telecommuter

Слайд 5

Application
server
ISP
ISP

Concentrator
PPP connectivity
Dial access
IPSec tunnel or session
Telecommuter with the Cisco VPN 3000

Слайд 6
IPSec Client-to-LAN Tunneling
Application
server
10.0.1.10
VPN private IP address
10.0.1.5
VPN public IP
192.168.1.5
Adapter (NIC) IP address
172.26.26.1
Client

Слайд 7Cisco VPN Software Client for Windows
Cisco VPN Software Client for Windows
Installed

Слайд 9IPSec Server—Physical Connections

Console port
VPN private IP address
10.0.P.5
VPN public IP address
192.168.P.5
Power
10.0.P.10
Server
Client PC
172.26.26.P

Internet

Слайд 11GUI
Table of contents
Toolbar
Toolbar
Manager screen

Слайд 14IP Interfaces
Ethernet 1 (private IP address)
10.0.P.5
Ethernet 2 (public IP address)
192.168.P.5

Слайд 15Public IP Interface
Ethernet 1 (private IP address)
10.0.P.5
Ethernet 2 (public IP address)
192.168.1.5

Слайд 17
Protocols

IPSec

Internet

Слайд 18DHCP address

Address Assignment
DHCP server
10.0.1.10

Internet

Слайд 19
Authentication
NT
domain
10.0.1.10
User
authentication

Internet
Cisco VPN 3000 Series Concentrator Client
Computer Name: BOSTON
Domain: Domain_BOSTON

Слайд 21Base group:
Corporate
Customer Service
/Base/Service
MIS
/Base/Sales
Finance
/Base/Finance
VP of
MIS
Groups:
Departments
Users:
Individuals
VP of
Finance
Groups and Users

Слайд 22User and Group Policies

Access rights
and
privileges

Слайд 23
Group Database
Internal
server

Group:
Training

Internet
Cisco VPN 3000 Series Concentrator Client

Слайд 26Authentication
Cisco VPN Client (2.5)
IKE Phase 1 complete
Xauth

Internal
server

Group:
Training
Concentrator
authentication
Network
authentication
(Xauth)
Cisco VPN Client

Слайд 27Activate IKE Proposal
3002, 3.x or
4.x Client
2.5 Client
Certicom client

Слайд 29Group Configuration—Identity
/Base
Training
Service

Слайд 30

Group Configuration—General
Access rights and
privileges
Tunneling
protocol
DNS
and
WINS

Слайд 31
Group Configuration—IPSec
IPSec
User
authentication
NT
domain
server

Internet

Слайд 32IKE Keepalives—DPD
Application
server
Client
DPD message (Are you there)
DPD message (Are you there ACK)
Worry
timer
expires
Receive

Слайд 33Remote Access Parameters

IPSec
User
authentication
NT
domain
server

Internet

Слайд 34Client Configuration Parameters

Cisco Client
parameters
Microsoft client
parameters
Common client
parameters

Слайд 35
Cisco Client Parameters
Push
NT
domain
server

Internet

Слайд 36Tunneling Options
Client

Encrypt
everything
Client

Clear text
Encrypted
www.news.com
Client

Encrypted
Clear
text
Clear text
Tunnel
everything
Tunnel everything except
local LAN traffic
Split
tunneling

Слайд 37Split Tunneling Policy— Tunnel Everything
Tunnel
everything
Client

Encrypt
everything

X

Слайд 38Split Tunneling Policy— Local LAN Option
Client

Encrypted

Clear text
Everything mode
with
local LAN option

Слайд 39Local LAN Option—Network List

10.0.1.X
Client

Encrypted

192.168.1.X

Слайд 40Split Tunneling—Before and After
Before split
tunneling

After split
tunneling

www.news.com

Client
Encrypted
Clear
text

www.news.com

Client
Encrypted
Clear
text

Слайд 41Split Tunneling Policy— Split Tunneling
www.news.com
Encrypted
Client

Clear
text
Clear text

Слайд 42Split Tunneling—Network List
10.0.1.0
www.news.com
Encrypted
Client

Clear
text
Clear text

Слайд 43Split DNS
Match
No match
10.0.1.0
Tunneled
DNS
Client

Clear text
DNS

www.cisco.com
DNS
server
www.news.com

Слайд 44Split DNS Configuration
10.0.1.0
www.news.com
Tunneled
DNS
Client

Clear text
DNS

www.cisco.com
DNS
server

Слайд 45DDNS
DHCP
server
Client

DNS
server
PC
hostname
PC
hostname

Слайд 46Mode Configuration

Push
NT
domain
server
WINS
DNS
virtual IP address

Internet

Слайд 48Setting Up Group Attributes
Global
NT
10.0.1.10–60
Engineering
RADIUS 2
10.0.20.60–90
Finance
RADIUS 5
10.0.30.50–80

Engineering group
RADIUS 5

RADIUS 2
Finance group

HR
NT
10.0.1.21
Finance
RADIUS 5
10.0.30.51
Engineering
RADIUS

Слайд 49Types of Authentication
Group authentication
User authentication

Слайд 55Main Tabs
Connections
Certificates
Log

Слайд 61Creating a New Connection—Authentication
Concentrator authentication—The end user never sees this after

Слайд 65Pre-configure Client for Remote Users
oem.ini
vpnclient.ini
.pcf

Слайд 66.pcf File
.pcf file—User profile

Слайд 67Silent Mode
oem.ini—Installing the Cisco VPN Client without user intervention

Name of the

Слайд 74Summary
The initial configuration of the Cisco VPN 3000 Series Concentrator occurs

Слайд 75Summary (cont.)
Mode configuration enables the Cisco VPN 3000 Series Concentrator to

Слайд 77Lab Visual Objective
192.168.P.0
Student PC with Cisco VPN Client
172.26.26.P
.1
10.0.P.0
RTS
.5
.5
.150
Cisco VPN 3000
DHCP
server
.10
.100
RBB
172.26.26.0