Securing IOS-XE VPNs
Securing IOS-XE VPNs This post provides some guidelines in securing an IPSec VPN on a Cisco IOS-XE router to reduce the attack surface when acting as a VPN gateway. Disable…
IOS-XE FlexVPN Client Profile
The FlexVPN client profile is an optional component used on the spoke (client) routers, which consists of settings used to connect to the FlexVPN server (hub) gateway, including the following:…
IOS-XE FlexVPN IKEv2 Routing
On Cisco IOS-XE routers, FlexVPN supports the use of Dynamic Routing protocols such as EIGRP, BGP and OSPF. FlexVPN also has the ability to advertise routes in the IKEv2 Security…
IOS-XE FlexVPN Static VTI
Cisco IOS-XE routers support various types of secure IPSec VPN's including Static Virtual Tunnel Interfaces (SVTI), which is a route based VPN commonly referred to as FlexVPN. With a FlexVPN…
IOS-XE FlexVPN certificate authentication
This post describes the steps to configure certificate authentication for a VPN on a Cisco IOS-XE router. Configuration The certificates in this FlexVPN lab are signed by the CA called…
IOS-XE FlexVPN Overview
FlexVPN is a framework to configure IPSec VPNs on Cisco IOS devices; it was created to simplify the deployment of VPN solutions of all type (Site-to-Site, Remote Access etc). It…