Implementation of IPSec Site to Site VPN | TUNNEL in GNS3 | Network Security

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi everyone today in this uh live session i will do the lab of network security and this is the lab regarding the ipsec bpm tunnel and i will configure in the gns3 in this lab i will take three router one router hq means it is headquarter and one router internet i will consider this and another router is a branch okay in this we are going to implement the ipsec then we will apply the all security configuration regarding the uh in headquarter and branch office because in internet we have no control so we have to take uh first in this lab i will do the configuration basic the ip addressing and the router and pc and i will check whether it is working or not working after that i will deploy the security okay so let's start okay now i have open the gns3 in the gns3 if you see the lab manual okay i have to take now i want to make the setting this properly just made making the space for this okay now see here i have we have to take uh three routers so here click already i have taken the router i did because if you have not item then see my video lecture how to add the router so you can see and because already to router i will install this okay so first i have taken the router one then another router router two then router 3 okay now i want to make some zoom making a small size then you can see easily okay now the then we have to take the pc then i have taken this pc okay and then this pc okay after this i want to make the connection on the fast ethernet okay f00 same i want to take here and here f01 and this slot f 0 0 here i am taking f 0 1 and here also f 0 now f 0 0 okay uh now this you can see this now i want to change the name this name as a internet okay this router i mentioned headquarter hq this this router i might branch off him frequency right this branch okay now what i will give the ip address just make the same same here comment to make them easy to understand this 10 0.10 11.2 okay this 10.0.20.2 okay [Music] this interface ip address 10.0.11.1 [Music] this 10.0.12.1 [Music] this interface 10.0.12.2 this 10.0.23 dot this n dot zero dot 23 dot one this interface f zero zero is 10.0.0.22.1 okay this pc2 this pc one okay is f zero zero and this f zero one f zero now it is clear okay so you can see easily now after this uh to make them configuration we have to start the all day device okay when our device dashboard it will show the green okay now this stuff are finished now i have to open the interface to go here see in the lab manual in the lam manual pc1 so first for this we have to start the console so i want to start the all console okay now it is starting okay one by one just lift it okay see rpc1 ip 10.0.11. to slash 24. 10.0.11.1 okay default gateway now 10.11.2 24 10.11 this we have finished now go for pc2 pc2ib 10.0.22. 2 slash 24 10.0.22 not 1. now this is we have finished uh we have given the configuration uh this uh pc2 10.20 and n dot 20.1 okay now after this we have to go uh a router console this is branch we have to go through headquarters so we can go here from console and after this you have to wait to start this okay these these are the steps for the for headquarter router for ivy to config terminal okay follow the same step then interface f0 okay then i have to give the ip address ipad two 10.0.11.125 five dot two five five dot two five five dot zero okay now no shut down okay this finish and then exit then after this uh we have go another interface in f01 okay see in the lab manual and we have to write the ip address for this ip for this ip address ip address 10.0.12.1.255.255.255. zero okay now no shutdown then exit then we have to apply the rooting protocol yeah here router e i g rp eigrp one network 0.0.0.0 okay now exit exit now write whatever then because we have to save this it is not like cisco pack addresses so now we have done the configuration for the headquarter after this we are going to internet so for this we have to also go through internet console click right then console then go again here and wait we start okay same we have to follow this up config terminal interface first interface zero zero okay then ip address ipr [Music] 0.12.2 dot two 255.25 five dot two five five zero okay then follow same no shut down okay then exit okay then go another interface in f01 okay for this ipad as ip address 10.0 then no shutdown then exit after this we have to apply the rooting protocol router e i grp1 eirp1 then network 0.0.0 okay then exit exit then right now we have completed the configuration for the internet router after this we have to go branch okay this is the branch router okay just made same thing we have to config terminal in her face branch f 0 1 and then apply ip address 10.0.23.125.255.255.1 zero okay no shutdown okay then go uh uh another interface f zero zero print f zero then apply the ip address and dot zero dot twenty two point [Music] shut down then exit [Music] apply the eirp protocol router router e i g rp one network 0.0.0 [Music] okay now i have configured also the branch then i wr to save this okay now this we have finished the configuration now we are going to check whether this configuration working or not so go pc1 and from we are going to ping the another pc means if you see in the diagram this is the pc one pc one ip address [Music] 10.10.0.11.12 and this pc2 10.02 so from pc1 we are going to ping pc2 if this is working then our configuration is correct okay so this ping n dot 0 dot 22 dot okay now it is working so one step we have finished okay now after this we are going to make the tunnel okay so far this is step three we have to follow for step three we have to go headquarter router okay then same thing we have to follow config terminal okay then policy policy one i see mp okay after this encryption algorithm you try encryption encryption aes 128 bit okay after this authentication please here uh please here authentication please share sh okay then crypto by c a m e six and refer you can write any key but you know what we have to write the same same refer u x 1 2 3 unders 0 you have to follow for the another router that's why i'm checking here it should be the same okay after this crypto ip seg truss form slash set hour set transform crypto ipsec transform set our set just one minute we have to check out the mistakes uh ip say truss cross form set just one minute this command is not complete okay this right we have go through here this command is completed transform set esp encapsulation inside a yes 128 esp slash sj h mag okay it's png esp s128 i think network okay now we have to go exit i'm after this we have to give the access lead ip actually access slash list extended extended how many hundred so i p access list slash extended and then after this we have to give the permission which i paid this we can permit uh permit parameter ip n dot 0 dot 11.0 0.0.0.255 [Music] this is 10.00 0.255 okay so again i'm checking 10.0.11. then 10.022 0.225 okay after this exit okay then we have to write crypto map crypto map our map one ip set high s m okay now we finish up to this much and now go this match match address and okay then set here this is the branch i will 0 223.1 10.0.23 okay then crypto sorry this finished and then set truss form [Music] okay then exit transform set then exit after this interface zero one cape2 [Music] okay then and we have finished the configuration then right again it is safe now we have finished the headquarter router this okay now we have to go for the branch uh means this router because internet we have no control so we can apply here a branch the branch is this okay the same thing you'll be happy to config terminal same policy we have to apply regarding this crypto ic kmp in a able [Music] a policy one okay then encryption encryption yes 128 right encryption in description tree share group 2 hash sha then exit then apply the crypto crypto isc key 6 the same what we have applied in the headquarter we have to apply the same key refer g for refer u x 1 2 3 z for u x 35 address okay then [Music] esp plus e s 128 e s p s h h m a c transform set transform set esp esp [Music] es128 esp [Music] sha hmac this mistakes crypto ip6 2 ip6 i'm crypto ip6 transform okay after this exit then ip access slash list access list extended x10 extend extended now we have to give the permit so what is the permit permit ip n dot 0 dot 22 dot 0 zero point zero point zero two five five ten dot zero dot clay one dot zero zero dot zero dot two five five [Music] 0.25 10.11.0025 okay then exit then crypto map our map one ip seg slash isc mp crypto this my power map one ipc okay now match address 100 okay okay then set truss form [Music] cross form [Music] set our set okay [Music] exit then we have to go in the interface inject then interface f 0 1 then crypto map our map okay now we have finished the configuration of branch and router now i have to go i'm going to test the ping command is working or not working if i apply the same ip we are going to call okay so just do it now it is working okay this because we have applied now if you check again means our security tunnel is working okay now we are going to analyze that our pipeline is uh in clipping or not so for this see here very clear i'm making two then you move here okay now i'm going to capture for this you have to click right then start capture and you put a name or any name no problem so just a key stone so we are going to see okay just a bit see this is the uh from the you can see from internet to branch router okay to see this ip address 10.2 so 10 dot to 2.3.0 and then coming 10.0 to 21 eigrp value okay now this is the eigrp protocol then checksum how it is going now see this now i am going to capture the between because branch to other pc so here we have no apply the security and we are going to check okay so just a bit because we have we started here now just a bit so if you see here uh from branch to you can say uh to pc and there is a no security okay just only eigrp other pro card and 2.2 i know nothing is this frame below ethernet like this okay now if you go here just i'm going to again pin is pcm see okay this is the security encapsulation esp okay so here is come security okay so you can see here security polar okay this means be what we have the security it is encrypted when between the internet and you can say uh from now i'm capturing internet to branch office and if you see here branch to pc dc there is no encapsulation packet okay esp not you okay so encapsulation between uh here this it means our ipsec tunnel is successfully is working okay so i hope that you have understand this video lecture thanks for watching my this video lecture if you have any problem to understand just comment my video i will try to reply this
Info
Channel: RAFEEK KHAN
Views: 7,383
Rating: undefined out of 5
Keywords:
Id: H1_DQ_9e9Vc
Channel Id: undefined
Length: 34min 20sec (2060 seconds)
Published: Tue Feb 22 2022
Related Videos
CCNA DAY 61: Configure Site-to-Site IPsec VPN Using Cisco Packet Tracer | How to configure IPsec VPN
Gurutech Networking Training
18K
MicroNugget: IPsec Site to Site VPN Tunnels Explained | CBT Nuggets
CBT Nuggets
427K
Configuring IPSec VPN | VPN Configuration | IPSec Tunnel | Secure Communication via IPSec VPN
Technical Representators 4 U
1.2K
How to configure VPN site to site on Fortigate
TAN Kirivann
27K
Create an IPsec VPN tunnel using Packet Tracer - CCNA Security
danscourses
315K
How to configure VPN site to site on Cisco Router
TAN Kirivann
2.7K
How to Configure Site to Site IPSec VPN Between Two Cisco Router
TechNet Guide
22K
Create an IPsec VPN tunnel - CCNA Security | Hindi
Tech Guru Manjit
20K
How to make IPsec site to site VPN between FortiGate and PFsense
Aloui Hosni
488
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.