IPsec. Gre. Ipsec/Gre. Crypto maps. Isakmp profiles. Ipsec profiles. Dynamic crypto maps. DMVPN Phase 1, phase 2, phase 3. GET VPN. Easy VPN. NHRP. X-auth. PKI. AnyConnect. Portal. RRI. I could continue forever.
In my journey of investigating all weird flavours of VPN I´ve decided to try each of them in my home-lab and make a blog-post of each one. I will use a common base topology like this:
The scenario is this: Two routers, r1 and r3, are connected to a transit-network. It might be internet, it might be anything else. It might be a crossover ethernet-cable and it might be a multi-hop MPLS-cloud. The host 192.168.1.50 needs to access 10.3.3.3 in a secure way over the transit-network.
To make sure that the routers have connectivity they have host-routes of eachother into the transit-network.
This is a blog post to collect the different configurations together. In the list below I will add each configuration example as I go…