40 lines
1.8 KiB
Markdown
40 lines
1.8 KiB
Markdown
# cisco-ipsec-s2s
|
|
|
|
# Site-to-Site IPsec VPN Configuration with Cisco Routers
|
|
|
|
## Introduction
|
|
|
|
In situations where sensitive data, such as protected health information (PHI) or payment card information (PCI), needs to traverse the internet, IPsec provides a reliable solution for encrypting and securing data in transit.
|
|
|
|
This article will cover the configuration for an IPsec tunnel between two sites using Cisco routers in an emulation software solution called EVE-NG. You should have this in your lab if you're into networking and security. However, regardless of the hardware or software solution, the configuration of IPsec is essentially the same.
|
|
|
|
## Context
|
|
|
|
Organizations handling sensitive data must comply with various regulatory requirements such as PCI-DSS for payment card information or HIPAA for healthcare data. These regulations mandate the use of strong encryption when transmitting sensitive information across public networks.
|
|
|
|
IPsec (Internet Protocol Security) provides a comprehensive framework for securing IP communications through authentication, integrity checking, and encryption. A site-to-site IPsec VPN creates a secure tunnel between two networks, allowing remote locations to communicate securely over the internet.
|
|
|
|
## Topology
|
|
|
|
```
|
|
Site A Network: 192.168.10.0/24
|
|
Router A (R1) ---- Internet ---- Router B (R2)
|
|
Site B Network: 192.168.20.0/24
|
|
|
|
R1 WAN Interface: 203.0.113.1/30
|
|
R2 WAN Interface: 203.0.113.2/30
|
|
```
|
|
|
|
**Network Details:**
|
|
- Site A LAN: 192.168.10.0/24
|
|
- Site B LAN: 192.168.20.0/24
|
|
- WAN Link: 203.0.113.0/30
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
## Configs
|
|
Running configurations will be posted here.
|
|
See [NAXS Labs](https://naxslabs.com/protecting-sensitive-data-with-ipsec/) for full explanation. |